Suricata 7.0.3 and 6.0.16 released

We are pleased to announce the releases of Suricata 7.0.3 and 6.0.16.
These are security releases, fixing a number of important issues.

Get the releases here:
7.0.3: https://www.openinfosecfoundation.org/download/suricata-7.0.3.tar.gz
6.0.16: https://www.openinfosecfoundation.org/download/suricata-6.0.16.tar.gz

Notable Changes

LibHTP required version is 0.5.46. This is the version that is bundled with the releases.

Various security, performance, accuracy, and stability issues have been fixed.

Tickets for 7.0.3: 7.0.3 – Suricata – Open Information Security Foundation
Tickets for 6.0.16: 6.0.16 – Suricata – Open Information Security Foundation

These releases address CVE IDs:

Suricata:

CVE-2024-23839 – Critical severity
CVE-2024-23836 – Critical severity
CVE-2024-23835 – High severity
CVE-2024-24568 – Moderate severity

Security Advisories: Security Advisories · OISF/suricata · GitHub

LibHTP:

CVE-2024-23837 – Critical severity

Security Advisories: Security Advisories · OISF/libhtp · GitHub

Special Thanks

Daniel Olatunji, daniel zhao, Eric Leblond, Gleb Smirnoff, Hadiqa Alamdar Bukhari, Ilya Bakhtin, jason taylor, Kirjan Kohuladas, Liza Opar, Stephen Donelly, Travis Green, Vincent Li, Oss-Fuzz, Coverity, Outreachy.

About Suricata

Suricata is a high-performance Network Threat Detection, IDS, IPS, and Network Security Monitoring engine. Open-source and owned by a community-run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by OISF, its supporting vendors, and the community.

Join Us for SuriCon 2024!

We are excited to meet our community live again this year in Madrid, Spain, November 13-15 2024 for SuriCon2024.

Don’t miss out!

Call for talks and registrations are now open: https://suricon.net/