Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.69.0 to master
Squashed commit of the following:
commit
0790c83baa10bb571b4862b29c14090992a023e2
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Sun Aug 27 10:09:40 2023 -0400
build: generate and tag 3.1.69.0
set (VERSION_MAJOR 3)
set (VERSION_MINOR 1)
-set (VERSION_PATCH 68)
+set (VERSION_PATCH 69)
set (VERSION_SUBLEVEL 0)
set (VERSION "${VERSION_MAJOR}.${VERSION_MINOR}.${VERSION_PATCH}.${VERSION_SUBLEVEL}")
+2023-08-27: 3.1.69.0
+
+* appid: mark ssl appid lookup successful if a service id is available
+* appid: prefer eve client over appid detected client after decryption and use appid detected client version if eve client equals appid client
+* dce_rpc: fix stats for client/server segments reassembled. Thanks to Bader-eddine Ouaich for addressing the issue.
+* dns: updates to allow DNS to be compiled dynamically.
+* framework: add virtual for inspectors that publish data when no ips policy is enabled.
+* http2_inspect: add frame when logging a packet
+* http2_inspect: handle empty header name
+* http2_inspect: update connection settings on ack
+* http2_inspect: update test tool configurations
+* http_inspect: adjust formatting
+* inspector: export get_service_inspector_by_service method
+* mime: fix boundary search
+* mime: postpone boundary-look-alike data till the next PDU arrives
+* mime: support transport padding in boundary strings
+
2023-08-14: 3.1.68.0
* appid, cip: parsing cip safety segments
The Snort Team
Revision History
-Revision 3.1.68.0 2023-08-14 22:06:48 EDT TST
+Revision 3.1.69.0 2023-08-27 09:33:21 EDT TST
---------------------------------------------------------------------
protocol error
* 121:40 (http2_inspect) invalid HTTP/2 PRIORITY frame
* 121:41 (http2_inspect) invalid HTTP/2 GOAWAY frame
+ * 121:42 (http2_inspect) too many unacknowledged settings
+ * 121:43 (http2_inspect) setting acknowledgment without actual
+ settings
Peg counts:
Invalid HTTP/2 GOAWAY frame. R bit is set or stream ID is not 0 or
length is less than 8.
+121:42 (http2_inspect) too many unacknowledged settings
+
+More than 6 unacknowledged settings frames.
+
+121:43 (http2_inspect) setting acknowledgment without actual settings
+
+Unexpected settings ACK.
+
122:1 (port_scan) TCP portscan
Basic one host to one host TCP portscan where multiple TCP ports are
The Snort Team
Revision History
-Revision 3.1.68.0 2023-08-14 22:07:52 EDT TST
+Revision 3.1.69.0 2023-08-27 09:34:29 EDT TST
---------------------------------------------------------------------
The Snort Team
Revision History
-Revision 3.1.68.0 2023-08-14 22:07:09 EDT TST
+Revision 3.1.69.0 2023-08-27 09:33:44 EDT TST
---------------------------------------------------------------------
projects / thirdparty / snort3.git / commitdiff
