From: Shivani Bhardwaj <shivani@oisf.net>
Date: Thu, 8 Feb 2024 09:06:43 +0000 (+0530)
Subject: release: 6.0.16; update changelog
X-Git-Tag: suricata-6.0.16^0
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b46ffaaf430faa0a5a46915e223a49f06847b523;p=thirdparty%2Fsuricata.git

release: 6.0.16; update changelog
---

diff --git a/ChangeLog b/ChangeLog
index 2828f3188f..83282e3da1 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,26 @@
+6.0.16 -- 2024-02-08
+
+Security #6751: http2: evasion by splitting header fields over frames (6.0.x backport)
+Security #6660: http2: quadratic complexity in find_or_create_tx not bounded by max-tx (6.0.x backport)
+Security #6659: SMTP: quadratic complexity from unbounded number of transaction per flow (6.0.x backport)
+Security #6658: http1: configurable limit for maximum number of live transactions per flow (6.0.x backport)
+Security #6528: http1: quadratic complexity from infinite folded headers (6.0.x backport)
+Bug #6598: ebpf: llc detection failure (6.0.x backport)
+Bug #6549: multi-tenancy: ASAN error on engine analysis
+Bug #6529: http.header, http.header.raw and http.request_header buffers not populated when malformed header value exists (6.0.x backport)
+Bug #6437: host: ip rep prevents tag/threshold/hostbits cleanup (6.0.x backport)
+Bug #6421: dns/eve: an empty format section results in no response details being logged (6.0.x backport)
+Bug #6378: byte_jump with negative post_offset value fails at the end of the buffer (6.0.x backport)
+Feature #6602: ci: add eBPF to Github workflow for Suricata 6.0.x
+Feature #6430: HTTP/2 - app-layer-event and normalization when userinfo is in the :authority pseudo header for the http.host header (6.0.x backport)
+Feature #6429: HTTP/2 - new app-layer-event when `:authority` and `host` headers do not match (6.0.x backport)
+Task #6563: doc: document file.data (6.0.x backport)
+Task #6517: libhtp 0.5.46 (6.0.x backport)
+Documentation #6630: Fix byte_test examples (6.0.x backport)
+Documentation #6512: userguide: update tls eve-log fields 'not_before' and 'not_after' (6.0.x backport)
+Documentation #6505: userguide: update tls eve-log fields 'not_before' and 'not_after' (6.0.x backport)
+Documentation #5988: doc: update build instructions (6.0.x backport)
+
 6.0.15 -- 2023-10-18
 
 Security #6363: mime: quadratic complexity in MimeDecAddEntity (6.0.x backport)
diff --git a/configure.ac b/configure.ac
index 9635185378..d988139f50 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
-    AC_INIT([suricata],[6.0.16-dev])
+    AC_INIT([suricata],[6.0.16])
     m4_ifndef([AM_SILENT_RULES], [m4_define([AM_SILENT_RULES],[])])AM_SILENT_RULES([yes])
     AC_CONFIG_HEADERS([src/autoconf.h])
     AC_CONFIG_SRCDIR([src/suricata.c])
@@ -1671,12 +1671,12 @@
             echo
             exit 1
         fi
-        PKG_CHECK_MODULES(LIBHTPMINVERSION, [htp >= 0.5.44],[libhtp_minver_found="yes"],[libhtp_minver_found="no"])
+        PKG_CHECK_MODULES(LIBHTPMINVERSION, [htp >= 0.5.46],[libhtp_minver_found="yes"],[libhtp_minver_found="no"])
         if test "$libhtp_minver_found" = "no"; then
             PKG_CHECK_MODULES(LIBHTPDEVVERSION, [htp = 0.5.X],[libhtp_devver_found="yes"],[libhtp_devver_found="no"])
             if test "$libhtp_devver_found" = "no"; then
                 echo
-                echo "   ERROR! libhtp was found but it is neither >= 0.5.44, nor the dev 0.5.X"
+                echo "   ERROR! libhtp was found but it is neither >= 0.5.46, nor the dev 0.5.X"
                 echo
                 exit 1
             fi
diff --git a/requirements.txt b/requirements.txt
index a46b29ccbb..10e4d98b23 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -3,5 +3,5 @@
 # Format:
 #
 #   name {repo} {branch|tag}
-libhtp https://github.com/OISF/libhtp 0.5.x
+libhtp https://github.com/OISF/libhtp 0.5.46
 suricata-update https://github.com/OISF/suricata-update 1.2.8