"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "ChangeLog" between
snort-2.9.16.1.tar.gz and snort-2.9.17.tar.gz

About: Snort is a network intrusion prevention and detection system (IDS/IPS) combining the benefits of signature, protocol and anomaly-based inspection.

[ To the main snort source changes report ]

ChangeLog  (snort-2.9.16.1):ChangeLog  (snort-2.9.17)
2020-10-30 Divakar Y <divakyad@cisco.com>
snort 2.9.17
* src/preprocessors/Stream6/snort_stream_tcp.c,
src/preprocessors/spp_stream6.c :
Fixed Memory leak in reassembly networks and ports config during reload
.
* src/file-process/file_resume_block.c,
src/file-process/file_service.c,
src/file-process/file_lib.c,
src/file-process/file_lib.h :
Fixed resume-block for SMBv2 partial content retry and pending verdicts
.
* src/win32/WIN32-Prj/snort_installer.nsi :
Added user visible message to choose 4.1.1 or any higher version of win
pcap, in windows 32 installer.
* src/win32/WIN32-Prj/snort_installer_x64.nsi,
src/win32/WIN32-Prj/snort_installer.nsi :
Fixed popup message that was not honoring windows silent uninstaller op
tion.
* src/preprocessors/snort_httpinspect.c :
Fix to populate original client IP for drop events, when inline normali
zation is disabled.
* src/dynamic-preprocessors/appid/luaDetectorApi.c :
Fixed AppID caching proxy IP instead of tunneled IP in the dynamic cach
e during ultrasurf traffic.
* src/detection-plugins/sp_react.c,
src/dynamic-preprocessors/sdf/spp_sdf.c,
src/parser.c,
src/preprocessors/Stream6/snort_stream_tcp.c,
tools/u2streamer/Unified2File.c,
src/dynamic-preprocessors/appid/luaDetectorApi.c,
src/dynamic-preprocessors/appid/appInfoTable.c,
snort/src/dynamic-plugins/sf_dynamic_plugins.c,
src/memory_stats.c,
src/sfutil/sfportobject.c,
src/snort.h :
Fixed multiple static analysis issues.
* src/dynamic-preprocessors/appid/appInfoTable.c :
Fixed a potential race condition.
* configure.in,
src/reload.c :
Fix to not rely on the last-modified-time for loading the dynamic detec
tion libs.
* src/dynamic-preprocessors/appid/detector_plugins/detector_smtp.c,
src/file-process/file_capture.c,
src/file-process/file_resume_block.c,
src/file-process/file_segment_process.c,
src/file-process/file_service.c :
Added debug messages in file-process packet flow.
* src/dynamic-preprocessors/appid/detector_plugins/detector_smtp.c :
Fix to address cases of ambiguous codes between SMTP & FTP and when SMT
P server does not support EHLO.
* src/file-process/file_segment_process.c :
Fixed issue of generating multiple events for a single file transfer ov
er SMB.
* src/dynamic-preprocessors/appid/appIdConfig.h,
src/dynamic-preprocessors/appid/appInfoTable.c,
src/dynamic-preprocessors/appid/appInfoTable.h,
src/dynamic-preprocessors/appid/flow.h,
src/dynamic-preprocessors/appid/fw_appid.c,
src/dynamic-preprocessors/appid/flow.h :
Fixed false positives for ultrasurf.
* src/dynamic-preprocessors/sip/spp_sip.c :
Fixed SIP pre-processor to detect SSL encrypted SIP traffic better.
* src/dynamic-preprocessors/appid/luaDetectorApi.c,
etc/gen-msg.map,
preproc_rules/preprocessor.rules,
src/file-process/file_service.c,
src/generators.h,
src/preprocessors/HttpInspect/client/hi_client.c,
src/preprocessors/HttpInspect/event_output/hi_eo_log.c,
src/preprocessors/HttpInspect/include/hi_client.h,
src/preprocessors/HttpInspect/include/hi_eo_events.h,
src/preprocessors/HttpInspect/include/hi_server.h,
src/preprocessors/HttpInspect/server/hi_server.c,
src/preprocessors/snort_httpinspect.c,
src/preprocessors/snort_httpinspect.h :
Added support for HTTP range field parsing to detect if HTTP response/r
equest is indeed partial or full content.
* src/preprocessors/spp_session.c :
Fixed TCP memcap oversize.
