From: Priyanka Bangalore Gurudev (prbg) Date: Mon, 28 Aug 2023 20:54:25 +0000 (+0000) Subject: Pull request #3973: build: generate and tag 3.1.69.0 X-Git-Tag: 3.1.69.0^0 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0649974b0f946b0de2f29c3edd55852c88e00013;p=thirdparty%2Fsnort3.git Pull request #3973: build: generate and tag 3.1.69.0 Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.69.0 to master Squashed commit of the following: commit 0790c83baa10bb571b4862b29c14090992a023e2 Author: Priyanka Gurudev Date: Sun Aug 27 10:09:40 2023 -0400 build: generate and tag 3.1.69.0 --- diff --git a/CMakeLists.txt b/CMakeLists.txt index 68fe07a2d..23b44555d 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -3,7 +3,7 @@ project (snort CXX C) set (VERSION_MAJOR 3) set (VERSION_MINOR 1) -set (VERSION_PATCH 68) +set (VERSION_PATCH 69) set (VERSION_SUBLEVEL 0) set (VERSION "${VERSION_MAJOR}.${VERSION_MINOR}.${VERSION_PATCH}.${VERSION_SUBLEVEL}") diff --git a/ChangeLog.md b/ChangeLog.md index c8b29c6dd..266de84bd 100644 --- a/ChangeLog.md +++ b/ChangeLog.md @@ -1,3 +1,20 @@ +2023-08-27: 3.1.69.0 + +* appid: mark ssl appid lookup successful if a service id is available +* appid: prefer eve client over appid detected client after decryption and use appid detected client version if eve client equals appid client +* dce_rpc: fix stats for client/server segments reassembled. Thanks to Bader-eddine Ouaich for addressing the issue. +* dns: updates to allow DNS to be compiled dynamically. +* framework: add virtual for inspectors that publish data when no ips policy is enabled. +* http2_inspect: add frame when logging a packet +* http2_inspect: handle empty header name +* http2_inspect: update connection settings on ack +* http2_inspect: update test tool configurations +* http_inspect: adjust formatting +* inspector: export get_service_inspector_by_service method +* mime: fix boundary search +* mime: postpone boundary-look-alike data till the next PDU arrives +* mime: support transport padding in boundary strings + 2023-08-14: 3.1.68.0 * appid, cip: parsing cip safety segments diff --git a/doc/reference/snort_reference.text b/doc/reference/snort_reference.text index a985c36c2..ccda664f8 100644 --- a/doc/reference/snort_reference.text +++ b/doc/reference/snort_reference.text @@ -8,7 +8,7 @@ Snort 3 Reference Manual The Snort Team Revision History -Revision 3.1.68.0 2023-08-14 22:06:48 EDT TST +Revision 3.1.69.0 2023-08-27 09:33:21 EDT TST --------------------------------------------------------------------- @@ -3790,6 +3790,9 @@ Rules: protocol error * 121:40 (http2_inspect) invalid HTTP/2 PRIORITY frame * 121:41 (http2_inspect) invalid HTTP/2 GOAWAY frame + * 121:42 (http2_inspect) too many unacknowledged settings + * 121:43 (http2_inspect) setting acknowledgment without actual + settings Peg counts: @@ -13979,6 +13982,14 @@ Invalid HTTP/2 PRIORITY frame. Stream ID is 0 or length is not 5. Invalid HTTP/2 GOAWAY frame. R bit is set or stream ID is not 0 or length is less than 8. +121:42 (http2_inspect) too many unacknowledged settings + +More than 6 unacknowledged settings frames. + +121:43 (http2_inspect) setting acknowledgment without actual settings + +Unexpected settings ACK. + 122:1 (port_scan) TCP portscan Basic one host to one host TCP portscan where multiple TCP ports are diff --git a/doc/upgrade/snort_upgrade.text b/doc/upgrade/snort_upgrade.text index a802aacd8..1fcd66f2e 100644 --- a/doc/upgrade/snort_upgrade.text +++ b/doc/upgrade/snort_upgrade.text @@ -8,7 +8,7 @@ Snort 3 Upgrade Manual The Snort Team Revision History -Revision 3.1.68.0 2023-08-14 22:07:52 EDT TST +Revision 3.1.69.0 2023-08-27 09:34:29 EDT TST --------------------------------------------------------------------- diff --git a/doc/user/snort_user.text b/doc/user/snort_user.text index bb1c514c6..7c9166fca 100644 --- a/doc/user/snort_user.text +++ b/doc/user/snort_user.text @@ -8,7 +8,7 @@ Snort 3 User Manual The Snort Team Revision History -Revision 3.1.68.0 2023-08-14 22:07:09 EDT TST +Revision 3.1.69.0 2023-08-27 09:33:44 EDT TST ---------------------------------------------------------------------