Suricata 4.1.4 released

We’re pleased to announce Suricata 4.1.4. This release fixes a number of issues found in the 4.1 branch.

Get the release here: https://www.openinfosecfoundation.org/download/suricata-4.1.4.tar.gz

Changes

  • Bug #2870: pcap logging with lz4 coverity warning
  • Bug #2883: ssh: heap buffer overflow
  • Bug #2884: mpls: heapbuffer overflow in file decode-mpls.c
  • Bug #2887: decode-ethernet: heapbuffer overflow in file decode-ethernet.c
  • Bug #2888: 4.1.3 core in HCBDCreateSpace
  • Bug #2894: smb 1 create andx request does not parse the filename correctly
  • Bug #2902: rust/dhcp: panic in dhcp parser
  • Bug #2903: mpls: cast of misaligned data leads to undefined behavior
  • Bug #2904: rust/ftp: panic in ftp parser
  • Bug #2943: rust/nfs: integer underflow
  • This release includes Suricata-Update 1.0.5

Special thanks

Alexander Bluhm, Giuseppe Longo, Max Fillinger, Wesley van der Ree, Jason Taylor
Sirko Höer — Code Intelligence GmbH, DCSO.

Trainings

See https://suricata_events.eventbrite.com/ for the current list of planned training sessions.

Suricon

The CFP for Suricon 2019 is open! Submit your talk proposal at: https://suricon.net/

About Suricata

Suricata is a high performance Network Threat Detection, IDS, IPS and Network Security Monitoring engine. Open source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by OISF, its supporting vendors and the community.