* src/dynamic-preprocessors/dcerpc2/dce2_stats.h,
src/dynamic-preprocessors/dcerpc2/snort_dce2.c,
src/dynamic-preprocessors/dcerpc2/spp_dce2.c,
src/dynamic-preprocessors/ftptelnet/ftpp_si.c,
src/dynamic-preprocessors/ftptelnet/pp_ftp.c,
src/dynamic-preprocessors/ftptelnet/spp_ftptelnet.c,
src/dynamic-preprocessors/ftptelnet/spp_ftptelnet.h,
src/preprocessors/HttpInspect/client/hi_client.c,
src/preprocessors/HttpInspect/client/hi_client_norm.c,
src/preprocessors/HttpInspect/include/hi_include.h,
src/preprocessors/HttpInspect/include/hi_paf.h,
src/preprocessors/HttpInspect/utils/hi_paf.c,
src/preprocessors/Stream6/snort_stream_icmp.c,
src/preprocessors/Stream6/snort_stream_icmp.h,
src/preprocessors/Stream6/snort_stream_ip.c,
src/preprocessors/Stream6/snort_stream_ip.h,
src/preprocessors/Stream6/snort_stream_tcp.c,
src/preprocessors/Stream6/snort_stream_tcp.h,
src/preprocessors/Stream6/snort_stream_udp.c,
src/preprocessors/Stream6/snort_stream_udp.h,
src/preprocessors/Stream6/stream_common.h,
src/preprocessors/snort_httpinspect.c,
src/preprocessors/snort_httpinspect.h,
src/preprocessors/spp_httpinspect.c,
src/preprocessors/spp_httpinspect.h,
src/preprocessors/spp_stream6.c,
src/dynamic-preprocessors/appid/fw_appid.c,
src/dynamic-preprocessors/appid/fw_appid.h,
src/dynamic-preprocessors/appid/spp_appid.c :
Enhanced statistics dumped during snort exit and SIGUSR1.
* src/dynamic-preprocessors/imap/imap_paf.c,
src/dynamic-preprocessors/imap/snort_imap.h,
src/dynamic-preprocessors/pop/pop_paf.c,
src/dynamic-preprocessors/pop/snort_pop.h,
src/dynamic-preprocessors/sip/spp_sip.h,
src/dynamic-preprocessors/smtp/smtp_paf.c,
src/dynamic-preprocessors/smtp/snort_smtp.h,
src/dynamic-preprocessors/appid/flow.h,
src/dynamic-preprocessors/appid/service_plugins/service_ssl.c,
src/dynamic-preprocessors/dcerpc2/dce2_list.h,
src/dynamic-preprocessors/ftptelnet/ftpp_si.h,
src/file-process/file_segment_process.h,
src/file-process/libs/file_lib.h,
src/preprocessors/sip_common.h,
src/preprocessors/snort_httpinspect.h :
Optimized structures in several preprocessors.
* src/dynamic-preprocessors/dcerpc2/dce2_smb.c,
src/dynamic-preprocessors/dcerpc2/dce2_smb.h
src/file-process/file_service.c :
Fixed SMBv1 file block for pending verdict retry packets.
* src/dynamic-preprocessors/dcerpc2/dce2_smb.c :
Fixed SMBv1 unknown file size upload block.
* src/detect.c,
src/detect.h,
src/parser.c,
src/parser.h,
src/preprocessors/Session/session_common.h,
src/preprocessors/Stream6/snort_stream_udp.c,
src/preprocessors/Stream6/snort_stream_udp.h,
src/preprocessors/spp_stream6.c,
src/preprocessors/Stream6/stream_common.c,
src/preprocessors/Stream6/stream_common.h,
src/preprocessors/spp_stream6.c,
src/reload.c,
src/snort.c,
src/snort.h :
Fixed incorrect filtering of UDP traffic when "ignore_any_rules" is con
figured.
* src/detection-plugins/sp_session.c,
src/detection-plugins/sp_session.h,
src/sfutil/util_jsnorm.c :
Fixed GCC 10.1.1 compilation issues.
* src/decode.c,
src/decode.h,
src/log_text.c,
src/log.c,
src/preprocessors/Stream6/snort_stream_tcp.c :
Added support to detect TCP Fast Open packets.
* src/preprocessors/Stream6/snort_stream_tcp.c :
Fixed TCP segment queue hole issue as per the RFC793 recommendation for
OOO Ack packet handling.
