+2022/06/16 - 3.1.32.0
+
+appid: config for logging eve process to client mappings
+dce_smb: reduce smb_max_credit range to avoid uint16_t overflow
+detection: remove redundant FIXIT
+ftp_telnet: correct the implementation for check_encrypted and encrypted_data config, handle form-feed as non-encrypted traffic
+ftp_telnet: handle all space characters as a seperator between FTP request command and arguments
+http_inspect: add explicit check for HTML script opening tag ending
+http_inspect: remove unneeded header inclusions and improve cleanup before trailers
+ips_options: improve ips_hash and ips_cvs code coverage
+log: Fixed missing include for Clear Linux build.
+logger: added reload function to create new files when snort reloads
+main: add null check for scratch handler
+mime: cleanup
+modules: resolve int type mismatch in config options
+netflow: fix build on MacOS
+netflow: implement RNA integration for host/service discovery
+netflow: support memcap reconfiguration upon reload
+openssl: Openssl minimum version is set to 1.1.1
+profiler: fix issue with negative number cast to unsigned for max_depth
+rna: reduce range for ttl, fix cast for df, minor and major options. Thanks to liangxwa01 for pointing this out.
+stream_tcp: fix splitter abort handling
+stream_tcp: flip the server_side flag in fallback() and assert what it should be
+utils, parser: remove redundant fixits
+utils: remove curly brace parsing from regex literals
+utils: remove redundant checks in regex groups
+wizard: use const reference instead of copying
+
2022/06/02 - 3.1.31.0
appid: add lock_guard to prevent data race on reload
The Snort Team
Revision History
-Revision 3.1.31.0 2022-06-01 13:59:47 EDT TST
+Revision 3.1.32.0 2022-06-15 10:02:53 EDT TST
---------------------------------------------------------------------
* string dce_smb.smb_invalid_shares: SMB shares to alert on
* bool dce_smb.smb_legacy_mode = false: inspect only SMBv1
* int dce_smb.smb_max_credit = 8192: Maximum number of outstanding
- request { 1:65536 }
+ request { 1:65535 }
* int dce_smb.memcap = 8388608: Memory utilization limit on smb {
512:maxSZ }
in bytes, 0 = unlimited { 0:maxSZ }
* int netflow.template_memcap = 0: maximum memory for template
cache in bytes, 0 = unlimited { 0:maxSZ }
+ * string netflow.netflow_service_id_path: path to file containing
+ service IDs for NetFlow
Peg counts:
* int rna.tcp_fingerprints[].fpid = 0: fingerprint id { 0:max32 }
* int rna.tcp_fingerprints[].type = 0: fingerprint type { 0:max32 }
* string rna.tcp_fingerprints[].uuid: fingerprint uuid
- * int rna.tcp_fingerprints[].ttl = 0: fingerprint ttl { 0:256 }
+ * int rna.tcp_fingerprints[].ttl = 0: fingerprint ttl { 0:255 }
* string rna.tcp_fingerprints[].tcp_window: fingerprint tcp window
* string rna.tcp_fingerprints[].mss = X: fingerprint mss
* string rna.tcp_fingerprints[].id = X: id
* int rna.ua_fingerprints[].fpid = 0: fingerprint id { 0:max32 }
* int rna.ua_fingerprints[].type = 0: fingerprint type { 0:max32 }
* string rna.ua_fingerprints[].uuid: fingerprint uuid
- * int rna.ua_fingerprints[].ttl = 0: fingerprint ttl { 0:256 }
+ * int rna.ua_fingerprints[].ttl = 0: fingerprint ttl { 0:255 }
* string rna.ua_fingerprints[].tcp_window: fingerprint tcp window
* string rna.ua_fingerprints[].mss = X: fingerprint mss
* string rna.ua_fingerprints[].id = X: id
* int rna.udp_fingerprints[].fpid = 0: fingerprint id { 0:max32 }
* int rna.udp_fingerprints[].type = 0: fingerprint type { 0:max32 }
* string rna.udp_fingerprints[].uuid: fingerprint uuid
- * int rna.udp_fingerprints[].ttl = 0: fingerprint ttl { 0:256 }
