From: Philippe Antoine Date: Tue, 9 Sep 2025 12:44:16 +0000 (+0200) Subject: doc: upgrade note about keyword tls.cert_subject X-Git-Tag: suricata-8.0.1~8 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9146fc8957910380936047ca1e6089c843d58aa9;p=thirdparty%2Fsuricata.git doc: upgrade note about keyword tls.cert_subject Following commit 5379b52af2df9eb2911fc4655d5db5defcecb863 rules that use multiple times the keyword tls.cert_subject will result in Warning: detect: duplicate instance for tls.cert_subject These rules likely meant to use a multi-buffer which is not the case for tls.cert_subject (even if it was documented so). Ticket: 7890 This is put in a new section of upgrade notes for upgrading to 8.0.1 --- diff --git a/doc/userguide/upgrade.rst b/doc/userguide/upgrade.rst index 7fc0339bf7..1e9d4ca3c1 100644 --- a/doc/userguide/upgrade.rst +++ b/doc/userguide/upgrade.rst @@ -34,6 +34,21 @@ also check all the new features that have been added but are not covered by this guide. Those features are either not enabled by default or require dedicated new configuration. +Upgrading to 8.0.1 +------------------ + +Major changes +~~~~~~~~~~~~~ + +- Various expected PPP packet types will no longer be marked as Unsupported Protocol + when in a PPPOE packet. +- Added Cisco Discovery Protocol Control Protocol as a valid PPP packet. + +Keyword changes +~~~~~~~~~~~~~~~ +- Usage of multiple ``tls.cert_subject`` in a rule will print a warning + as this keyword was not and is not implemented as a multi-buffer. + Upgrading 7.0 to 8.0 -------------------- .. note:: ``stats.whitelist`` has been renamed to ``stats.score`` in ``eve.json`` @@ -176,9 +191,6 @@ Major changes of a request/response in the respective direction. This means that earlier a content that matched just because it fell in the inspection chunk without wholly belonging to any one request/response may not match any longer. -- Various expected PPP packet types will no longer be marked as Unsupported Protocol - when in a PPPOE packet. -- Added Cisco Discovery Protocol Control Protocol as a valid PPP packet. Removals ~~~~~~~~