"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "ChangeLog" between
snort-2.9.16.1.tar.gz and snort-2.9.17.tar.gz

About: Snort is a network intrusion prevention and detection system (IDS/IPS) combining the benefits of signature, protocol and anomaly-based inspection.

ChangeLog  (snort-2.9.16.1):ChangeLog  (snort-2.9.17)
2020-10-30 Divakar Y <divakyad@cisco.com>
snort 2.9.17
* src/preprocessors/Stream6/snort_stream_tcp.c,
src/preprocessors/spp_stream6.c :
Fixed Memory leak in reassembly networks and ports config during reload
.
* src/file-process/file_resume_block.c,
src/file-process/file_service.c,
src/file-process/file_lib.c,
src/file-process/file_lib.h :
Fixed resume-block for SMBv2 partial content retry and pending verdicts
.
* src/win32/WIN32-Prj/snort_installer.nsi :
Added user visible message to choose 4.1.1 or any higher version of win
pcap, in windows 32 installer.
* src/win32/WIN32-Prj/snort_installer_x64.nsi,
src/win32/WIN32-Prj/snort_installer.nsi :
Fixed popup message that was not honoring windows silent uninstaller op
tion.
* src/preprocessors/snort_httpinspect.c :
Fix to populate original client IP for drop events, when inline normali
zation is disabled.
* src/dynamic-preprocessors/appid/luaDetectorApi.c :
Fixed AppID caching proxy IP instead of tunneled IP in the dynamic cach
e during ultrasurf traffic.
* src/detection-plugins/sp_react.c,
src/dynamic-preprocessors/sdf/spp_sdf.c,
src/parser.c,
src/preprocessors/Stream6/snort_stream_tcp.c,
tools/u2streamer/Unified2File.c,
src/dynamic-preprocessors/appid/luaDetectorApi.c,
src/dynamic-preprocessors/appid/appInfoTable.c,
snort/src/dynamic-plugins/sf_dynamic_plugins.c,
src/memory_stats.c,
src/sfutil/sfportobject.c,
src/snort.h :
Fixed multiple static analysis issues.
* src/dynamic-preprocessors/appid/appInfoTable.c :
Fixed a potential race condition.
* configure.in,
src/reload.c :
Fix to not rely on the last-modified-time for loading the dynamic detec
tion libs.
* src/dynamic-preprocessors/appid/detector_plugins/detector_smtp.c,
src/file-process/file_capture.c,
src/file-process/file_resume_block.c,
src/file-process/file_segment_process.c,
src/file-process/file_service.c :
Added debug messages in file-process packet flow.
* src/dynamic-preprocessors/appid/detector_plugins/detector_smtp.c :
Fix to address cases of ambiguous codes between SMTP & FTP and when SMT
P server does not support EHLO.
* src/file-process/file_segment_process.c :
Fixed issue of generating multiple events for a single file transfer ov
er SMB.
* src/dynamic-preprocessors/appid/appIdConfig.h,
src/dynamic-preprocessors/appid/appInfoTable.c,
src/dynamic-preprocessors/appid/appInfoTable.h,
src/dynamic-preprocessors/appid/flow.h,
src/dynamic-preprocessors/appid/fw_appid.c,
src/dynamic-preprocessors/appid/flow.h :
Fixed false positives for ultrasurf.
* src/dynamic-preprocessors/sip/spp_sip.c :
Fixed SIP pre-processor to detect SSL encrypted SIP traffic better.
* src/dynamic-preprocessors/appid/luaDetectorApi.c,
etc/gen-msg.map,
preproc_rules/preprocessor.rules,
src/file-process/file_service.c,
src/generators.h,
src/preprocessors/HttpInspect/client/hi_client.c,
src/preprocessors/HttpInspect/event_output/hi_eo_log.c,
src/preprocessors/HttpInspect/include/hi_client.h,
src/preprocessors/HttpInspect/include/hi_eo_events.h,
src/preprocessors/HttpInspect/include/hi_server.h,
src/preprocessors/HttpInspect/server/hi_server.c,
src/preprocessors/snort_httpinspect.c,
src/preprocessors/snort_httpinspect.h :
Added support for HTTP range field parsing to detect if HTTP response/r
equest is indeed partial or full content.
* src/preprocessors/spp_session.c :
Fixed TCP memcap oversize.