* src/detection-plugins/detection_leaf_node.c,
src/detection-plugins/detection_options.c,
src/dynamic-preprocessors/appid/appInfoTable.c,
src/dynamic-preprocessors/appid/fw_appid.c,
src/dynamic-preprocessors/appid/service_plugins/service_base.c,
src/dynamic-preprocessors/appid/service_plugins/service_ftp.c,
src/dynamic-preprocessors/appid/service_plugins/service_rexec.c,
src/dynamic-preprocessors/appid/service_plugins/service_rpc.c,
src/dynamic-preprocessors/appid/service_plugins/service_rshell.c,
src/dynamic-preprocessors/appid/service_plugins/service_snmp.c,
src/dynamic-preprocessors/appid/service_plugins/service_tftp.c,
src/dynamic-preprocessors/ftptelnet/ftpp_si.c,
src/dynamic-preprocessors/ftptelnet/pp_ftp.c,
src/dynamic-preprocessors/ftptelnet/snort_ftptelnet.c,
src/dynamic-preprocessors/ftptelnet/spp_ftptelnet.c,
src/fpcreate.c,
src/parser.c,
src/preprocessors/Session/session_common.h,
src/preprocessors/spp_session.c,
src/reload.c,
src/snort.c :
Fixed build when some configure options were disabled.
* src/detection-plugins/sp_byte_math.c :
Fixed byte_math operation for multiplication integer overflow.
* src/dynamic-preprocessors/appid/appId.h,
src/dynamic-preprocessors/appid/service_plugins/service_ssl.c :
Fix to include 853 port in SSL detector for DNS over TLS runs on SSL.
* src/dynamic-plugins/sf_dynamic_plugins.c,
src/dynamic-plugins/sf_dynamic_preprocessor.h,
src/dynamic-preprocessors/appid/Makefile_defs,
src/dynamic-preprocessors/appid/luaDetectorApi.c,
src/dynamic-preprocessors/appid/util/common_util.h :
Fix for excessive logging of lua detector invalid LUA (null).
* snort/src/detection-plugins/sp_byte_check.c,
src/detection-plugins/sp_byte_extract.c,
src/detection-plugins/sp_byte_jump.c,
src/detection-plugins/sp_byte_math.c,
src/detection-plugins/sp_byte_math.h,
src/detection-plugins/sp_isdataat.c,
src/detection-plugins/sp_pattern_match.c :
Added support for allowing common names across rule options.
* src/memory_stats.c :
Removed a redundant log.
* spp_sip.c :
Fixed handling encrypted traffic by SIP preprocessor.
* snort/configure.in,
snort/doc/README.s7commplus,
snort/etc/sf_rule_options,
snort/etc/sf_rule_validation.conf,
snort/src/dynamic-preprocessors/Makefile.am,
snort/src/dynamic-preprocessors/s7commplus/Makefile.am,
snort/src/dynamic-preprocessors/s7commplus/s7comm_decode.c,
snort/src/dynamic-preprocessors/s7commplus/s7comm_decode.h,
snort/src/dynamic-preprocessors/s7commplus/s7comm_paf.c,
snort/src/dynamic-preprocessors/s7commplus/s7comm_paf.h,
snort/src/dynamic-preprocessors/s7commplus/s7comm_roptions.c,
snort/src/dynamic-preprocessors/s7commplus/s7comm_roptions.h,
snort/src/dynamic-preprocessors/s7commplus/spp_s7comm.c,
snort/src/dynamic-preprocessors/s7commplus/spp_s7comm.h,
snort/src/generators.h,
snort/src/preprocids.h :
Added support for s7Commplus protocol.
* src/preprocessors/Stream6/snort_stream_tcp.c :
Fixed out of order FIN packet leading to segment trimming.
* src/output-plugins/spo_unified2.c,
src/preprocessors/Stream6/snort_stream_tcp.c :
Fix to populate original IP in dropped events when inline normalization
is enabled.
* snort/src/sfutil/sf_ip.h :
Fixed compiler warnings.
* src/dynamic-preprocessors/appid/detector_plugins/detector_dns.c :
Fixed DNS application detector failing to detect DNS traffic in some sc
enarios.
2020-07-24 Hariharan Chandrashekar <harchand@cisco.com> 2020-07-24 Hariharan Chandrashekar <harchand@cisco.com>
snort 2.9.16.1 snort 2.9.16.1
* src/dynamic-preprocessors/appid/appIdConfig.h, * src/dynamic-preprocessors/appid/appIdConfig.h,
src/dynamic-preprocessors/appid/appInfoTable.c, src/dynamic-preprocessors/appid/appInfoTable.c,
src/dynamic-preprocessors/appid/flow.h, src/dynamic-preprocessors/appid/flow.h,
src/dynamic-preprocessors/appid/fw_appid.c : src/dynamic-preprocessors/appid/fw_appid.c :
Added packet counters to make sure flows with one-way data don't pend f orever. Added packet counters to make sure flows with one-way data don't pend f orever.
* src/detection-plugins/sp_flowbits.c, * src/detection-plugins/sp_flowbits.c,
 End of changes. 1 change blocks. 
0 lines changed or deleted 272 lines changed or added
To the Change Logs section of the snort source changes report or the top of this page
Mainly generated by pkgdiff using rfcdiff
Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)