+ * int rna.udp_fingerprints[].ttl = 0: fingerprint ttl { 0:255 }
* string rna.udp_fingerprints[].tcp_window: fingerprint tcp window
* string rna.udp_fingerprints[].mss = X: fingerprint mss
* string rna.udp_fingerprints[].id = X: id
* int rna.smb_fingerprints[].fpid = 0: fingerprint id { 0:max32 }
* int rna.smb_fingerprints[].type = 0: fingerprint type { 0:max32 }
* string rna.smb_fingerprints[].uuid: fingerprint uuid
- * int rna.smb_fingerprints[].ttl = 0: fingerprint ttl { 0:256 }
+ * int rna.smb_fingerprints[].ttl = 0: fingerprint ttl { 0:255 }
* string rna.smb_fingerprints[].tcp_window: fingerprint tcp window
* string rna.smb_fingerprints[].mss = X: fingerprint mss
* string rna.smb_fingerprints[].id = X: id
* int dce_smb.smb_max_chain = 3: SMB max chain size { 0:255 }
* int dce_smb.smb_max_compound = 3: SMB max compound size { 0:255 }
* int dce_smb.smb_max_credit = 8192: Maximum number of outstanding
- request { 1:65536 }
+ request { 1:65535 }
* multi dce_smb.valid_smb_versions = all: valid SMB versions { v1 |
v2 | all }
* bool dce_tcp.disable_defrag = false: disable DCE/RPC
shutdown; won’t dump by default
* int netflow.flow_memcap = 0: maximum memory for flow record cache
in bytes, 0 = unlimited { 0:maxSZ }
+ * string netflow.netflow_service_id_path: path to file containing
+ service IDs for NetFlow
* bool netflow.rules[].create_host = false: generate a new host
event
* bool netflow.rules[].create_service = false: generate a new or
* string rna.smb_fingerprints[].mss = X: fingerprint mss
* string rna.smb_fingerprints[].tcp_window: fingerprint tcp window
* string rna.smb_fingerprints[].topts: fingerprint tcp options
- * int rna.smb_fingerprints[].ttl = 0: fingerprint ttl { 0:256 }
+ * int rna.smb_fingerprints[].ttl = 0: fingerprint ttl { 0:255 }
* int rna.smb_fingerprints[].type = 0: fingerprint type { 0:max32 }
* enum rna.smb_fingerprints[].ua_type = os: type of user agent
fingerprints { os | device | jail-broken | jail-broken-host }
* string rna.tcp_fingerprints[].mss = X: fingerprint mss
* string rna.tcp_fingerprints[].tcp_window: fingerprint tcp window
* string rna.tcp_fingerprints[].topts: fingerprint tcp options
- * int rna.tcp_fingerprints[].ttl = 0: fingerprint ttl { 0:256 }
+ * int rna.tcp_fingerprints[].ttl = 0: fingerprint ttl { 0:255 }
* int rna.tcp_fingerprints[].type = 0: fingerprint type { 0:max32 }
* enum rna.tcp_fingerprints[].ua_type = os: type of user agent
fingerprints { os | device | jail-broken | jail-broken-host }
* string rna.ua_fingerprints[].mss = X: fingerprint mss
* string rna.ua_fingerprints[].tcp_window: fingerprint tcp window
* string rna.ua_fingerprints[].topts: fingerprint tcp options
- * int rna.ua_fingerprints[].ttl = 0: fingerprint ttl { 0:256 }
+ * int rna.ua_fingerprints[].ttl = 0: fingerprint ttl { 0:255 }
* int rna.ua_fingerprints[].type = 0: fingerprint type { 0:max32 }
* enum rna.ua_fingerprints[].ua_type = os: type of user agent
fingerprints { os | device | jail-broken | jail-broken-host }
* string rna.udp_fingerprints[].mss = X: fingerprint mss
* string rna.udp_fingerprints[].tcp_window: fingerprint tcp window
* string rna.udp_fingerprints[].topts: fingerprint tcp options
- * int rna.udp_fingerprints[].ttl = 0: fingerprint ttl { 0:256 }
+ * int rna.udp_fingerprints[].ttl = 0: fingerprint ttl { 0:255 }
* int rna.udp_fingerprints[].type = 0: fingerprint type { 0:max32 }
* enum rna.udp_fingerprints[].ua_type = os: type of user agent
fingerprints { os | device | jail-broken | jail-broken-host }
projects / thirdparty / snort3.git / commitdiff
