From patchwork Fri Jun 16 15:52:08 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matthias Fischer X-Patchwork-Id: 6937 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4QjNvk6NXmz3wjk for ; Fri, 16 Jun 2023 15:52:18 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4QjNvj2GyCz1TK; Fri, 16 Jun 2023 15:52:17 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4QjNvh74B9z2yXc; Fri, 16 Jun 2023 15:52:16 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4QjNvg6MNLz2xSK for ; Fri, 16 Jun 2023 15:52:15 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4QjNvd5hCWzlZ for ; Fri, 16 Jun 2023 15:52:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1686930733; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=DKAQUhHwRjJK3rDrxwREGMNC1CU8lLU/pfV3ySMGsUY=; b=uHi9tpIVWpHf1rPOvol+PFL6AhOvcG73FuHc4T0pVlPW2zpaaZbmNrL0PEgGE0DGzoJ1Kk BmX9XsTsfo3T92+qaVry7eBNxur+XhnK0ZmIisHmZGGvGj0NJ5WJFSQd0XD3sfxeoUGuo9 +tO2Ix2O98EcttVujAd8plU4ZsBkBhvxTytE078MXImlEZljldmNY9chxeVH3zD4qIZtez Pzeu+9rre8TnpxvXwcrPhSeNdS/39stkGcJn4QZ6nVBzfvdHWlfcxEJ1/Tm8qe2h9CHD+V S5o4rhQrjWrQENz1g/OXvStmlbEp+cjCuP/gqMjCPFBJfB8eAeo+05kbte7GzQ== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1686930733; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=DKAQUhHwRjJK3rDrxwREGMNC1CU8lLU/pfV3ySMGsUY=; b=juY1PoI1TVQkbV8LLXAUWkjq+Eqreq9waoUxypngetXW2x4bmgppEnsgswgxFI8MaHBEki kBc9BXipXIGxvhCw== From: Matthias Fischer To: development@lists.ipfire.org Subject: [PATCH 1/2] suricata: Update to 6.0.13 Date: Fri, 16 Jun 2023 17:52:08 +0200 Message-Id: <20230616155209.1818-1-matthias.fischer@ipfire.org> MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Excerpt from changelog: "6.0.13 -- 2023-06-15 Security #6119: datasets: absolute path in rules can overwrite arbitrary files (6.0.x backport) Bug #6138: Decode-events of IPv6 packets are not triggered (6.0.x backport) Bug #6136: suricata-update: dump-sample-configs: configuration files not found (6.0.x backport) Bug #6125: http2: cpu overconsumption in rust moving/memcpy in http2_parse_headers_blocks (6.0.x backport) Bug #6113: ips: txs still logged for dropped flow (6.0.x backport) Bug #6056: smtp: long line discard logic should be separate for server and client (6.0.x backport) Bug #6055: ftp: long line discard logic should be separate for server and client (6.0.x backport) Bug #5990: smtp: any command post a long command gets skipped (6.0.x backport) Bug #5982: smtp: Long DATA line post boundary is capped at 4k Bytes (6.0.x backport) Bug #5809: smb: convert transaction list to vecdeque (6.0.x backport) Bug #5604: counters: tcp.syn, tcp.synack, tcp.rst depend on flow (6.0.x backport) Bug #5550: dns: allow dns messages with invalid opcodes (6.0.x backport) Task #5984: libhtp 0.5.44 (6.0.x backport) Documentation #6134: userguide: add instructions/explanation for (not) running suricata with root (6.0.x backport) Documentation #6121: datasets: 6.0.x work-arounds for dataset supply chain attacks" Signed-off-by: Matthias Fischer --- config/rootfiles/common/suricata | 3 +-- lfs/suricata | 4 ++-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/config/rootfiles/common/suricata b/config/rootfiles/common/suricata index df297ebd6..89fd6d865 100644 --- a/config/rootfiles/common/suricata +++ b/config/rootfiles/common/suricata @@ -8,8 +8,6 @@ usr/sbin/convert-ids-backend-files #usr/share/doc/suricata/Basic_Setup.txt #usr/share/doc/suricata/GITGUIDE #usr/share/doc/suricata/INSTALL -#usr/share/doc/suricata/INSTALL.PF_RING -#usr/share/doc/suricata/INSTALL.WINDOWS #usr/share/doc/suricata/NEWS #usr/share/doc/suricata/README #usr/share/doc/suricata/Setting_up_IPSinline_for_Linux.txt @@ -45,6 +43,7 @@ usr/share/suricata #usr/share/suricata/threshold.config var/cache/suricata var/lib/suricata +#var/lib/suricata/data var/log/suricata #var/log/suricata/certs #var/log/suricata/files diff --git a/lfs/suricata b/lfs/suricata index b28d5e3e7..c48c1c430 100644 --- a/lfs/suricata +++ b/lfs/suricata @@ -24,7 +24,7 @@ include Config -VER = 6.0.12 +VER = 6.0.13 THISAPP = suricata-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 3cd16072014e814ec116bbde6649a0230200e447884028fef0440cbbc38a36b28c1edb39098e4089ee966890464bcd2573ea82d3e35e6d034ad465ac20c4c0b6 +$(DL_FILE)_BLAKE2 = 47dcc47253c462510494dac35a4aa41a110f62bca148871d86509b76ac0c2a873b9fbb9fc981e65897d6443032c27c9f9eeb0fae524f4e56306ed01fe6e32b01 install : $(TARGET) From patchwork Fri Jun 16 15:52:09 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matthias Fischer X-Patchwork-Id: 6938 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4QjNvm2lltz3wjk for ; Fri, 16 Jun 2023 15:52:20 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4QjNvj5Jx2z4Zb; Fri, 16 Jun 2023 15:52:17 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4QjNvj0pz4z2yyS; Fri, 16 Jun 2023 15:52:17 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4QjNvg6SPtz2xgv for ; Fri, 16 Jun 2023 15:52:15 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4QjNvg4F3Xz1Qs for ; Fri, 16 Jun 2023 15:52:15 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1686930735; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=nXWZUY3qcCKyktfTcB6VDsRUV1fWjkdQO2f1ViG+o8o=; b=k+uv1+vJTxIF32LmNpkoIh82fFzd7+7Lp8dBy2gtt6UzgLLSWbMhV1hSQdq7gie5RKWoYH qLTS9fI5sR6BL1Dw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1686930735; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=nXWZUY3qcCKyktfTcB6VDsRUV1fWjkdQO2f1ViG+o8o=; b=HvgQKRCC729ebs6uKcyubE3NeQoZB7EYRoRwU253+7l9TLXqWHZFJN/Dqjfpv1M8hyulgm B1vAqUBrrf980cvpiX0FTx1CBIB5Xq0TTItE1i23TpUOP++S/UE2VZpvwhDvqBeDneVN+u ft/aKGjg9IpDaUCqF4wH2yH5/FATgtSqpqUySETJqp7yehYYUNsOpC1dr0B9+rM4rlvpj/ 8WxMY/nT1Uin2y8Ty6gq7jd5+JM/+OaKTQkvaoqtjucWR6PgbbzfMUnda1P741Zkx//tFC /WODRmksG9WohLbhHqhbaXFdXVG4c1AtVViWu7WL4hvZYuSwzRri11xLOvYtxQ== From: Matthias Fischer To: development@lists.ipfire.org Subject: [PATCH 2/2] libhtp: Update to 0.5.44 Date: Fri, 16 Jun 2023 17:52:09 +0200 Message-Id: <20230616155209.1818-2-matthias.fischer@ipfire.org> In-Reply-To: <20230616155209.1818-1-matthias.fischer@ipfire.org> References: <20230616155209.1818-1-matthias.fischer@ipfire.org> MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" For details see: https://github.com/OISF/libhtp/releases/tag/0.5.44 "0.5.44 (13 June 2023) --------------------- - response: only trim spaces at headers names end - response: skips lines before response line - headers: log a warning for chunks extension" Signed-off-by: Matthias Fischer --- lfs/libhtp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lfs/libhtp b/lfs/libhtp index 0b6015cde..987c159e5 100644 --- a/lfs/libhtp +++ b/lfs/libhtp @@ -24,7 +24,7 @@ include Config -VER = 0.5.43 +VER = 0.5.44 THISAPP = libhtp-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 071cadc254b7af55bf410db5689429ca7588005b2f74fbd8468f2d6eeaf00c55ae99e8dd78552a5bf11ace5c8047b28a844db343937827a428b6d8b8d9036d29 +$(DL_FILE)_BLAKE2 = 6b4c8d617e6a649997e9375677baed99315be83e598317ce4951883482e6099cb5fd28e27ae25ab68ecc765931b0955289d144a710ce2e1b11edf92848b1b613 install : $(TARGET)