From: Shivani Bhardwaj Date: Thu, 12 Jun 2025 14:47:08 +0000 (+0530) Subject: release: 8.0.0-rc1; update changelog X-Git-Tag: suricata-8.0.0-rc1^0 X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=cdfebcdc9c9a3ab956a4883d62a94910aa53fe3d;p=thirdparty%2Fsuricata.git release: 8.0.0-rc1; update changelog --- diff --git a/ChangeLog b/ChangeLog index 378053f411..2eea16e68e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,97 @@ +8.0.0-rc1 -- 2025-06-12 + +Feature #7715: rules: add option to skip flow tracking for a packet +Feature #7714: detect: add pre_flow rule hook +Feature #7713: detect: add tcp.wscale keyword to match on TCP wscale option values +Feature #7712: detect: add pre_stream rule hook +Feature #7702: commandline: add --list-app-layer-hooks option +Feature #7645: pgsql: add CopyIn subprotocol/mode +Feature #7635: eve: include transaction count +Feature #7599: mime: add email.received keyword +Feature #7597: mime: add email.url keyword +Feature #7593: mime: add email.message_id keyword +Feature #7507: rules: ftp.completion_code keyword +Feature #7506: rules: ftp.reply_received keyword +Feature #7505: rules: ftp.mode keyword +Feature #7504: rules: ftp.dynamic_port keyword +Feature #7372: Datajson: a dataset evolution +Feature #7047: eve: add ip version field +Feature #7036: DPDK NUMA setup: choose correct CPUs from worker-cpu-set +Feature #6805: cpu-affinity: enhance CPU affinity logic with per-interface NUMA preferences +Feature #6695: tls: log extensions +Feature #6259: pgsql: add `query` detection keyword +Feature #5692: http: brotli content encoding for HTTP/1.1 +Feature #4099: app-layer: allow direct rule keyword registration +Feature #3952: protocols: implement mDNS +Feature #2290: lua: use script as transform +Bug #7747: affinity: warnings in the granular thread affinity settings code +Bug #7746: suricatasc does not handle reconnect +Bug #7735: brotli: old crate version has integer underflow +Bug #7732: http1: use cursor wrapper handling EOF for brotli +Bug #7730: dcerpc: uint16 overflow (rust debug assertion) +Bug #7725: decode/ipv4: missing ip-in-ip case handling +Bug #7698: firewall: eve verdict field should state "accept" instead of alert +Bug #7694: flow: elephant flow counts previous bytes revisiting an index +Bug #7689: Dataset of type IP can't set IPv4 +Bug #7687: flow: non-TCP protocol timeout handling leads to missing flows +Bug #7681: flow: race condition at shutdown leads to duplicate flows +Bug #7671: lua: suricata-lua-sys needs to honor MSAN oss-fuzz flags +Bug #7668: http: lack of setting updated_ts leads to firewall bypass +Bug #7665: transaction rules: support filesize +Bug #7653: ips: deconflict pass flow and drop packet rules +Bug #7647: pgsql: empty request logged if password message disabled +Bug #7634: hyperscan: coverity warnings +Bug #7579: detect/files: local_file_id not incremented if inspection buffer is NULL +Bug #7568: pcap: continuous file reading fails on an empty directory +Bug #7549: detect: using different sticky buffers for byte_extract and byte_jump leads to undefined value before doing the jump +Bug #7498: rust: cleanup of extern "C" functions and no_mangle +Bug #7479: segfault using dummy config output.eve-log.types.alert.payload-buffer-size = 0 +Bug #7420: detect-engine: warning fgets could get negative value +Bug #7390: byte_extract: issue with saved 'name' in distance keyword +Bug #7374: dpdk: iface-copy should not be mandatory +Bug #7344: build: build can sometimes fail copying the lua headers into place +Bug #7285: Websocket compression mishandling +Bug #7236: plugins: custom transaction loggers cannot be registered by a plugin +Bug #7019: snmp: probing parser returns ALPROTO_FAILED instead of ALPROTO_UNKNOWN if slice.len() < 4 +Bug #7004: app-layer: wrong tx may be logged for stream rules +Bug #6981: dpdk: compiler warnings about lossy integer precision +Bug #6400: log of DNS answer is in wrong direction +Bug #6186: Integer overflows 64 to 32 bytes +Bug #5739: htp: handle alloc failure for user data +Bug #5177: detect/analyzer: rule analyzer warns about http buffers usage +Bug #4815: unix socket: ftp memcap missing from socket commands +Bug #3436: suricatasc: crashing using command 'reopen-log-files' +Optimization #7733: transforms: move base64 transform pure rust +Optimization #7708: http1: add tx iterator +Optimization #7529: detect/dns: move wrapper code from C to rust +Optimization #7353: files: remove deprecated force-md5 config option +Optimization #7292: CI: clang-format rechecks every main-7.0.x commit +Optimization #7083: detect/dataset: skip adding localstatedir if fullpath is provided +Task #7727: lua: suricata.log library +Task #7673: libsuricata: rate_filter callback +Task #7656: fast.lua: update script to reflect library use +Task #7609: lua: suricata.util lib +Task #7608: lua: turn tls into lib +Task #7607: lua: turn ssh into lib +Task #7606: lua: turn smtp into lib +Task #7605: lua: turn ja3 into lib +Task #7603: lua: turn hassh into lib +Task #7598: mime: add email.x_mailer +Task #7591: mime: add email.date keyword +Task #7491: lua: turn file into lua lib +Task #7490: lua: turn rule into lua lib +Task #7487: lua: turn flowints into lib +Task #7486: lua: turn flowvars into lib +Task #7461: suricata-verify: pass all tests +Task #7079: rust: unify rust ffi style +Task #7026: app-protos: trigger raw stream inspection +Task #6573: rust: set new minimum Rust version for Suricata 8 +Task #3695: research: libhwloc for better autoconfiguration +Documentation #7683: mime: add email.attachment keyword +Documentation #7329: doc: explain the priority ports setting +Documentation #7143: doc: legacy keyword http_host used in examples +Documentation #5485: userguide: explain that the http.header_names buffer is normalized + 8.0.0-beta1 -- 2025-04-08 Feature #7644: pgsql: add CopyOut subprotocol/mode diff --git a/configure.ac b/configure.ac index adccf0c5a4..55c36c1c06 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ - AC_INIT([suricata],[8.0.0-rc1-dev]) + AC_INIT([suricata],[8.0.0-rc1]) m4_ifndef([AM_SILENT_RULES], [m4_define([AM_SILENT_RULES],[])])AM_SILENT_RULES([yes]) AC_CONFIG_HEADERS([src/autoconf.h]) AC_CONFIG_SRCDIR([src/suricata.c]) diff --git a/requirements.txt b/requirements.txt index 537f896bfd..562d786edf 100644 --- a/requirements.txt +++ b/requirements.txt @@ -3,4 +3,4 @@ # Format: # # name {repo} {branch|tag} -suricata-update https://github.com/OISF/suricata-update master +suricata-update https://github.com/OISF/suricata-update 1.3.5 diff --git a/rust/Cargo.lock.in b/rust/Cargo.lock.in index c068b741c7..854cffcea6 100644 --- a/rust/Cargo.lock.in +++ b/rust/Cargo.lock.in @@ -1507,7 +1507,7 @@ checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" [[package]] name = "suricata" -version = "8.0.0-rc1-dev" +version = "8.0.0-rc1" dependencies = [ "aes", "aes-gcm", @@ -1559,7 +1559,7 @@ dependencies = [ [[package]] name = "suricata-derive" -version = "8.0.0-rc1-dev" +version = "8.0.0-rc1" dependencies = [ "proc-macro-crate", "proc-macro2", @@ -1595,11 +1595,11 @@ dependencies = [ [[package]] name = "suricata-sys" -version = "8.0.0-rc1-dev" +version = "8.0.0-rc1" [[package]] name = "suricatactl" -version = "8.0.0-rc1-dev" +version = "8.0.0-rc1" dependencies = [ "clap", "once_cell", @@ -1610,7 +1610,7 @@ dependencies = [ [[package]] name = "suricatasc" -version = "8.0.0-rc1-dev" +version = "8.0.0-rc1" dependencies = [ "clap", "home", diff --git a/rust/sys/src/sys.rs b/rust/sys/src/sys.rs index 60e3ece424..1a2cafe1ab 100644 --- a/rust/sys/src/sys.rs +++ b/rust/sys/src/sys.rs @@ -1,6 +1,6 @@ // This file is automatically generated. Do not edit. -pub const SC_PACKAGE_VERSION: &[u8; 14] = b"8.0.0-rc1-dev\0"; +pub const SC_PACKAGE_VERSION: &[u8; 10] = b"8.0.0-rc1\0"; pub type __intmax_t = ::std::os::raw::c_long; pub type intmax_t = __intmax_t; #[repr(u32)]