Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort 2.9.9.0 has been released!

From: Snort Releases <snortreleases () snort org>
Date: Wed, 14 Dec 2016 12:04:46 -0500
Please join the Snort team as we welcome the addition of Snort 2.9.9.0 to General Availability!
Snort 2.9.9.0 can be downloaded from the usual location on Snort.org <https://snort.org/downloads/>.
The new keywords, when they are used, will cause older versions of Snort to fail. /(Meaning, you cannot use 2.9.9.0 rules in 2.9.8.3 and below, once those keywords are used.)/ 

Below are the release notes:

Snort 2.9.9.0
[*] New additions

 *  New rule option for byte_math. See the Snort manual for details.
* Added bitmask and from_end operations to byte_test. See the Snort manual for details. * Added a Buffer Dump utility to trace all of the buffers used by snort during inspection. - Enable this by --enable-buffer-dump option to configure prior to building. See the Snort manual for details. * Added new HTTP preprocessor alerts to detect multiple content encoding and multiple content length. 
 *  Added support for SMTP Traffic detection over SSL (SMTPS).

[*] Improvements
* Fixed an issue which reduces extra service discovery to improve performance. 
 *  Fixed multiple issues in AppID.
      - Reconstructed the call to port-service detection.
- Fixed issue where AppId for Facebook over SPDY/HTTP 1.1 was incorrect. - Preventing third-party application identification for expected connections. 
 *  Stability improvement for Stream preprocessor.
- Addressed incorrect flushing of packets whose size is greater than MAXIMUM_PAF_MAX. - Fixed an issue where incorrect length argument in memcpy caused out of bound memory access. 
 *  Fixed multiple issues in HttpInspect preprocessor.
      - Handling chunk encoding followed by \r\r\r\n and \n\n\n\r\r\n.
      - Fixed an issue with LZMA flash decompression.
 *  Fixed mime data processing issue in SMTP stateless inspection.
* Added support to decode packets that contains VLAN with Secure Group Tag (SGT). * Fixed Issue related to DLL-Load in Snort on windows platforms for CVE-2016-1417.
The Snort Team would like to thank the following for their contributions in the Snort 2.9.9.0 release: 

Secureworks
Marcel da Silva
Al Lewis
Steffen Ullrich
As always, join the conversation over on the Snort-Users list <https://snort.org/community> for any installation or upgrade assistance! 

Thank you,

The Snort Team


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: