+7.0.4 -- 2024-03-19
+
+Security #6868: eve: excessive ssh long banner logging (7.0.x backport)(CVE 2024-28870)
+Security #6801: ssh: quadratic complexity in overlong banner (7.0.x backport)(CVE 2024-28870)
+Security #6759: libhtp: quadratic complexity checking after request line mission protocol (7.0.x backport)(CVE 2024-28871)
+Security #6798: output/filestore: timeout because of running OutputTxLog on useless packets (7.0.x backport)
+Bug #6842: Error message from netmap when using Netmap pipes (with lb) (7.0.x backport)
+Bug #6828: dpdk: NUMA warning on non-NUMA system (7.0.x backport)
+Bug #6816: capture plugins: capture plugins unusable due to initialization order (7.0.x backport)
+Bug #6812: pfring: memory leak (7.0.x backport)
+Bug #6810: decode/pppoe: Suspicious pointer scaling (7.0.x backport)
+Bug #6791: cppcheck 2.11 errors (7.0.x backport)
+Bug #6785: detect/tls.certs: direction flag checked against wrong field (7.0.x backport)
+Bug #6784: util/mime: Memory leak at util-decode-mime.c:MimeDecInitParser (7.0.x backport)
+Bug #6768: multi-tenancy: dead lock during tenant loading (7.0.x backport)
+Bug #6765: Hugepages Error for FreeBSD when kernel NUMA build option is not enabled (7.0.x backport)
+Bug #6764: Huge increase on Suricata load time with a lot of ip-only rules and bigger HOME_NET (7.0.x backport)
+Bug #6761: Hugepages Error for ARM64 and af-packet IPS mode (7.0.x backport)
+Bug #6756: Netmap: deadlock if netmap_open fails (7.0.x backport)
+Bug #6746: Suricata 7.0.2 parent interface object in stats contains VLAN-ID as keys (7.0.x backport)
+Bug #6742: dpdk: automatic cache calculation is broken (7.0.x backport)
+Bug #6738: dpdk: property configuration can lead to integer overflow (7.0.x backport)
+Bug #6734: tcp: tcp flow flags changing incorrectly when ruleset contains content matching (7.0.x backport)
+Bug #6622: detect/filestore: flow, to_server was broken by moving files into transactions (7.0.x backport)
+Bug #6593: mqtt: frames on TCP are not set properly when parsing multiple PDUs in one go (7.0.x backport)
+Bug #6580: ssh: no alert on packet with Message Code: New Keys (21) (7.0.x backport)
+Bug #6538: drop: assertion failed !(PKT_IS_PSEUDOPKT(p)) && !PacketCheckAction(p, ACTION_DROP) (7.0.x backport)
+Bug #6537: detect/filestore: be more explicit about the U16_MAX limit per signature group head (7.0.x backport)
+Optimization #6774: app-layer/template: no limit on txs number (7.0.x backport)
+Feature #6740: dpdk: warn the user if user-settings are adjusted to the device capabilities (7.0.x backport)
+Task #6870: libhtp 0.5.47 (7.0.x backport)
+Task #6749: doc: mention X710 RX descriptor limitation (7.0.x backport)
+Documentation #6709: userguide/payload: fix explanation about bsize ranges (7.0.x backport)
+
7.0.3 -- 2024-02-08
Security #6717: http2: evasion by splitting header fields over frames (7.0.x backport)
- AC_INIT([suricata],[7.0.4-dev])
+ AC_INIT([suricata],[7.0.4])
m4_ifndef([AM_SILENT_RULES], [m4_define([AM_SILENT_RULES],[])])AM_SILENT_RULES([yes])
AC_CONFIG_HEADERS([src/autoconf.h])
AC_CONFIG_SRCDIR([src/suricata.c])
echo
exit 1
fi
- PKG_CHECK_MODULES(LIBHTPMINVERSION, [htp >= 0.5.46],[libhtp_minver_found="yes"],[libhtp_minver_found="no"])
+ PKG_CHECK_MODULES(LIBHTPMINVERSION, [htp >= 0.5.47],[libhtp_minver_found="yes"],[libhtp_minver_found="no"])
if test "$libhtp_minver_found" = "no"; then
PKG_CHECK_MODULES(LIBHTPDEVVERSION, [htp = 0.5.X],[libhtp_devver_found="yes"],[libhtp_devver_found="no"])
if test "$libhtp_devver_found" = "no"; then
echo
- echo " ERROR! libhtp was found but it is neither >= 0.5.46, nor the dev 0.5.X"
+ echo " ERROR! libhtp was found but it is neither >= 0.5.47, nor the dev 0.5.X"
echo
exit 1
fi
projects / thirdparty / suricata.git / commitdiff
