From: Shivani Bhardwaj <shivani@oisf.net>
Date: Tue, 23 Apr 2024 05:16:16 +0000 (+0530)
Subject: release: 6.0.19; update changelog
X-Git-Tag: suricata-6.0.19^0
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d5f5ca0ec103f1d7242bdcb967ac61d833e849b1;p=thirdparty%2Fsuricata.git

release: 6.0.19; update changelog
---

diff --git a/ChangeLog b/ChangeLog
index e35e811e69..c0b5199f6c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,16 @@
+6.0.19 -- 2024-04-23
+
+Security #6978: http2: timeout logging headers (6.0.x backport)(CVE 2024-32663)
+Security #6972: http2: oom on copying compressed headers (6.0.x backport)(CVE 2024-32663)
+Security #6931: base64: off-by-three overflow in DecodeBase64() (6.0.x backport)(CVE 2024-32664)
+Security #6676: ip-defrag: packet can be considered complete even with holes (6.0.x backport)(CVE 2024-32867)
+Security #6671: ip defrag: final overlapping packet can lead to "hole" in re-assembled data (6.0.x backport)(CVE 2024-32867)
+Security #6670: ip defrag: re-assembly error in bsd policy (6.0.x backport)(CVE 2024-32867)
+Bug #6944: defrag: reassembled packet can have wrong datatype (6.0.x backport)
+Bug #6898: detect: slowdown in rule parsing (6.0.x backport)
+Optimization #6879: conf: quadratic complexity in yaml loader (6.0.x backport)
+Feature #6946: pcap: datalink type 229 not (yet) supported in module PcapFile (6.0.x backport)
+
 6.0.18 -- 2024-03-21
 
 Bug #6876: rust: MSRV unintentionally bumped
diff --git a/configure.ac b/configure.ac
index fb7f74617b..dcb399324c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
-    AC_INIT([suricata],[6.0.19-dev])
+    AC_INIT([suricata],[6.0.19])
     m4_ifndef([AM_SILENT_RULES], [m4_define([AM_SILENT_RULES],[])])AM_SILENT_RULES([yes])
     AC_CONFIG_HEADERS([src/autoconf.h])
     AC_CONFIG_SRCDIR([src/suricata.c])
@@ -1671,12 +1671,12 @@
             echo
             exit 1
         fi
-        PKG_CHECK_MODULES(LIBHTPMINVERSION, [htp >= 0.5.47],[libhtp_minver_found="yes"],[libhtp_minver_found="no"])
+        PKG_CHECK_MODULES(LIBHTPMINVERSION, [htp >= 0.5.48],[libhtp_minver_found="yes"],[libhtp_minver_found="no"])
         if test "$libhtp_minver_found" = "no"; then
             PKG_CHECK_MODULES(LIBHTPDEVVERSION, [htp = 0.5.X],[libhtp_devver_found="yes"],[libhtp_devver_found="no"])
             if test "$libhtp_devver_found" = "no"; then
                 echo
-                echo "   ERROR! libhtp was found but it is neither >= 0.5.47, nor the dev 0.5.X"
+                echo "   ERROR! libhtp was found but it is neither >= 0.5.48, nor the dev 0.5.X"
                 echo
                 exit 1
             fi
diff --git a/requirements.txt b/requirements.txt
index fb8ed81bfd..05d0b85499 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -3,5 +3,5 @@
 # Format:
 #
 #   name {repo} {branch|tag}
-libhtp https://github.com/OISF/libhtp 0.5.x
-suricata-update https://github.com/OISF/suricata-update master-1.2.x
+libhtp https://github.com/OISF/libhtp 0.5.48
+suricata-update https://github.com/OISF/suricata-update 1.2.8