Suricata 7.0.6 and 6.0.20 released

We are pleased to announce the releases of Suricata 7.0.6 and 6.0.20.
These are security releases, fixing a number of important issues.

Get the releases here:

Notable Changes

Various security, performance, accuracy, and stability issues have been fixed.


JA4 for TLS and QUIC has been backported to Suricata 7.0.6.

It is disabled by default. If rules use JA4, it will be partially enabled. Alerts will be generated and contain the JA4 in the alert record. TLS records in EVE will only add JA4 when explicitly enabled in the configuration.

CVE IDs Addressed:

CVE-2024-37151: CRITICAL (7.0.5 and 6.0.19)
CVE-2024-38536: HIGH (7.0.5)
CVE-2024-38534: HIGH (7.0.5)
CVE-2024-38535: CRITICAL (7.0.5) / MODERATE (6.0.19)

Suricata Security Advisories: Security Advisories · OISF/suricata · GitHub

Special Thanks

Léopold Ouairy, Pascal Melin and Robinson Maigne. Alexey Simakov, Eric Leblond, jason taylor, Richard McConnel, Sascha Steinbiss, Oss-Fuzz, Coverity.

EOL for Suricata 6

The Suricata 6.0.x branch will go End of Life (EOL) in July 2024. This means no more support, updates and fixes for the 6.0.x branch. 6.0.20 is likely the last release in the 6-series.

All users of Suricata 6 or earlier are strongly recommended to update to Suricata 7 as soon as possible.

More information on the EOL policy: EOL Policy – Suricata.

Join Us for SuriCon 2024!

We are excited to meet our community live again this year in Madrid, Spain, November 13-15 2024 for SuriCon2024.

Don’t miss out!

Register for SuriCon and the pre-conference training sessions:

About Suricata

Suricata is a high-performance Network Threat Detection, IDS, IPS, and Network Security Monitoring engine. Open-source and owned by a community-run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by OISF, its supporting vendors, and the community.

Note: originally published on our forum: