We are pleased to announce Suricata 4.1.1. This release fixes a number of issues found 4.1. It also adds EVE DNSv1 support for Rust builds.
Changes
- Feature #2637: af-packet: improve error output for BPF loading failure
- Feature #2671: Add Log level to suricata.log when using JSON type
- Bug #2502: suricata.c ConfigGetCaptureValue – PCAP/AFP fallthrough to strip_trailing_plus
- Bug #2528: krb parser not always parsing tgs responses
- Bug #2633: Improve errors handling in AF_PACKET
- Bug #2653: llc detection failure in configure.ac
- Bug #2677: coverity: ja3 potential memory leak
- Bug #2679: build with profiling enabled on generates compile warnings
- Bug #2704: DNSv1 for Rust enabled builds.
- Bug #2705: configure: Test for PyYAML and disable suricata-update if not installed.
- Bug #2716: Stats interval are 1 second too early each tick
- Bug #2717: nfs related panic in 4.1
- Bug #2719: Failed Assertion, Suricata Abort – util-mpm-hs.c line 163 (4.1.x)
- Bug #2723: dns v2 json output should always set top-level rrtype in responses
- Bug #2730: rust/dns/lua – The Lua calls for DNS values when using Rust don’t behave the same as the C implementation.
- Bug #2731: multiple instances of transaction loggers are broken
- Bug #2734: unix runmode deadlock when using too many threads
- Bundled Suricata-Update was updated to 1.0.1
Download
https://www.openinfosecfoundation.org/download/suricata-4.1.1.tar.gz
Special thanks
Jason Taylor, Eric Urban, Mats Klepsland, Pierre Chifflier
Trainings
The 2019 calendar of trainings will be out soon – check back here or follow us on Twitter (@OISFoundation) for all training announcements
Suricon
Suricon 2018 was a great success and the 2019 location has been announced: Amsterdam. Please consider becoming a sponsor! https://suricon.net/
About Suricata
Suricata is a high performance Network Threat Detection, IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by OISF, its supporting vendors and the community.