From: Priyanka Bangalore Gurudev (prbg) Date: Mon, 11 Aug 2025 19:26:31 +0000 (+0000) Subject: Pull request #4856: build: generate and tag 3.9.3.0 X-Git-Tag: 3.9.3.0^0 X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;ds=inline;p=thirdparty%2Fsnort3.git Pull request #4856: build: generate and tag 3.9.3.0 Merge in SNORT/snort3 from ~PRBG/snort3:build_3.9.3.0 to master Squashed commit of the following: commit 47b2f71fdae20b6e6db08434adf26f9909b3cc0b Author: Priyanka Gurudev Date: Sun Aug 10 20:24:47 2025 -0400 build: generate and tag 3.9.3.0 --- diff --git a/CMakeLists.txt b/CMakeLists.txt index 6beb2c08f..3a840ba3a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -3,7 +3,7 @@ project (snort CXX C) set (VERSION_MAJOR 3) set (VERSION_MINOR 9) -set (VERSION_PATCH 2) +set (VERSION_PATCH 3) set (VERSION_SUBLEVEL 0) set (VERSION "${VERSION_MAJOR}.${VERSION_MINOR}.${VERSION_PATCH}.${VERSION_SUBLEVEL}") diff --git a/ChangeLog.md b/ChangeLog.md index 65f410768..32e01ecb7 100644 --- a/ChangeLog.md +++ b/ChangeLog.md @@ -1,3 +1,38 @@ +2025-08-10: 3.9.3.0 + +* appid: accounting for tmp offset in RPC +* appid: change appid_shadow_traffic_status to atomic for thread safety +* appid: combined host pattern matchers +* appid: fix ASAN issue in AppIdHttpSession::set_req_body_field +* appid: fix out-of-bounds caused by strncat in identify_user_agent +* appid: getting packet from event than from detectionengine +* appid: out-of-range readings fix +* appid: prevent out_of_range and invalid_argument in rpc +* appid: rpc integer overflow fix +* build: enable exporting compile commands +* dce_rpc: checked for integer overflow of smb_hdr + next_command_offset +* dce_rpc: checking integer overflow on data_offset + data_length +* detection: extract children-related evaluation logic into separated functions +* detection: extract current node evaluation logic into separated function +* detection: fix compile warnings in detection_options.cc +* file_api: multi-process snort file cache crash fix +* file_api: multi process snort file cache sharing crash fix +* helpers: ringLogic framework updated to use atomic than volatile +* http_inspect: add peg count for when published body has hit the requested max size +* iec104: fallback functionality for abort scenario +* logger: add batched logger to improve packet_tracer output performace +* logger: add cpu affinity for log writer thread +* main: notify DAQ via ioctl message when a packet is injected +* mime: fix out-of-bounds in case of short boundary chunks +* packet_tracer: file output will not be using batched logger +* service_inspectors: Added random base file id generation for imap/pop/smtp. +* smtp: fix overflow caused by tls data processing in smtp +* stream_tcp: add splitter restart function, restart when hole skipped by AtomSplitter +* stream_tcp: fix issues with skipping seglist holes in ids mode +* stream_tcp: when reassembly is disable/ignored update rcv_nxt to left edge of first hole or to end of seglist +* vba_decompress: avoiding heap buffer overflows +* vba_decompress: exception handled + 2025-07-20: 3.9.2.0 * build: fix comparison of empty integers. Thanks to Hatix Ntsoa. diff --git a/cmake/FindDAQ.cmake b/cmake/FindDAQ.cmake index ffccd31f9..d607d1991 100644 --- a/cmake/FindDAQ.cmake +++ b/cmake/FindDAQ.cmake @@ -16,7 +16,7 @@ This module defines: #]=======================================================================] find_package(PkgConfig) -pkg_check_modules(PC_DAQ libdaq>=3.0.20) +pkg_check_modules(PC_DAQ libdaq>=3.0.21) # Use DAQ_INCLUDE_DIR_HINT and DAQ_LIBRARIES_DIR_HINT from configure_cmake.sh as primary hints # and then package config