Skip to content

Commit

Permalink
release: 7.0.4; update changelog
Browse files Browse the repository at this point in the history
  • Loading branch information
inashivb committed Mar 19, 2024
1 parent c0b9ddb commit d8bad3b
Show file tree
Hide file tree
Showing 3 changed files with 39 additions and 5 deletions.
34 changes: 34 additions & 0 deletions ChangeLog
Original file line number Diff line number Diff line change
@@ -1,3 +1,37 @@
7.0.4 -- 2024-03-19

Security #6868: eve: excessive ssh long banner logging (7.0.x backport)(CVE 2024-28870)
Security #6801: ssh: quadratic complexity in overlong banner (7.0.x backport)(CVE 2024-28870)
Security #6759: libhtp: quadratic complexity checking after request line mission protocol (7.0.x backport)(CVE 2024-28871)
Security #6798: output/filestore: timeout because of running OutputTxLog on useless packets (7.0.x backport)
Bug #6842: Error message from netmap when using Netmap pipes (with lb) (7.0.x backport)
Bug #6828: dpdk: NUMA warning on non-NUMA system (7.0.x backport)
Bug #6816: capture plugins: capture plugins unusable due to initialization order (7.0.x backport)
Bug #6812: pfring: memory leak (7.0.x backport)
Bug #6810: decode/pppoe: Suspicious pointer scaling (7.0.x backport)
Bug #6791: cppcheck 2.11 errors (7.0.x backport)
Bug #6785: detect/tls.certs: direction flag checked against wrong field (7.0.x backport)
Bug #6784: util/mime: Memory leak at util-decode-mime.c:MimeDecInitParser (7.0.x backport)
Bug #6768: multi-tenancy: dead lock during tenant loading (7.0.x backport)
Bug #6765: Hugepages Error for FreeBSD when kernel NUMA build option is not enabled (7.0.x backport)
Bug #6764: Huge increase on Suricata load time with a lot of ip-only rules and bigger HOME_NET (7.0.x backport)
Bug #6761: Hugepages Error for ARM64 and af-packet IPS mode (7.0.x backport)
Bug #6756: Netmap: deadlock if netmap_open fails (7.0.x backport)
Bug #6746: Suricata 7.0.2 parent interface object in stats contains VLAN-ID as keys (7.0.x backport)
Bug #6742: dpdk: automatic cache calculation is broken (7.0.x backport)
Bug #6738: dpdk: property configuration can lead to integer overflow (7.0.x backport)
Bug #6734: tcp: tcp flow flags changing incorrectly when ruleset contains content matching (7.0.x backport)
Bug #6622: detect/filestore: flow, to_server was broken by moving files into transactions (7.0.x backport)
Bug #6593: mqtt: frames on TCP are not set properly when parsing multiple PDUs in one go (7.0.x backport)
Bug #6580: ssh: no alert on packet with Message Code: New Keys (21) (7.0.x backport)
Bug #6538: drop: assertion failed !(PKT_IS_PSEUDOPKT(p)) && !PacketCheckAction(p, ACTION_DROP) (7.0.x backport)
Bug #6537: detect/filestore: be more explicit about the U16_MAX limit per signature group head (7.0.x backport)
Optimization #6774: app-layer/template: no limit on txs number (7.0.x backport)
Feature #6740: dpdk: warn the user if user-settings are adjusted to the device capabilities (7.0.x backport)
Task #6870: libhtp 0.5.47 (7.0.x backport)
Task #6749: doc: mention X710 RX descriptor limitation (7.0.x backport)
Documentation #6709: userguide/payload: fix explanation about bsize ranges (7.0.x backport)

7.0.3 -- 2024-02-08

Security #6717: http2: evasion by splitting header fields over frames (7.0.x backport)
Expand Down
6 changes: 3 additions & 3 deletions configure.ac
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
AC_INIT([suricata],[7.0.4-dev])
AC_INIT([suricata],[7.0.4])
m4_ifndef([AM_SILENT_RULES], [m4_define([AM_SILENT_RULES],[])])AM_SILENT_RULES([yes])
AC_CONFIG_HEADERS([src/autoconf.h])
AC_CONFIG_SRCDIR([src/suricata.c])
Expand Down Expand Up @@ -1575,12 +1575,12 @@
echo
exit 1
fi
PKG_CHECK_MODULES(LIBHTPMINVERSION, [htp >= 0.5.46],[libhtp_minver_found="yes"],[libhtp_minver_found="no"])
PKG_CHECK_MODULES(LIBHTPMINVERSION, [htp >= 0.5.47],[libhtp_minver_found="yes"],[libhtp_minver_found="no"])
if test "$libhtp_minver_found" = "no"; then
PKG_CHECK_MODULES(LIBHTPDEVVERSION, [htp = 0.5.X],[libhtp_devver_found="yes"],[libhtp_devver_found="no"])
if test "$libhtp_devver_found" = "no"; then
echo
echo " ERROR! libhtp was found but it is neither >= 0.5.46, nor the dev 0.5.X"
echo " ERROR! libhtp was found but it is neither >= 0.5.47, nor the dev 0.5.X"
echo
exit 1
fi
Expand Down
4 changes: 2 additions & 2 deletions requirements.txt
Original file line number Diff line number Diff line change
Expand Up @@ -3,5 +3,5 @@
# Format:
#
# name {repo} {branch|tag}
libhtp https://github.com/OISF/libhtp 0.5.x
suricata-update https://github.com/OISF/suricata-update master
libhtp https://github.com/OISF/libhtp 0.5.47
suricata-update https://github.com/OISF/suricata-update 1.3.2

0 comments on commit d8bad3b

Please sign in to comment.