* src/dynamic-preprocessors/dcerpc2/dce2_stats.h,
src/dynamic-preprocessors/dcerpc2/snort_dce2.c,
src/dynamic-preprocessors/dcerpc2/spp_dce2.c,
src/dynamic-preprocessors/ftptelnet/ftpp_si.c,
src/dynamic-preprocessors/ftptelnet/pp_ftp.c,
src/dynamic-preprocessors/ftptelnet/spp_ftptelnet.c,
src/dynamic-preprocessors/ftptelnet/spp_ftptelnet.h,
src/preprocessors/HttpInspect/client/hi_client.c,
src/preprocessors/HttpInspect/client/hi_client_norm.c,
src/preprocessors/HttpInspect/include/hi_include.h,
src/preprocessors/HttpInspect/include/hi_paf.h,
src/preprocessors/HttpInspect/utils/hi_paf.c,
src/preprocessors/Stream6/snort_stream_icmp.c,
src/preprocessors/Stream6/snort_stream_icmp.h,
src/preprocessors/Stream6/snort_stream_ip.c,
src/preprocessors/Stream6/snort_stream_ip.h,
src/preprocessors/Stream6/snort_stream_tcp.c,
src/preprocessors/Stream6/snort_stream_tcp.h,
src/preprocessors/Stream6/snort_stream_udp.c,
src/preprocessors/Stream6/snort_stream_udp.h,
src/preprocessors/Stream6/stream_common.h,
src/preprocessors/snort_httpinspect.c,
src/preprocessors/snort_httpinspect.h,
src/preprocessors/spp_httpinspect.c,
src/preprocessors/spp_httpinspect.h,
src/preprocessors/spp_stream6.c,
src/dynamic-preprocessors/appid/fw_appid.c,
src/dynamic-preprocessors/appid/fw_appid.h,
src/dynamic-preprocessors/appid/spp_appid.c :
Enhanced statistics dumped during snort exit and SIGUSR1.
* src/dynamic-preprocessors/imap/imap_paf.c,
src/dynamic-preprocessors/imap/snort_imap.h,
src/dynamic-preprocessors/pop/pop_paf.c,
src/dynamic-preprocessors/pop/snort_pop.h,
src/dynamic-preprocessors/sip/spp_sip.h,
src/dynamic-preprocessors/smtp/smtp_paf.c,
src/dynamic-preprocessors/smtp/snort_smtp.h,
src/dynamic-preprocessors/appid/flow.h,
src/dynamic-preprocessors/appid/service_plugins/service_ssl.c,
src/dynamic-preprocessors/dcerpc2/dce2_list.h,
src/dynamic-preprocessors/ftptelnet/ftpp_si.h,
src/file-process/file_segment_process.h,
src/file-process/libs/file_lib.h,
src/preprocessors/sip_common.h,
src/preprocessors/snort_httpinspect.h :
Optimized structures in several preprocessors.
* src/dynamic-preprocessors/dcerpc2/dce2_smb.c,
src/dynamic-preprocessors/dcerpc2/dce2_smb.h
src/file-process/file_service.c :
Fixed SMBv1 file block for pending verdict retry packets.
* src/dynamic-preprocessors/dcerpc2/dce2_smb.c :
Fixed SMBv1 unknown file size upload block.
* src/detect.c,
src/detect.h,
src/parser.c,
src/parser.h,
src/preprocessors/Session/session_common.h,
src/preprocessors/Stream6/snort_stream_udp.c,
src/preprocessors/Stream6/snort_stream_udp.h,
src/preprocessors/spp_stream6.c,
src/preprocessors/Stream6/stream_common.c,
src/preprocessors/Stream6/stream_common.h,
src/preprocessors/spp_stream6.c,
src/reload.c,
src/snort.c,
src/snort.h :
Fixed incorrect filtering of UDP traffic when "ignore_any_rules" is con
figured.
* src/detection-plugins/sp_session.c,
src/detection-plugins/sp_session.h,
src/sfutil/util_jsnorm.c :
Fixed GCC 10.1.1 compilation issues.
* src/decode.c,
src/decode.h,
src/log_text.c,
src/log.c,
src/preprocessors/Stream6/snort_stream_tcp.c :
Added support to detect TCP Fast Open packets.
* src/preprocessors/Stream6/snort_stream_tcp.c :
Fixed TCP segment queue hole issue as per the RFC793 recommendation for
OOO Ack packet handling.