information after that. diff --git a/doc/reference/snort_reference.text b/doc/reference/snort_reference.text index 3b3bddd47..3e0b73329 100644 --- a/doc/reference/snort_reference.text +++ b/doc/reference/snort_reference.text @@ -8,7 +8,7 @@ Snort 3 Reference Manual The Snort Team Revision History -Revision 3.9.2.0 2025-07-20 23:16:33 EDT TST +Revision 3.9.3.0 2025-08-10 20:21:55 EDT TST --------------------------------------------------------------------- @@ -1301,7 +1301,7 @@ Configuration: Commands: * packet_tracer.enable(proto, src_ip, src_port, dst_ip, dst_port, - tenants): enable packet tracer debugging + tenants, regex, stop_after_match): enable packet tracer debugging * packet_tracer.disable(): disable packet tracer @@ -4405,6 +4405,8 @@ Peg counts: bodies compressed with known but not supported methods (sum) * http_inspect.compressed_unknown: total number of HTTP bodies compressed with unknown methods (sum) + * http_inspect.max_publish_depth_hits: total number of times the + maximum publish depth was exceeded (sum) 5.27. iec104 @@ -6313,6 +6315,8 @@ Peg counts: service inspector (sum) * stream_tcp.partial_fallbacks: count of fallbacks from assigned service stream splitter (sum) + * stream_tcp.splitter_restarts: count of splitter restarts from + skipping seglist holes (sum) * stream_tcp.max_segs: maximum number of segments queued in any flow (max) * stream_tcp.max_bytes: maximum number of bytes queued in any flow @@ -12342,6 +12346,8 @@ libraries see the Getting Started section of the manual. (sum) * http_inspect.max_concurrent_sessions: maximum concurrent http sessions (max) + * http_inspect.max_publish_depth_hits: total number of times the + maximum publish depth was exceeded (sum) * http_inspect.options_requests: OPTIONS requests inspected (sum) * http_inspect.other_requests: other request methods inspected (sum) @@ -13014,6 +13020,8 @@ libraries see the Getting Started section of the manual. flushed when session released (sum) * stream_tcp.sessions: total tcp sessions (sum) * stream_tcp.setups: session initializations (sum) + * stream_tcp.splitter_restarts: count of splitter restarts from + skipping seglist holes (sum) * stream_tcp.stale_packets: tcp stale packets (sum) * stream_tcp.syn_acks: number of syn-ack packets (sum) * stream_tcp.syn_ack_trackers: tcp session tracking started on @@ -16509,7 +16517,7 @@ alert is raised by the enhanced JavaScript normalizer. capture_path, max_packet_count): capture raw packets * packet_capture.disable(): stop packet capturing * packet_tracer.enable(proto, src_ip, src_port, dst_ip, dst_port, - tenants): enable packet tracer debugging + tenants, regex, stop_after_match): enable packet tracer debugging * packet_tracer.disable(): disable packet tracer * perf_monitor.enable_flow_ip_profiling(seconds, packets, flow_ip_all): enable all statistics on host pairs diff --git a/doc/upgrade/snort_upgrade.text b/doc/upgrade/snort_upgrade.text index a997741d8..aa1c5f9b6 100644 --- a/doc/upgrade/snort_upgrade.text +++ b/doc/upgrade/snort_upgrade.text @@ -8,7 +8,7 @@ Snort 3 Upgrade Manual The Snort Team Revision History -Revision 3.9.2.0 2025-07-20 23:17:26 EDT TST +Revision 3.9.3.0 2025-08-10 20:22:47 EDT TST --------------------------------------------------------------------- diff --git a/doc/user/snort_user.text b/doc/user/snort_user.text index b9e9331d1..fd4a5fab5 100644 --- a/doc/user/snort_user.text +++ b/doc/user/snort_user.text @@ -8,7 +8,7 @@ Snort 3 User Manual The Snort Team Revision History -Revision 3.9.2.0 2025-07-20 23:16:51 EDT TST +Revision 3.9.3.0 2025-08-10 20:22:12 EDT TST ---------------------------------------------------------------------