From: Priyanka Bangalore Gurudev (prbg) Date: Mon, 23 Oct 2023 15:15:07 +0000 (+0000) Subject: Pull request #4064: build: generate and tag 3.1.73.0 X-Git-Tag: 3.1.73.0^0 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=485d012f4b3c871bb223f855177552d57fae2a03;p=thirdparty%2Fsnort3.git Pull request #4064: build: generate and tag 3.1.73.0 Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.73.0 to master Squashed commit of the following: commit 26cad17bf00a89a84016de1a54f62202ce3d2cfd Author: Priyanka Gurudev Date: Mon Oct 23 08:55:22 2023 -0400 build: generate and tag 3.1.73.0 --- diff --git a/CMakeLists.txt b/CMakeLists.txt index ab07da116..9970f2120 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -3,7 +3,7 @@ project (snort CXX C) set (VERSION_MAJOR 3) set (VERSION_MINOR 1) -set (VERSION_PATCH 72) +set (VERSION_PATCH 73) set (VERSION_SUBLEVEL 0) set (VERSION "${VERSION_MAJOR}.${VERSION_MINOR}.${VERSION_PATCH}.${VERSION_SUBLEVEL}") diff --git a/ChangeLog.md b/ChangeLog.md index 8117091a4..ba1c5502d 100644 --- a/ChangeLog.md +++ b/ChangeLog.md @@ -1,3 +1,16 @@ +2023-10-23: 3.1.73.0 + +* appid: added support for appid trace logs with multiple logging levels +* appid: fixing cppcheck issue +* control: code refactor to support all unix flavors +* detection: fix cleaning of rule profiling stats when profiling starts +* host_cache: added segmented cache +* http_inspect: handle reserved gzip flags +* http_inspect: response to 0.9 isn't necessarily 0.9 +* profiler: extend field length to support uint64 +* stream: skip duplicated alerts in TcpReassemblerState's list. Thanks wenhao-in-chengdu for reporting the issue and suggesting a fix. +* stream_tcp: ignore normalization checks when in midstream state + 2023-10-10: 3.1.72.0 * active: added API for printing delayed action string diff --git a/doc/reference/snort_reference.text b/doc/reference/snort_reference.text index 2dd51ee0f..dbdd9e32f 100644 --- a/doc/reference/snort_reference.text +++ b/doc/reference/snort_reference.text @@ -8,7 +8,7 @@ Snort 3 Reference Manual The Snort Team Revision History -Revision 3.1.72.0 2023-10-10 22:54:49 EDT TST +Revision 3.1.73.0 2023-10-23 08:37:59 EDT TST --------------------------------------------------------------------- @@ -450,6 +450,8 @@ Configuration: host table from * int attribute_table.max_hosts = 1024: maximum number of hosts in attribute table { 32:max53 } + * int attribute_table.segments = 4: number of segments of hosts + attribute table. It must be power of 2. { 1:32 } * int attribute_table.max_services_per_host = 8: maximum number of services per host entry in attribute table { 1:65535 } * int attribute_table.max_metadata_services = 9: maximum number of @@ -1800,6 +1802,7 @@ Usage: global Configuration: * int trace.modules.all: enable trace for all modules { 0:255 } + * int trace.modules.appid.all: enable all trace options { 0:255 } * int trace.modules.dce_smb.all: enable all trace options { 0:255 } * int trace.modules.dpx.all: enable all trace options { 0:255 } * int trace.modules.file_id.all: enable all trace options { 0:255 } @@ -4097,6 +4100,7 @@ Rules: /1 method * 119:287 (http_inspect) HTTP request method is not on allowed methods list or is on disallowed methods list + * 119:288 (http_inspect) HTTP gzip body with reserved flag set Peg counts: @@ -9085,6 +9089,8 @@ libraries see the Getting Started section of the manual. services in rule { 1:255 } * int attribute_table.max_services_per_host = 8: maximum number of services per host entry in attribute table { 1:65535 } + * int attribute_table.segments = 4: number of segments of hosts + attribute table. It must be power of 2. { 1:32 } * int base64_decode.bytes: number of base64 encoded bytes to decode { 1:max32 } * int base64_decode.offset = 0: bytes past start of buffer to start @@ -10977,6 +10983,7 @@ libraries see the Getting Started section of the manual. * string trace.constraints.src_ip: source IP address filter * int trace.constraints.src_port: source port filter { 0:65535 } * int trace.modules.all: enable trace for all modules { 0:255 } + * int trace.modules.appid.all: enable all trace options { 0:255 } * int trace.modules.dce_smb.all: enable all trace options { 0:255 } * int trace.modules.dpx.all: enable all trace options { 0:255 } * int trace.modules.file_id.all: enable all trace options { 0:255 } @@ -13808,6 +13815,10 @@ list or is on disallowed methods list HTTP request method is not on allowed methods list or is on disallowed methods list. +119:288 (http_inspect) HTTP gzip body with reserved flag set + +HTTP reserved GZIP flags are set + 121:1 (http2_inspect) invalid flag set on HTTP/2 frame Invalid flag set on HTTP/2 frame header diff --git a/doc/upgrade/snort_upgrade.text b/doc/upgrade/snort_upgrade.text index f5740076d..77ded0f9c 100644 --- a/doc/upgrade/snort_upgrade.text +++ b/doc/upgrade/snort_upgrade.text @@ -8,7 +8,7 @@ Snort 3 Upgrade Manual The Snort Team Revision History -Revision 3.1.72.0 2023-10-10 22:55:38 EDT TST +Revision 3.1.73.0 2023-10-23 08:39:03 EDT TST --------------------------------------------------------------------- diff --git a/doc/user/snort_user.text b/doc/user/snort_user.text index da21960d9..054bf2a6a 100644 --- a/doc/user/snort_user.text +++ b/doc/user/snort_user.text @@ -8,7 +8,7 @@ Snort 3 User Manual The Snort Team Revision History -Revision 3.1.72.0 2023-10-10 22:55:06 EDT TST +Revision 3.1.73.0 2023-10-23 08:38:21 EDT TST ---------------------------------------------------------------------