From: Priyanka Bangalore Gurudev (prbg) Date: Tue, 30 Jul 2024 15:07:29 +0000 (+0000) Subject: Pull request #4403: build: generate and tag 3.3.2.0 X-Git-Tag: 3.3.2.0 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1c574793564fd1256c08be1177b2e595d3592547;p=thirdparty%2Fsnort3.git Pull request #4403: build: generate and tag 3.3.2.0 Merge in SNORT/snort3 from ~PRBG/snort3:build_3.3.2.0 to master Squashed commit of the following: commit db1e757989f585f87ad6ab401f3d4a02c1321599 Author: Priyanka Gurudev Date: Mon Jul 29 22:07:12 2024 -0400 build: generate and tag 3.3.2.0 --- diff --git a/CMakeLists.txt b/CMakeLists.txt index b5fdfd997..ff7780187 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -3,7 +3,7 @@ project (snort CXX C) set (VERSION_MAJOR 3) set (VERSION_MINOR 3) -set (VERSION_PATCH 1) +set (VERSION_PATCH 2) set (VERSION_SUBLEVEL 0) set (VERSION "${VERSION_MAJOR}.${VERSION_MINOR}.${VERSION_PATCH}.${VERSION_SUBLEVEL}") diff --git a/ChangeLog.md b/ChangeLog.md index 3a9a19738..bf14ec975 100644 --- a/ChangeLog.md +++ b/ChangeLog.md @@ -1,3 +1,25 @@ +2024-07-29: 3.3.2.0 + +* appid: fixing cpp warnings and cosmetic changes for appid cpu profiler +* appid: removing trailing whitespaces +* daq: added outstanding packets counter +* doc: builtin rule documentation updates +* flow: added compile-time option to disable tenant_id +* flow: clear deferred trust after the flow is trusted to stop repeated trusting +* js_norm: address pdf tokenizer issues +* kaizen: fix verbose mode output for unlimited options +* main: fix coverage +* sip: fallback functionality for sip inspector +* stream: refactor paf logic into a c++ class +* stream_tcp: delete lws_init, it was redundant with tcp_init; delete FIXITs that are no longer relevant +* stream_tcp: improve variable and function names for overlap processing +* stream_tcp: integrate and streamline setting of flush policy and splitter +* stream_tcp: merge TcpStreamSession into TcpSession +* stream_tcp: refactor segment nodes to implement reassembly cursor and eliminate tracking variables +* stream_tcp: refactor TcpReassembler into a virtual base class and subclasses for each mode: ignore, IPS and IDS +* stream_tcp: refactor to move alert functions to their own class +* stream_tcp: refactor to move tcp overlap processing out of reassembly class + 2024-07-15: 3.3.1.0 * appid: restructure the appid code to make it easier to follow and maintain diff --git a/cmake/FindDAQ.cmake b/cmake/FindDAQ.cmake index bd6677e04..6b0ef2a33 100644 --- a/cmake/FindDAQ.cmake +++ b/cmake/FindDAQ.cmake @@ -16,7 +16,7 @@ This module defines: #]=======================================================================] find_package(PkgConfig) -pkg_check_modules(PC_DAQ libdaq>=3.0.15) +pkg_check_modules(PC_DAQ libdaq>=3.0.16) # Use DAQ_INCLUDE_DIR_HINT and DAQ_LIBRARIES_DIR_HINT from configure_cmake.sh as primary hints # and then package config information after that. diff --git a/doc/reference/snort_reference.text b/doc/reference/snort_reference.text index 766324473..f9c6b6440 100644 --- a/doc/reference/snort_reference.text +++ b/doc/reference/snort_reference.text @@ -8,7 +8,7 @@ Snort 3 Reference Manual The Snort Team Revision History -Revision 3.3.1.0 2024-07-15 14:03:05 EDT TST +Revision 3.3.2.0 2024-07-29 22:04:21 EDT TST --------------------------------------------------------------------- @@ -5424,6 +5424,7 @@ Peg counts: * sip.concurrent_sessions: total concurrent SIP sessions (now) * sip.max_concurrent_sessions: maximum concurrent SIP sessions (max) + * sip.aborted_sessions: total session aborted (sum) * sip.events: events generated (sum) * sip.dialogs: total dialogs (sum) * sip.ignored_channels: total channels ignored (sum) @@ -12377,6 +12378,7 @@ libraries see the Getting Started section of the manual. to overflow (sum) * search_engine.total_unique: total unique fast pattern hits (sum) * side_channel.packets: total packets (sum) + * sip.aborted_sessions: total session aborted (sum) * sip.ack: ack (sum) * sip.bye: bye (sum) * sip.cancel: cancel (sum) @@ -13105,18 +13107,19 @@ The options length field extends past the end of the GENEVE header. 116:250 (icmp4) ICMP original IP header truncated -The ICMP error message’s original IP header is truncated. +The ICMP or IP in ICMP error message’s original IP header is +truncated. 116:251 (icmp4) ICMP version and original IP header versions differ -The ICMP error message’s original IP packet’s version and original IP -header versions differ. +The ICMP or IP in ICMP error message’s original IP packet’s version +and original IP header versions differ. 116:252 (icmp4) ICMP original datagram length < original IP header length -The ICMP error message’s original datagram’s length is less than the -original IP’s header length. +The ICMP or IP in ICMP error message’s original datagram’s length is +less than the original IP’s header length. 116:253 (icmp4) ICMP original IP payload < 64 bits @@ -13542,8 +13545,8 @@ An IPv6 packet was received with a routing type 0 extension header. 116:462 (erspan2) ERSpan header version mismatch -The ERSpan2 version is not equal to 1 (the value of 1 signals that -it’s ERSpan2). +Incorrect ERSpan version. ERSpan2 should have version 1, ERSpan3 +should have version 2. 116:463 (erspan2) captured length < ERSpan type2 header length diff --git a/doc/upgrade/snort_upgrade.text b/doc/upgrade/snort_upgrade.text index fa1d06737..58675a01b 100644 --- a/doc/upgrade/snort_upgrade.text +++ b/doc/upgrade/snort_upgrade.text @@ -8,7 +8,7 @@ Snort 3 Upgrade Manual The Snort Team Revision History -Revision 3.3.1.0 2024-07-15 14:03:43 EDT TST +Revision 3.3.2.0 2024-07-29 22:05:11 EDT TST --------------------------------------------------------------------- diff --git a/doc/user/snort_user.text b/doc/user/snort_user.text index 20a559848..38a9a6ff1 100644 --- a/doc/user/snort_user.text +++ b/doc/user/snort_user.text @@ -8,7 +8,7 @@ Snort 3 User Manual The Snort Team Revision History -Revision 3.3.1.0 2024-07-15 14:03:18 EDT TST +Revision 3.3.2.0 2024-07-29 22:04:38 EDT TST ---------------------------------------------------------------------