Pull request #4337: build: generate and tag 3.2.2.0

Merge in SNORT/snort3 from ~PRBG/snort3:build_3.2.2.0 to master

Squashed commit of the following:

commit c3d9f95dccdf26bb944b1a706186c7369d31f9c7
Author: Priyanka Gurudev <prbg@cisco.com>
Date:   Mon Jun 3 00:07:05 2024 -0400

    build: generate and tag 3.2.2.0

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 0197a9481b17726779b75f8c8f69c3c64ff861dd..e28e79f7613a4b2e2f14a8373633996a0fcc68da 100644 (file)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -3,7 +3,7 @@ project (snort CXX C)
 
 set (VERSION_MAJOR 3)
 set (VERSION_MINOR 2)
-set (VERSION_PATCH 1)
+set (VERSION_PATCH 2)
 set (VERSION_SUBLEVEL 0)
 set (VERSION "${VERSION_MAJOR}.${VERSION_MINOR}.${VERSION_PATCH}.${VERSION_SUBLEVEL}")
 

diff --git a/ChangeLog.md b/ChangeLog.md
index 16b482d4099afcee5985316f9589022b3c186a2b..036375442106f2a9ecf092807708e062ce7607a1 100644 (file)
--- a/ChangeLog.md
+++ b/ChangeLog.md
@@ -1,3 +1,23 @@
+2024-06-02: 3.2.2.0
+
+* appid: appid cpu profiler max columns
+* appid: re-enabling appid cpu profiler making it thread safe
+* appid: store and retrieve only SNI in AppIdSession
+* appid: updating file_magic.rules with some new file types added to the VDB.
+* dce_smb: do not prune from LRU cache during file tracker update
+* doc: fix formatting in dev_notes.txt
+* flow: add the newly-created flow to p->flow to avoid segv
+* js_norm: stop PDF processing on syntax error
+* main: apply loaded configuration only once
+* packet_capture: make sure packet_capture executed before detection
+* service_inspectors: fix get_buf handling
+* sip: flow clean-up based on lina configured timeout
+* src: remove repetitive words. Thanks @gopherorg for finding those typos
+* src: udpate to resolve new issues
+* stream_tcp: don't attempt to verify or process keep-alive probes with data
+* stream_tcp: fix infinite recursion cases. Thanks to scloder-ut-iso for helping with debug information that uncovered a case of infinite recursion
+* utils: add explicit include
+
 2024-05-16: 3.2.1.0
 
 * framework: supply directories to system headers to plug_gen.sh

diff --git a/cmake/FindDAQ.cmake b/cmake/FindDAQ.cmake
index 596100ba0db470ef675a1cabbe5de6fc0174703b..bd6677e040d120403e9311e24f3d35a3c14153b5 100644 (file)
--- a/cmake/FindDAQ.cmake
+++ b/cmake/FindDAQ.cmake
@@ -16,7 +16,7 @@ This module defines:
 #]=======================================================================]
 
 find_package(PkgConfig)
-pkg_check_modules(PC_DAQ libdaq>=3.0.13)
+pkg_check_modules(PC_DAQ libdaq>=3.0.15)
 
 # Use DAQ_INCLUDE_DIR_HINT and DAQ_LIBRARIES_DIR_HINT from configure_cmake.sh as primary hints
 # and then package config information after that.

diff --git a/doc/reference/snort_reference.text b/doc/reference/snort_reference.text
index 1f5cfd64eebaf45c9bf8a590ecf035b4b9e29205..dde12bc281892e9165471f5e7a470bed05b4042d 100644 (file)
--- a/doc/reference/snort_reference.text
+++ b/doc/reference/snort_reference.text
@@ -8,7 +8,7 @@ Snort 3 Reference Manual
 The Snort Team
 
 Revision History
-Revision 3.2.1.0 2024-05-16 22:50:33 EDT TST
+Revision 3.2.2.0 2024-06-03 00:01:20 EDT TST
 
 ---------------------------------------------------------------------
 
@@ -4710,7 +4710,7 @@ Instance Type: global
 
 Help: raw packet dumping facility
 
-Type: inspector (probe)
+Type: inspector (probe_first)
 
 Usage: global
 
@@ -5333,6 +5333,13 @@ Configuration:
   * int sip.max_via_len = 1024: maximum via field size { 0:65535 }
   * string sip.methods = invite cancel ack bye register options: list
     of methods to check in SIP messages
+  * int sip.sip_timeout = 0: SIP Timeout value in milliseconds { 0: }
+  * int sip.sip_media_timeout = 0: SIP Media timeout milliseconds {
+    0: }
+  * int sip.sip_invite_timeout = 0: SIP Invite timeout milliseconds {
+    0: }
+  * int sip.sip_disconnect_timeout = 0: SIP Disconnect timeout
+    milliseconds { 0: }
 
