Pull request #4064: build: generate and tag 3.1.73.0

Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.73.0 to master

Squashed commit of the following:

commit 26cad17bf00a89a84016de1a54f62202ce3d2cfd
Author: Priyanka Gurudev <prbg@cisco.com>
Date:   Mon Oct 23 08:55:22 2023 -0400

    build: generate and tag 3.1.73.0

diff --git a/CMakeLists.txt b/CMakeLists.txt
index ab07da1160bb1f0a978bb31f0f656c41c997388b..9970f2120fd912c96933ae81539a71c9663e3daf 100644 (file)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -3,7 +3,7 @@ project (snort CXX C)
 
 set (VERSION_MAJOR 3)
 set (VERSION_MINOR 1)
-set (VERSION_PATCH 72)
+set (VERSION_PATCH 73)
 set (VERSION_SUBLEVEL 0)
 set (VERSION "${VERSION_MAJOR}.${VERSION_MINOR}.${VERSION_PATCH}.${VERSION_SUBLEVEL}")
 

diff --git a/ChangeLog.md b/ChangeLog.md
index 8117091a489894bc9885ccb8060986af24f777cb..ba1c5502d87f5d95fb01be268c1b717c270ce7a9 100644 (file)
--- a/ChangeLog.md
+++ b/ChangeLog.md
@@ -1,3 +1,16 @@
+2023-10-23: 3.1.73.0
+
+* appid: added support for appid trace logs with multiple logging levels
+* appid: fixing cppcheck issue
+* control: code refactor to support all unix flavors
+* detection: fix cleaning of rule profiling stats when profiling starts
+* host_cache: added segmented cache
+* http_inspect: handle reserved gzip flags
+* http_inspect: response to 0.9 isn't necessarily 0.9
+* profiler: extend field length to support uint64
+* stream: skip duplicated alerts in TcpReassemblerState's list. Thanks wenhao-in-chengdu for reporting the issue and suggesting a fix.
+* stream_tcp: ignore normalization checks when in midstream state
+
 2023-10-10: 3.1.72.0
 
 * active: added API for printing delayed action string

diff --git a/doc/reference/snort_reference.text b/doc/reference/snort_reference.text
index 2dd51ee0fb6794621d09d47792d4aa7b5fc5bbef..dbdd9e32fc7b144e2caba6fb4bce050009210cc6 100644 (file)
--- a/doc/reference/snort_reference.text
+++ b/doc/reference/snort_reference.text
@@ -8,7 +8,7 @@ Snort 3 Reference Manual
 The Snort Team
 
 Revision History
-Revision 3.1.72.0 2023-10-10 22:54:49 EDT TST
+Revision 3.1.73.0 2023-10-23 08:37:59 EDT TST
 
 ---------------------------------------------------------------------
 
@@ -450,6 +450,8 @@ Configuration:
     host table from
   * int attribute_table.max_hosts = 1024: maximum number of hosts in
     attribute table { 32:max53 }
+  * int attribute_table.segments = 4: number of segments of hosts
+    attribute table. It must be power of 2. { 1:32 }
   * int attribute_table.max_services_per_host = 8: maximum number of
     services per host entry in attribute table { 1:65535 }
   * int attribute_table.max_metadata_services = 9: maximum number of
@@ -1800,6 +1802,7 @@ Usage: global
 Configuration:
 
   * int trace.modules.all: enable trace for all modules { 0:255 }
+  * int trace.modules.appid.all: enable all trace options { 0:255 }
   * int trace.modules.dce_smb.all: enable all trace options { 0:255 }
   * int trace.modules.dpx.all: enable all trace options { 0:255 }
   * int trace.modules.file_id.all: enable all trace options { 0:255 }
@@ -4097,6 +4100,7 @@ Rules:
     /1 method
   * 119:287 (http_inspect) HTTP request method is not on allowed
     methods list or is on disallowed methods list
+  * 119:288 (http_inspect) HTTP gzip body with reserved flag set
 
 Peg counts:
 
@@ -9085,6 +9089,8 @@ libraries see the Getting Started section of the manual.
     services in rule { 1:255 }
   * int attribute_table.max_services_per_host = 8: maximum number of
     services per host entry in attribute table { 1:65535 }
+  * int attribute_table.segments = 4: number of segments of hosts
+    attribute table. It must be power of 2. { 1:32 }
   * int base64_decode.bytes: number of base64 encoded bytes to decode
     { 1:max32 }
   * int base64_decode.offset = 0: bytes past start of buffer to start
@@ -10977,6 +10983,7 @@ libraries see the Getting Started section of the manual.
   * string trace.constraints.src_ip: source IP address filter
   * int trace.constraints.src_port: source port filter { 0:65535 }
   * int trace.modules.all: enable trace for all modules { 0:255 }
+  * int trace.modules.appid.all: enable all trace options { 0:255 }
   * int trace.modules.dce_smb.all: enable all trace options { 0:255 }
   * int trace.modules.dpx.all: enable all trace options { 0:255 }
   * int trace.modules.file_id.all: enable all trace options { 0:255 }
@@ -13808,6 +13815,10 @@ list or is on disallowed methods list
 HTTP request method is not on allowed methods list or is on
 disallowed methods list.
 
+119:288 (http_inspect) HTTP gzip body with reserved flag set
+
+HTTP reserved GZIP flags are set
+
 121:1 (http2_inspect) invalid flag set on HTTP/2 frame
 
 Invalid flag set on HTTP/2 frame header

diff --git a/doc/upgrade/snort_upgrade.text b/doc/upgrade/snort_upgrade.text
index f5740076d7d6c4ef944b163e534ce1540ac00cec..77ded0f9cc1d9ec6e9575ae07a051eda48464b91 100644 (file)
--- a/doc/upgrade/snort_upgrade.text
+++ b/doc/upgrade/snort_upgrade.text
@@ -8,7 +8,7 @@ Snort 3 Upgrade Manual
 The Snort Team
 
 Revision History
-Revision 3.1.72.0 2023-10-10 22:55:38 EDT TST
+Revision 3.1.73.0 2023-10-23 08:39:03 EDT TST
 
 ---------------------------------------------------------------------
 

diff --git a/doc/user/snort_user.text b/doc/user/snort_user.text
index da21960d9e79fc0b76bd60382a1588f44b8879e9..054bf2a6a3c73a886acc4cefe554f64a39486c9d 100644 (file)
--- a/doc/user/snort_user.text
+++ b/doc/user/snort_user.text
@@ -8,7 +8,7 @@ Snort 3 User Manual
 The Snort Team
 
 Revision History
-Revision 3.1.72.0 2023-10-10 22:55:06 EDT TST
+Revision 3.1.73.0 2023-10-23 08:38:21 EDT TST
 
 ---------------------------------------------------------------------