Pull request #4856: build: generate and tag 3.9.3.0

Merge in SNORT/snort3 from ~PRBG/snort3:build_3.9.3.0 to master

Squashed commit of the following:

commit 47b2f71fdae20b6e6db08434adf26f9909b3cc0b
Author: Priyanka Gurudev <prbg@cisco.com>
Date:   Sun Aug 10 20:24:47 2025 -0400

    build: generate and tag 3.9.3.0

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 6beb2c08f83c81fa0bdfe0321768c96d50a1f2ff..3a840ba3a0d29be3394ce1f0ffd20d87bef4e0c0 100644 (file)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -3,7 +3,7 @@ project (snort CXX C)
 
 set (VERSION_MAJOR 3)
 set (VERSION_MINOR 9)
 
 set (VERSION_MAJOR 3)
 set (VERSION_MINOR 9)

-set (VERSION_PATCH 2)
+set (VERSION_PATCH 3)

 set (VERSION_SUBLEVEL 0)
 set (VERSION "${VERSION_MAJOR}.${VERSION_MINOR}.${VERSION_PATCH}.${VERSION_SUBLEVEL}")
 
 set (VERSION_SUBLEVEL 0)
 set (VERSION "${VERSION_MAJOR}.${VERSION_MINOR}.${VERSION_PATCH}.${VERSION_SUBLEVEL}")
 

diff --git a/ChangeLog.md b/ChangeLog.md
index 65f41076812ccdddcce3a7362dcab10c8cf2955a..32e01ecb739e8b5c9fdeaa9b1897b76c95d41859 100644 (file)
--- a/ChangeLog.md
+++ b/ChangeLog.md
@@ -1,3 +1,38 @@
+2025-08-10: 3.9.3.0
+
+* appid: accounting for tmp offset in RPC
+* appid: change appid_shadow_traffic_status to atomic for thread safety
+* appid: combined host pattern matchers
+* appid: fix ASAN issue in AppIdHttpSession::set_req_body_field
+* appid: fix out-of-bounds caused by strncat in identify_user_agent
+* appid: getting packet from event than from detectionengine
+* appid: out-of-range readings fix
+* appid: prevent out_of_range and invalid_argument in rpc
+* appid: rpc integer overflow fix
+* build: enable exporting compile commands
+* dce_rpc: checked for integer overflow of smb_hdr + next_command_offset
+* dce_rpc: checking integer overflow on data_offset + data_length
+* detection: extract children-related evaluation logic into separated functions
+* detection: extract current node evaluation logic into separated function
+* detection: fix compile warnings in detection_options.cc
+* file_api: multi-process snort file cache crash fix
+* file_api: multi process snort file cache sharing crash fix
+* helpers: ringLogic framework updated to use atomic than volatile
+* http_inspect: add peg count for when published body has hit the requested max size
+* iec104: fallback functionality for abort scenario
+* logger: add batched logger to improve packet_tracer output performace
+* logger: add cpu affinity for log writer thread
+* main: notify DAQ via ioctl message when a packet is injected
+* mime: fix out-of-bounds in case of short boundary chunks
+* packet_tracer: file output will not be using batched logger
+* service_inspectors: Added random base file id generation for imap/pop/smtp.
+* smtp: fix overflow caused by tls data processing in smtp
+* stream_tcp: add splitter restart function, restart when hole skipped by AtomSplitter
+* stream_tcp: fix issues with skipping seglist holes in ids mode
+* stream_tcp: when reassembly is disable/ignored update rcv_nxt to left edge of first hole or to end of seglist
+* vba_decompress: avoiding heap buffer overflows
+* vba_decompress: exception handled
+

 2025-07-20: 3.9.2.0
 
 * build: fix comparison of empty integers. Thanks to Hatix Ntsoa.
 2025-07-20: 3.9.2.0
 
 * build: fix comparison of empty integers. Thanks to Hatix Ntsoa.

diff --git a/cmake/FindDAQ.cmake b/cmake/FindDAQ.cmake
index ffccd31f954388bf371410baca08e49cff2929f5..d607d19913e471098dc4fd9eed5965939180b609 100644 (file)
--- a/cmake/FindDAQ.cmake
+++ b/cmake/FindDAQ.cmake
@@ -16,7 +16,7 @@ This module defines:
 #]=======================================================================]
 
 find_package(PkgConfig)
 #]=======================================================================]
 
 find_package(PkgConfig)

-pkg_check_modules(PC_DAQ libdaq>=3.0.20)
+pkg_check_modules(PC_DAQ libdaq>=3.0.21)

 
 # Use DAQ_INCLUDE_DIR_HINT and DAQ_LIBRARIES_DIR_HINT from configure_cmake.sh as primary hints
 # and then package config information after that.
 
 # Use DAQ_INCLUDE_DIR_HINT and DAQ_LIBRARIES_DIR_HINT from configure_cmake.sh as primary hints
 # and then package config information after that.

diff --git a/doc/reference/snort_reference.text b/doc/reference/snort_reference.text
index 3b3bddd47e1bd189df17aeda0bf89efe0bc3db91..3e0b733298d218fead53d9d8a7d616d80175fef6 100644 (file)
--- a/doc/reference/snort_reference.text
+++ b/doc/reference/snort_reference.text
@@ -8,7 +8,7 @@ Snort 3 Reference Manual
 The Snort Team
 
 Revision History
 The Snort Team
 
 Revision History

-Revision 3.9.2.0 2025-07-20 23:16:33 EDT TST
+Revision 3.9.3.0 2025-08-10 20:21:55 EDT TST

 
 ---------------------------------------------------------------------
 
 
 ---------------------------------------------------------------------
 


@@ -1301,7 +1301,7 @@ Configuration:
 Commands:
 