* src/detection-plugins/detection_leaf_node.c,
src/detection-plugins/detection_options.c,
src/dynamic-preprocessors/appid/appInfoTable.c,
src/dynamic-preprocessors/appid/fw_appid.c,
src/dynamic-preprocessors/appid/service_plugins/service_base.c,
src/dynamic-preprocessors/appid/service_plugins/service_ftp.c,
src/dynamic-preprocessors/appid/service_plugins/service_rexec.c,
src/dynamic-preprocessors/appid/service_plugins/service_rpc.c,
src/dynamic-preprocessors/appid/service_plugins/service_rshell.c,
src/dynamic-preprocessors/appid/service_plugins/service_snmp.c,
src/dynamic-preprocessors/appid/service_plugins/service_tftp.c,
src/dynamic-preprocessors/ftptelnet/ftpp_si.c,
src/dynamic-preprocessors/ftptelnet/pp_ftp.c,
src/dynamic-preprocessors/ftptelnet/snort_ftptelnet.c,
src/dynamic-preprocessors/ftptelnet/spp_ftptelnet.c,
src/fpcreate.c,
src/parser.c,
src/preprocessors/Session/session_common.h,
src/preprocessors/spp_session.c,
src/reload.c,
src/snort.c :
Fixed build when some configure options were disabled.
* src/detection-plugins/sp_byte_math.c :
Fixed byte_math operation for multiplication integer overflow.
* src/dynamic-preprocessors/appid/appId.h,
src/dynamic-preprocessors/appid/service_plugins/service_ssl.c :
Fix to include 853 port in SSL detector for DNS over TLS runs on SSL.
* src/dynamic-plugins/sf_dynamic_plugins.c,
src/dynamic-plugins/sf_dynamic_preprocessor.h,
src/dynamic-preprocessors/appid/Makefile_defs,
src/dynamic-preprocessors/appid/luaDetectorApi.c,
src/dynamic-preprocessors/appid/util/common_util.h :
Fix for excessive logging of lua detector invalid LUA (null).
* snort/src/detection-plugins/sp_byte_check.c,
src/detection-plugins/sp_byte_extract.c,
src/detection-plugins/sp_byte_jump.c,
src/detection-plugins/sp_byte_math.c,
src/detection-plugins/sp_byte_math.h,
src/detection-plugins/sp_isdataat.c,
src/detection-plugins/sp_pattern_match.c :
Added support for allowing common names across rule options.
* src/memory_stats.c :
Removed a redundant log.
* spp_sip.c :
Fixed handling encrypted traffic by SIP preprocessor.
* snort/configure.in,
snort/doc/README.s7commplus,
snort/etc/sf_rule_options,
snort/etc/sf_rule_validation.conf,
snort/src/dynamic-preprocessors/Makefile.am,
snort/src/dynamic-preprocessors/s7commplus/Makefile.am,
snort/src/dynamic-preprocessors/s7commplus/s7comm_decode.c,
snort/src/dynamic-preprocessors/s7commplus/s7comm_decode.h,
snort/src/dynamic-preprocessors/s7commplus/s7comm_paf.c,
snort/src/dynamic-preprocessors/s7commplus/s7comm_paf.h,
snort/src/dynamic-preprocessors/s7commplus/s7comm_roptions.c,
snort/src/dynamic-preprocessors/s7commplus/s7comm_roptions.h,
snort/src/dynamic-preprocessors/s7commplus/spp_s7comm.c,
snort/src/dynamic-preprocessors/s7commplus/spp_s7comm.h,
snort/src/generators.h,
snort/src/preprocids.h :
Added support for s7Commplus protocol.
* src/preprocessors/Stream6/snort_stream_tcp.c :
Fixed out of order FIN packet leading to segment trimming.
* src/output-plugins/spo_unified2.c,
src/preprocessors/Stream6/snort_stream_tcp.c :
Fix to populate original IP in dropped events when inline normalization
is enabled.
* snort/src/sfutil/sf_ip.h :
Fixed compiler warnings.
* src/dynamic-preprocessors/appid/detector_plugins/detector_dns.c :
Fixed DNS application detector failing to detect DNS traffic in some sc
enarios.
2020-07-24 Hariharan Chandrashekar <harchand@cisco.com> 2020-07-24 Hariharan Chandrashekar <harchand@cisco.com>
snort 2.9.16.1 snort 2.9.16.1
* src/dynamic-preprocessors/appid/appIdConfig.h, * src/dynamic-preprocessors/appid/appIdConfig.h,
src/dynamic-preprocessors/appid/appInfoTable.c, src/dynamic-preprocessors/appid/appInfoTable.c,
src/dynamic-preprocessors/appid/flow.h, src/dynamic-preprocessors/appid/flow.h,
src/dynamic-preprocessors/appid/fw_appid.c : src/dynamic-preprocessors/appid/fw_appid.c :
Added packet counters to make sure flows with one-way data don't pend f orever. Added packet counters to make sure flows with one-way data don't pend f orever.
* src/detection-plugins/sp_flowbits.c, * src/detection-plugins/sp_flowbits.c,
 End of changes. 1 change blocks. 
0 lines changed or deleted 272 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)