 Rules:
 
@@ -6034,6 +6041,8 @@ Peg counts:
     (sum)
   * stream_tcp.zero_win_probes: number of tcp zero window probes
     (sum)
+  * stream_tcp.keep_alive_probes: number of tcp keep-alive probes
+    (sum)
   * stream_tcp.proxy_mode_flows: number of flows set to proxy
     normalization policy (sum)
   * stream_tcp.full_retransmits: number of fully retransmitted
@@ -8752,7 +8761,8 @@ Configuration:
   * bool alert_fast.file = false: output to alert_fast.txt instead of
     stdout
   * bool alert_fast.packet = false: output packet dump with alert
-  * bool alert_fast.buffers = false: output IPS buffer dump
+  * enum alert_fast.buffers = none: output IPS buffer dump (evaluated
+    by IPS rule or an inspector) { none | rule | inspector | both }
   * int alert_fast.buffers_depth = 0: number of IPS buffer bytes to
     dump per buffer (0 is unlimited) { 0:maxSZ }
   * int alert_fast.limit = 0: set maximum size in MB before rollover
@@ -9229,7 +9239,8 @@ libraries see the Getting Started section of the manual.
     case
   * int alert_fast.buffers_depth = 0: number of IPS buffer bytes to
     dump per buffer (0 is unlimited) { 0:maxSZ }
-  * bool alert_fast.buffers = false: output IPS buffer dump
+  * enum alert_fast.buffers = none: output IPS buffer dump (evaluated
+    by IPS rule or an inspector) { none | rule | inspector | both }
   * bool alert_fast.file = false: output to alert_fast.txt instead of
     stdout
   * int alert_fast.limit = 0: set maximum size in MB before rollover
@@ -10757,6 +10768,13 @@ libraries see the Getting Started section of the manual.
   * string sip_method.*method: sip method
   * string sip.methods = invite cancel ack bye register options: list
     of methods to check in SIP messages
+  * int sip.sip_disconnect_timeout = 0: SIP Disconnect timeout
+    milliseconds { 0: }
+  * int sip.sip_invite_timeout = 0: SIP Invite timeout milliseconds {
+    0: }
+  * int sip.sip_media_timeout = 0: SIP Media timeout milliseconds {
+    0: }
+  * int sip.sip_timeout = 0: SIP Timeout value in milliseconds { 0: }
   * int sip_stat_code.*code: status code { 1:999 }
   * string smtp.alt_max_command_line_len[].command: command string
   * int smtp.alt_max_command_line_len[].length = 0: specify
@@ -12453,6 +12471,8 @@ libraries see the Getting Started section of the manual.
     number (sum)
   * stream_tcp.invalid_seq_num: tcp packets received with an invalid
     sequence number (sum)
+  * stream_tcp.keep_alive_probes: number of tcp keep-alive probes
+    (sum)
   * stream_tcp.max_bytes: maximum number of bytes queued in any flow
     (max)
   * stream_tcp.max: max tcp sessions (max)

diff --git a/doc/upgrade/snort_upgrade.text b/doc/upgrade/snort_upgrade.text
index b2775dfcef042b88ef9be007dc2eae6e65b4e8a2..a0ce655587ce9603615805ce7db99bc0f3a2c2c0 100644 (file)
--- a/doc/upgrade/snort_upgrade.text
+++ b/doc/upgrade/snort_upgrade.text
@@ -8,7 +8,7 @@ Snort 3 Upgrade Manual
 The Snort Team
 
 Revision History
-Revision 3.2.1.0 2024-05-16 22:51:40 EDT TST
+Revision 3.2.2.0 2024-06-03 00:02:09 EDT TST
 
 ---------------------------------------------------------------------
 

diff --git a/doc/user/snort_user.text b/doc/user/snort_user.text
index 72f751f9fb1db25469362f38bf0a50c410aef7ad..a9270c7299f51c65d0e0390f6fcab4c9c60b3240 100644 (file)
--- a/doc/user/snort_user.text
+++ b/doc/user/snort_user.text
@@ -8,7 +8,7 @@ Snort 3 User Manual
 The Snort Team
 
 Revision History
-Revision 3.2.1.0 2024-05-16 22:50:55 EDT TST
+Revision 3.2.2.0 2024-06-03 00:01:36 EDT TST
 
 ---------------------------------------------------------------------