   * packet_tracer.enable(proto, src_ip, src_port, dst_ip, dst_port,
 Commands:
 
   * packet_tracer.enable(proto, src_ip, src_port, dst_ip, dst_port,

-    tenants): enable packet tracer debugging
+    tenants, regex, stop_after_match): enable packet tracer debugging

   * packet_tracer.disable(): disable packet tracer
 
 
   * packet_tracer.disable(): disable packet tracer
 
 


@@ -4405,6 +4405,8 @@ Peg counts:
     bodies compressed with known but not supported methods (sum)
   * http_inspect.compressed_unknown: total number of HTTP bodies
     compressed with unknown methods (sum)
     bodies compressed with known but not supported methods (sum)
   * http_inspect.compressed_unknown: total number of HTTP bodies
     compressed with unknown methods (sum)

+  * http_inspect.max_publish_depth_hits: total number of times the
+    maximum publish depth was exceeded (sum)

 
 
 5.27. iec104
 
 
 5.27. iec104


@@ -6313,6 +6315,8 @@ Peg counts:
     service inspector (sum)
   * stream_tcp.partial_fallbacks: count of fallbacks from assigned
     service stream splitter (sum)
     service inspector (sum)
   * stream_tcp.partial_fallbacks: count of fallbacks from assigned
     service stream splitter (sum)

+  * stream_tcp.splitter_restarts: count of splitter restarts from
+    skipping seglist holes (sum)

   * stream_tcp.max_segs: maximum number of segments queued in any
     flow (max)
   * stream_tcp.max_bytes: maximum number of bytes queued in any flow
   * stream_tcp.max_segs: maximum number of segments queued in any
     flow (max)
   * stream_tcp.max_bytes: maximum number of bytes queued in any flow


@@ -12342,6 +12346,8 @@ libraries see the Getting Started section of the manual.
     (sum)
   * http_inspect.max_concurrent_sessions: maximum concurrent http
     sessions (max)
     (sum)
   * http_inspect.max_concurrent_sessions: maximum concurrent http
     sessions (max)

+  * http_inspect.max_publish_depth_hits: total number of times the
+    maximum publish depth was exceeded (sum)

   * http_inspect.options_requests: OPTIONS requests inspected (sum)
   * http_inspect.other_requests: other request methods inspected
     (sum)
   * http_inspect.options_requests: OPTIONS requests inspected (sum)
   * http_inspect.other_requests: other request methods inspected
     (sum)


@@ -13014,6 +13020,8 @@ libraries see the Getting Started section of the manual.
     flushed when session released (sum)
   * stream_tcp.sessions: total tcp sessions (sum)
   * stream_tcp.setups: session initializations (sum)
     flushed when session released (sum)
   * stream_tcp.sessions: total tcp sessions (sum)
   * stream_tcp.setups: session initializations (sum)

+  * stream_tcp.splitter_restarts: count of splitter restarts from
+    skipping seglist holes (sum)

   * stream_tcp.stale_packets: tcp stale packets (sum)
   * stream_tcp.syn_acks: number of syn-ack packets (sum)
   * stream_tcp.syn_ack_trackers: tcp session tracking started on
   * stream_tcp.stale_packets: tcp stale packets (sum)
   * stream_tcp.syn_acks: number of syn-ack packets (sum)
   * stream_tcp.syn_ack_trackers: tcp session tracking started on


@@ -16509,7 +16517,7 @@ alert is raised by the enhanced JavaScript normalizer.
     capture_path, max_packet_count): capture raw packets
   * packet_capture.disable(): stop packet capturing
   * packet_tracer.enable(proto, src_ip, src_port, dst_ip, dst_port,
     capture_path, max_packet_count): capture raw packets
   * packet_capture.disable(): stop packet capturing
   * packet_tracer.enable(proto, src_ip, src_port, dst_ip, dst_port,

-    tenants): enable packet tracer debugging
+    tenants, regex, stop_after_match): enable packet tracer debugging

   * packet_tracer.disable(): disable packet tracer
   * perf_monitor.enable_flow_ip_profiling(seconds, packets,
     flow_ip_all): enable all statistics on host pairs
   * packet_tracer.disable(): disable packet tracer
   * perf_monitor.enable_flow_ip_profiling(seconds, packets,
     flow_ip_all): enable all statistics on host pairs

diff --git a/doc/upgrade/snort_upgrade.text b/doc/upgrade/snort_upgrade.text
index a997741d8a230ea342e91a8ad9f133383caf8dc3..aa1c5f9b6d57a41b10538037a9d8103aa82d9ad8 100644 (file)
--- a/doc/upgrade/snort_upgrade.text
+++ b/doc/upgrade/snort_upgrade.text
@@ -8,7 +8,7 @@ Snort 3 Upgrade Manual
 The Snort Team
 
 Revision History
 The Snort Team
 
 Revision History

-Revision 3.9.2.0 2025-07-20 23:17:26 EDT TST
+Revision 3.9.3.0 2025-08-10 20:22:47 EDT TST

 
 ---------------------------------------------------------------------
 
 
 ---------------------------------------------------------------------
 

diff --git a/doc/user/snort_user.text b/doc/user/snort_user.text
index b9e9331d1f4be148240e7bf9234b1efae2137a1b..fd4a5fab581d048e39ca036d96661df8c02f254c 100644 (file)
--- a/doc/user/snort_user.text
+++ b/doc/user/snort_user.text
@@ -8,7 +8,7 @@ Snort 3 User Manual
 The Snort Team
 
 Revision History
 The Snort Team
 
 Revision History

-Revision 3.9.2.0 2025-07-20 23:16:51 EDT TST
+Revision 3.9.3.0 2025-08-10 20:22:12 EDT TST

 
 ---------------------------------------------------------------------
 
 
 ---------------------------------------------------------------------