From patchwork Wed Mar 19 16:16:22 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Matthias Fischer <matthias.fischer@ipfire.org>
X-Patchwork-Id: 8542
Return-Path: <development+bounces-68-patchwork=ipfire.org@lists.ipfire.org>
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1)
	 client-signature RSA-PSS (4096 bits))
	(Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK))
	by web04.haj.ipfire.org (Postfix) with ESMTPS id 4ZHv3T3mq1z3xKW
	for <patchwork@web04.haj.ipfire.org>; Wed, 19 Mar 2025 16:16:37 +0000 (UTC)
Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits)
	 client-signature ECDSA (secp384r1))
	(Client CN "mail02.haj.ipfire.org", Issuer "E5" (verified OK))
	by mail01.ipfire.org (Postfix) with ESMTPS id 4ZHv3T36Plz5h3
	for <patchwork@ipfire.org>; Wed, 19 Mar 2025 16:16:37 +0000 (UTC)
Received: from mail02.haj.ipfire.org (localhost [127.0.0.1])
	by mail02.haj.ipfire.org (Postfix) with ESMTP id 4ZHv3T2Mn5z330p
	for <patchwork@ipfire.org>; Wed, 19 Mar 2025 16:16:37 +0000 (UTC)
X-Original-To: development@lists.ipfire.org
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1)
	 client-signature RSA-PSS (4096 bits))
	(Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK))
	by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4ZHv3Q1knyz32yq
	for <development@lists.ipfire.org>; Wed, 19 Mar 2025 16:16:34 +0000 (UTC)
Received: from [127.0.0.1] (localhost [127.0.0.1])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest
 SHA256)
	(No client certificate requested)
	by mail01.ipfire.org (Postfix) with ESMTPSA id 4ZHv3P5DBqz5VL
	for <development@lists.ipfire.org>; Wed, 19 Mar 2025 16:16:33 +0000 (UTC)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org;
	s=202003ed25519; t=1742400993;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=BUG5n904L3qp+NFprFiqJ9i6aevt8y3Muylx5wO4Yps=;
	b=RVyGgKFuS7URjhHxvAgQ9ihTN4bcA/Li0B9qkLwnNg0mVQ8GyeMp/b5xZY0z3uE87xBLT5
	ja4abStFNJrFwrAw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org;
 s=202003rsa;
	t=1742400993;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=BUG5n904L3qp+NFprFiqJ9i6aevt8y3Muylx5wO4Yps=;
	b=bVr9r5hRuMc6lz42fiWVUVVNeA/inBnVrRVfEDRMrop03RhVKmYGqI+66az5/hb9zXqure
	gMKmhrRZdrfkwf08oWuK6OKkbtYLXwcNFwJGZ5+XeHEkKB2/3KDagSHn/41FFzmVy2TYzT
	pQWyUDJglXzOI9x7AuivAHxbOcTx3u8D/JByV7W+U+6n3JBirKMCrxLRX+xRIbCoRQgsMh
	7DAoCo5szCNpCVcNkSN6Gyp1Nkun3OCcFtqM5fcGPLmfu/BVpkVRYAT7GZJw2pjHf6buh6
	rSVhQ7GefvmUctm4vyVsopWWCZ/Z33F1U9lm8C4wGBvX9K/WunvKYtNduHYapg==
From: Matthias Fischer <matthias.fischer@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH 2/2] suricata: Update to 7.0.9
Date: Wed, 19 Mar 2025 17:16:22 +0100
Message-ID: <20250319161626.625056-2-matthias.fischer@ipfire.org>
In-Reply-To: <20250319161626.625056-1-matthias.fischer@ipfire.org>
References: <20250319161626.625056-1-matthias.fischer@ipfire.org>
Precedence: list
List-Id: <development.lists.ipfire.org>
List-Subscribe: <https://lists.ipfire.org/>,
 <mailto:development+subscribe@lists.ipfire.org?subject=subscribe>
List-Unsubscribe: <https://lists.ipfire.org/>,
 <mailto:development+unsubscribe@lists.ipfire.org?subject=unsubscribe>
List-Post: <mailto:development@lists.ipfire.org>
List-Help: <mailto:development+help@lists.ipfire.org?subject=help>
Sender: <development@lists.ipfire.org>
Mail-Followup-To: <development@lists.ipfire.org>
MIME-Version: 1.0

Excerpt from changelog:
"7.0.9 -- 2025-03-18

Security #7616: datasets: hashsize setting via rules can cause high
memory usage (7.0.x backport)(MODERATE - CVE 2025-29916)

Security #7614: decode_base64: signature can do large memory
allocation (7.0.x backport)(HIGH - CVE 2025-29917)

Security #7527: detect: infinite loop with negated pcre and indefinite
recursion limit setting (7.0.x backport)(HIGH - CVE 2025-29918)

Security #7459: af-packet: defrag option can lead to truncated packets
(7.0.x backport)(HIGH - CVE 2025-29915)

Bug #7581: detect: missing file.data matches without filestore (7.0.x
backport)

Bug #7561: detect: integer underflow with krb5.ticket_encryption (7.0.x
backport)

Bug #7557: quic: valid traffic blocked in IPS mode (7.0.x backport)

Bug #7555: tls: parser error on unACK'd data in FIN shutdown (7.0.x
backport)

Bug #7553: applayer: misdetection if response is seen first without
request (7.0.x backport)

Bug #7496: detect: protocol probing doesn't finish earlier if opposite
dir already had a protocol  (7.0.x backport)

Bug #7493: flow/var: memory leak in lua extension (7.0.x backport)
Bug #7468: detect: checksum detection broken by stream.checksum-validation
(7.0.x backport)

Bug #7460: eve: empty src_ip and dest_ip values may be logged

Bug #7448: log/file: nullptr dereference if file was opened more than once
(7.0.x backport)

Bug #7431: flow: multiple Flow Managers scan wrong hash slices (7.0.x
backport)

Bug #7428: tcp: GAP event set on unack'd data following a RST (7.0.x
backport)

Optimization #7088: applayer: track modified transactions to avoid walking
all live transactions (7.0.x backport)"

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
---
 lfs/suricata | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lfs/suricata b/lfs/suricata
index 2b05c3c54..56733125d 100644
--- a/lfs/suricata
+++ b/lfs/suricata
@@ -1,7 +1,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007-2024  IPFire Team  <info@ipfire.org>                     #
+# Copyright (C) 2007-2025  IPFire Team  <info@ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 7.0.8
+VER        = 7.0.9
 
 THISAPP    = suricata-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 8571a6368b90e18046cdcf71f53e1b59e895ea8fe2d8f996ef614a890b520671f5dcac10014555880e408060913df1dab4c473bf083e7c0451c6a4b93bedd047
+$(DL_FILE)_BLAKE2 = fe01a304b170cf210b3ad2c782c6a49798c67df5433498715101ba626548395a70793a50221390f6697d1aef2be1808ba430091dae097e350dd2a9c98677a61b
 
 install : $(TARGET)