Project

General

Profile

4.1beta1

closed

03/23/2018

100%

88 issues   (88 closed — 0 open)

Issues by
Bug

48/48
Feature

37/37
Optimization

2/2
Security

1/1
Related issues
Bug #993: libhtp upgrade to handle responses first Actions
Bug #1503: lua output setup failure does not exit engine with --init-errors-fatal Actions
Bug #1788: af-packet coverity warning Actions
Bug #1842: Duplicated analyzer in Prelude alert Actions
Bug #1904: modbus: duplicate alerts / detection unaware of direction Actions
Bug #2202: BUG_ON asserts in AppLayerIncFlowCounter Actions
Bug #2229: mem leak AFP with 4.0.0-dev (rev 1180687) Actions
Bug #2240: suricatasc dump-counters returns error when return message is larger than 4096 Actions
Bug #2252: Rule parses in 4.0 when flow to client is set and http_client_body is used. Actions
Bug #2258: rate_filter inconsistency: triggered after "count" detections when by_rule, and after count+1 detections when by_src/by_dst. Actions
Bug #2268: Don't printf util-enum errors Actions
Bug #2288: Suricata segfaults on ICMP and flowint check Actions
Bug #2294: rules: depth < content rules not rejected (master) Actions
Bug #2307: segfault in http_start with 4.1.0-dev (rev 83f220a) Actions
Bug #2335: conf: stack-based buffer-overflow in ParseFilename Actions
Bug #2345: conf: Memory-leak in DetectAddressTestConfVars Actions
Bug #2346: conf: NULL-pointer dereference in ConfUnixSocketIsEnable Actions
Bug #2347: conf: use of NULL-pointer in DetectLoadCompleteSigPath Actions
Bug #2349: conf: multiple NULL-pointer dereferences in FlowInitConfig Actions
Bug #2353: Command Line Options Ignored with pcap-file-continuous setting Actions
Bug #2354: conf: multiple NULL-pointer dereferences in StreamTcpInitConfig Actions
Bug #2356: coverity issues in new pcap file/directory handling Actions
Bug #2360: possible deadlock with signal handling Actions
Bug #2364: rust/dns: logging missing string versions of rtypes and rcodes Actions
Bug #2365: rust/dns: flooded by 'LogDnsLogger not implemented for Rust DNS' Actions
Bug #2367: Conf: Multipe NULL-pointer dereferences in HostInitConfig Actions
Bug #2368: Conf: Multipe NULL-pointer dereferences after ConfGetBool in StreamTcpInitConfig Actions
Bug #2370: Conf: Multipe NULL-pointer dereferences in PostConfLoadedSetup Actions
Bug #2390: mingw linker error with rust Actions
Bug #2391: libhtp 0.5.26 Actions
Bug #2394: Pcap Directory May Miss Files Actions
Bug #2397: Call to panic()! macro in Rust NFS decoder causes crash on malformed NFS traffic Actions
Bug #2398: Lua keyword cmd help documentation pointing to old docs Actions
Bug #2402: http_header_names doesn't operate as documented Actions
Bug #2403: Crash for offline pcap mode when running in single mode Actions
Bug #2407: Fix timestamp offline when pcap timestamp is zero Actions
Bug #2408: fix print backslash in PrintRawUriFp Actions
Bug #2414: NTP parser registration frees used memory Actions
Bug #2418: Skip configuration "include" nodes when file is empty Actions
Bug #2420: Use pthread_sigmask instead of sigprogmask for signal handling Actions
Bug #2425: DNP3 memcpy buffer overflow Actions
Bug #2430: http eve log data source/dest flip Actions
Bug #2437: rust/dns: Core Dump with malformed traffic Actions
Bug #2442: der parser: bad input consumes cpu and memory Actions
Bug #2446: http bodies / file_data: thread space creation writing out of bounds (master) Actions
Bug #2451: Missing Files Will Cause Pcap Thread to No Longer Run in Unix Socket Mode Actions
Bug #2454: master - suricata.c:2473-2474 - SIGUSR2 not wrapped in #ifndef OS_WIN32 Actions
Bug #2466: [4.1beta1] Messages with SC_LOG_CONFIG level are logged to syslog with EMERG priority Actions
Feature #550: Extract file attachments from FTP Actions
Feature #646: smb log feature to be introduced Actions
Feature #719: finish/enable smb2 app layer parser Actions
Feature #723: Add support for smb 3 Actions
Feature #724: Prevent resetting in UNIX socket mode Actions
Feature #735: Introduce content_len keyword Actions
Feature #741: Introduce endswith keyword Actions
Feature #742: startswith keyword Actions
Feature #1006: transformation api Actions
Feature #1198: more compact dns logging Actions
Feature #1201: file-store metadata in JSON format Actions
Feature #1386: offline: add pcap file name to EVE Actions
Feature #1458: unix-socket - make rule load errs available Actions
Feature #1476: Suricata Unix socket PCAP processing stats should not need to reset after each run Actions
Feature #1579: Support Modbus Unit Identifier Actions
Feature #1585: unix-socket: improve information regarding ruleset Actions
Feature #1600: flash file decompression for file_data Actions
Feature #1678: open umask settings or make them configurable Actions
Feature #1948: allow filestore name configuration options Actions
Feature #1949: only write unique files Actions
Feature #2020: eve: add body of signature to eve.json alert Actions
Feature #2062: tls: reimplement tls.fingerprint Actions
Feature #2076: Strip whitespace from buffers Actions
Feature #2086: DNS answer for a NS containing multiple name servers should only be one line Actions
Feature #2142: filesize: support other units than only bytes Actions
Feature #2192: JA3 TLS client fingerprinting Actions
Feature #2199: DNS answer events compacted Actions
Feature #2222: Batch submission of PCAPs over the socket Actions
Feature #2253: Log rule metadata in alert event Actions
Feature #2285: modify memcaps over unix socket Actions
Feature #2295: decoder: support PCAP LINKTYPE_IPV4 Actions
Feature #2299: pcap: read directory with pcaps from the commandline Actions
Feature #2303: file-store enhancements (aka file-store v2): deduplication; hash-based naming; json metadata and cleanup tooling Actions
Feature #2352: eve: add "metadata" field to alert (rework of vars) Actions
Feature #2382: deprecate: CUDA support Actions
Feature #2399: eBPF and XDP bypass for AF_PACKET capture method Actions
Feature #2464: tftp logging Actions
Optimization #2193: random: support getrandom(2) if available Actions
Optimization #2302: rule parsing: faster parsing by not using pcre Actions
Security #2427: Suricata 3.x.x and 4.x.x do not parse HTTP responses if tcp data was sent before 3-way-handshake completed Actions

Also available in: TXT