From: Priyanka Bangalore Gurudev (prbg) Date: Mon, 3 Jul 2023 12:15:41 +0000 (+0000) Subject: Pull request #3897: build: generate and tag 3.1.65.0 X-Git-Tag: 3.1.65.0^0 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=679b60707c5f7bb377c98b90b10bc158dd58a44a;p=thirdparty%2Fsnort3.git Pull request #3897: build: generate and tag 3.1.65.0 Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.65.0 to master Squashed commit of the following: commit e02dc4aaeb2673eb4aca6cc08f978cddb3569f2f Author: Priyanka Gurudev Date: Thu Jun 29 22:32:25 2023 -0400 build: generate and tag 3.1.65.0 --- diff --git a/CMakeLists.txt b/CMakeLists.txt index c96bdab3c..bc07694ae 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -3,7 +3,7 @@ project (snort CXX C) set (VERSION_MAJOR 3) set (VERSION_MINOR 1) -set (VERSION_PATCH 64) +set (VERSION_PATCH 65) set (VERSION_SUBLEVEL 0) set (VERSION "${VERSION_MAJOR}.${VERSION_MINOR}.${VERSION_PATCH}.${VERSION_SUBLEVEL}") diff --git a/ChangeLog.md b/ChangeLog.md index a30daab14..dafbff2d0 100644 --- a/ChangeLog.md +++ b/ChangeLog.md @@ -1,3 +1,29 @@ +2023-06-29: 3.1.65.0 + +* analyzer: poison memory segment after msg->data +* appid: add support for cip multiple service packet +* appid: check size boundaries before header validation +* appid: do not use global pointers to service and client detectors for packet processing during reload detectors +* appid: fix FTP parsing +* codecs: fix ipv6_mobility parsing +* codecs: fix tcp options parsing +* detection: update condition since the negated stuff can be matched in such cases +* file_api: avoid file cache lookup after creating new file cache entry. +* icmp6: allow rules to match packet data after header +* ips_content: add flag for non-default value of depth +* ips_content: clean-up of function +* ips_content: make the negated content be opposite to normal content +* ips_content: update condition checks +* log: fix out-of-bounds read access +* netflow: fix raw data conversion +* parser: base service_only on services not cursor type +* profiler: fix date related problems in rule_profiling json output +* protocols: remove of unnecessary old_opt check +* regex: clear flags reused by module to construct ips option +* rna: fix icmpv6 decoding +* thread_config: added thread level mempolicy +* utils: fix out-of-bound access + 2023-06-15: 3.1.64.0 * appid: always publish a change message after do not decrypt diff --git a/cmake/FindDAQ.cmake b/cmake/FindDAQ.cmake index 3959f97a4..a9bee0356 100644 --- a/cmake/FindDAQ.cmake +++ b/cmake/FindDAQ.cmake @@ -16,7 +16,7 @@ This module defines: #]=======================================================================] find_package(PkgConfig) -pkg_check_modules(PC_DAQ libdaq>=3.0.10) +pkg_check_modules(PC_DAQ libdaq>=3.0.12) # Use DAQ_INCLUDE_DIR_HINT and DAQ_LIBRARIES_DIR_HINT from configure_cmake.sh as primary hints # and then package config information after that. diff --git a/doc/reference/snort_reference.text b/doc/reference/snort_reference.text index 39bd190fd..963c84e7e 100644 --- a/doc/reference/snort_reference.text +++ b/doc/reference/snort_reference.text @@ -8,7 +8,7 @@ Snort 3 Reference Manual The Snort Team Revision History -Revision 3.1.64.0 2023-06-15 21:19:24 EDT TST +Revision 3.1.65.0 2023-06-29 22:23:53 EDT TST --------------------------------------------------------------------- @@ -1331,7 +1331,8 @@ Commands: * profiler.rule_start(): enable rule profiler * profiler.rule_stop(): disable rule profiler * profiler.rule_status(): print rule profiler status - * profiler.rule_dump(output): print rule statistics + * profiler.rule_dump(output): print rule statistics in table or + json format (json format prints dates as Unix epoch) 2.27. rate_filter @@ -15581,7 +15582,8 @@ alert is raised by the enhanced JavaScript normalizer. * profiler.rule_start(): enable rule profiler * profiler.rule_stop(): disable rule profiler * profiler.rule_status(): print rule profiler status - * profiler.rule_dump(output): print rule statistics + * profiler.rule_dump(output): print rule statistics in table or + json format (json format prints dates as Unix epoch) * reputation.reload(): reload reputation data * rna.dump_macs(): dump rna’s internal MAC trackers * rna.delete_mac_host(mac): delete a MAC from rna’s MAC cache diff --git a/doc/upgrade/snort_upgrade.text b/doc/upgrade/snort_upgrade.text index 719fbbadd..22e05cfd5 100644 --- a/doc/upgrade/snort_upgrade.text +++ b/doc/upgrade/snort_upgrade.text @@ -8,7 +8,7 @@ Snort 3 Upgrade Manual The Snort Team Revision History -Revision 3.1.64.0 2023-06-15 21:20:29 EDT TST +Revision 3.1.65.0 2023-06-29 22:24:56 EDT TST --------------------------------------------------------------------- diff --git a/doc/user/snort_user.text b/doc/user/snort_user.text index d57724dd8..3e64dd134 100644 --- a/doc/user/snort_user.text +++ b/doc/user/snort_user.text @@ -8,7 +8,7 @@ Snort 3 User Manual The Snort Team Revision History -Revision 3.1.64.0 2023-06-15 21:19:45 EDT TST +Revision 3.1.65.0 2023-06-29 22:24:14 EDT TST --------------------------------------------------------------------- @@ -1063,14 +1063,13 @@ Optional: received * lzma >= 5.1.2 from http://tukaani.org/xz/ for decompression of SWF and PDF files - * numa from https://github.com/numactl/numactl for NUMA memory management * safec >= 3.5 from https://github.com/rurban/safeclib/ for runtime bounds checks on certain legacy C-library calls * source-highlight from http://www.gnu.org/software/src-highlite/ to generate the dev guide * w3m from http://sourceforge.net/projects/w3m/ to build the plain text manual - * uuid from uuid-dev package for unique identifiers + * uuid from uuid-dev package for unique identifiers 3.2. Building