From patchwork Sat Dec 14 11:24:45 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matthias Fischer X-Patchwork-Id: 2647 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 47ZlZ14xH4z43dc for ; Sat, 14 Dec 2019 11:24:57 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail02.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 47ZlZ02g03z2pf; Sat, 14 Dec 2019 11:24:56 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 47ZlYz6L1Bz2yT4; Sat, 14 Dec 2019 11:24:55 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 47ZlYy6PQMz2xq4 for ; Sat, 14 Dec 2019 11:24:54 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 47ZlYy43Lbz2l7 for ; Sat, 14 Dec 2019 11:24:54 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=201909ed25519; t=1576322694; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=exfnagyq0BNlYrdjck6YuPuRxfNAYHJTNOhar5uaXlQ=; b=lC8F8jTu0gF4a1ufH+H5V04s7DGC9fX+xEFQa+orqUpE9/QOA4x74v37kUdSRUZnSdPrDx Su3TpXazJWf0JBDA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201909rsa; t=1576322694; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=exfnagyq0BNlYrdjck6YuPuRxfNAYHJTNOhar5uaXlQ=; b=Go1/RvpaBxmC11b1Lxlaz1wsGTHGiFdU2GKZAcpgah1eWw0px0wXhuww4gzFkn4WZuXRw7 lAddKhq46i3VgipGFTIZDAsUZAR4OFI953LOhyu8f9Y0XtjCngYE8ZDfvcBa1ivHHCaXJP w1VREkefBvjPqzy5FM4SI4e1oRL7ycat1NpzsMsQE2g8/My0T5Ew/RCMJoQ67+XqXLnUYa 4aeYTW5AhQJ5noIVWqZUyBn7vE5T+s8eb99m1JqbvM23b8EWyTnoDUPANeH7rC0/qut/Gy s1dSHVvtjAmUX9xGF0/qkdSALOqQRe8InOnQ58WyBHxH9l6nigRK4ZPApoclcg== From: Matthias Fischer To: development@lists.ipfire.org Subject: [PATCH 1/2] suricata: Update to 4.1.6 Date: Sat, 14 Dec 2019 12:24:45 +0100 Message-Id: <20191214112446.18979-1-matthias.fischer@ipfire.org> Authentication-Results: mail01.ipfire.org; auth=pass smtp.auth=mfischer smtp.mailfrom=matthias.fischer@ipfire.org X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Excerpt from 'ChangeLog': "4.1.6 -- 2019-12-13 Bug #3276: address parsing: memory leak in error path (4.1.x) Bug #3278: segfault when test a nfs pcap file (4.1.x) Bug #3279: ikev2 enabled in config even if Rust is disabled Bug #3325: lua issues on arm (fedora:29) (4.1.x) Bug #3326: Static build with pcap fails (4.1.x) Bug #3327: tcp: empty SACK option leads to decoder event (4.1.x) Bug #3347: BPF filter on command line not honored for pcap file (4.1.x) Bug #3355: DNS: DNS over TCP transactions logged with wrong direction. (4.1.x) Bug #3356: DHCP: Slow down over time due to lack of detect flags (4.1.x) Bug #3369: byte_extract does not work in some situations (4.1.x) Bug #3385: fast-log: icmp type prints wrong value (4.1.x) Bug #3387: suricata is logging tls log repeatedly if custom mode is enabled (4.1.x) Bug #3388: TLS Lua output does not work without TLS log (4.1.x) Bug #3391: Suricata is unable to get MTU from NIC after 4.1.0 (4.1.x) Bug #3393: http: pipelining tx id handling broken (4.1.x) Bug #3394: TCP evasion technique by overlapping a TCP segment with a fake packet (4.1.x) Bug #3395: TCP evasion technique by faking a closed TCP session (4.1.x) Bug #3402: smb: post-GAP some transactions never close (4.1.x) Bug #3403: smb1: 'event only' transactions for bad requests never close (4.1.x) Bug #3404: smtp: file tracking issues when more than one attachment in a tx (4.1.x) Bug #3405: Filehash rule does not fire without filestore keyword Bug #3410: intermittent abort()s at shutdown and in unix-socket (4.1.x) Bug #3412: detect/asn1: crashes on packets smaller than offset setting (4.1.x) Task #3367: configure: Rust 1.37+ has cargo-vendor support bundled into cargo (4.1.x)" Signed-off-by: Matthias Fischer --- lfs/suricata | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lfs/suricata b/lfs/suricata index 12dcfe08c..b3d22003b 100644 --- a/lfs/suricata +++ b/lfs/suricata @@ -24,7 +24,7 @@ include Config -VER = 4.1.5 +VER = 4.1.6 THISAPP = suricata-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 0dfd68f6f4314c5c2eed7128112eff3b +$(DL_FILE)_MD5 = da5de1e8053f05cbd295793210117d34 install : $(TARGET) From patchwork Sat Dec 14 11:24:46 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matthias Fischer X-Patchwork-Id: 2648 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 47ZlZ415hPz43dc for ; Sat, 14 Dec 2019 11:25:00 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail02.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 47ZlZ22X6Sz2sf; Sat, 14 Dec 2019 11:24:58 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 47ZlZ20cqNz2yN3; Sat, 14 Dec 2019 11:24:58 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 47ZlYz2b1Yz2yB5 for ; Sat, 14 Dec 2019 11:24:55 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 47ZlYy6PF8z2nF for ; Sat, 14 Dec 2019 11:24:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201909rsa; t=1576322694; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:in-reply-to:in-reply-to:references:references; bh=FO3u5tKz9k/XSmd84fRM4hH7MjNsNd2VVOCR/Nngfwg=; b=Pnf7yO+GrkcuaJLGGEACw0ysiL2kaB+JTptrww2sH2QtP2A8YXKUtIQ/vzZ4Njmli3yE5Q UeyMy+/OOMw8A7OeaOtxVxKoUwCut2IoFNBvWAxy56eATdbQZVpe8t42IqCMfMS0h7/YFQ bLCD8kX+l1Mv5lON0QYqdw7e7wk/SxBV/j7o8XZ59Xj+cH1u3HDG+ZnYynztRVY43y5TOj 4/2HzwLs6M6kRClSeifb5pVnYQH5X+zn9WoQxdf2ajO+1wlPGX/DtE6UDLKman8RVsWGB1 d07yxb6f+D8/ejDu9lKvnSBPX5t2Ob0Eo4pAqrgywNsmV83pdzaE7xNnFWu8Ow== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=201909ed25519; t=1576322694; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:in-reply-to:in-reply-to:references:references; bh=FO3u5tKz9k/XSmd84fRM4hH7MjNsNd2VVOCR/Nngfwg=; b=iOjgcLpixXzQ2q7S3N13Jy86CfymfjRzUqz6pplBFlL1EWllTa3K/W2NPEEP5C/Gfd2zUc 8XZAgzzQPKcD9bCQ== From: Matthias Fischer To: development@lists.ipfire.org Subject: [PATCH 2/2] libhtp: Update to 0.5.32 Date: Sat, 14 Dec 2019 12:24:46 +0100 Message-Id: <20191214112446.18979-2-matthias.fischer@ipfire.org> In-Reply-To: <20191214112446.18979-1-matthias.fischer@ipfire.org> References: <20191214112446.18979-1-matthias.fischer@ipfire.org> Authentication-Results: mail01.ipfire.org; auth=pass smtp.auth=mfischer smtp.mailfrom=matthias.fischer@ipfire.org X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" For details see: https://github.com/OISF/libhtp/releases Bundled with 'suricata 4.1.6' Signed-off-by: Matthias Fischer --- config/rootfiles/common/libhtp | 3 +++ lfs/libhtp | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/config/rootfiles/common/libhtp b/config/rootfiles/common/libhtp index 9211ea713..a99aa940e 100644 --- a/config/rootfiles/common/libhtp +++ b/config/rootfiles/common/libhtp @@ -15,6 +15,9 @@ #usr/include/htp/htp_urlencoded.h #usr/include/htp/htp_utf8_decoder.h #usr/include/htp/htp_version.h +#usr/include/htp/lzma +#usr/include/htp/lzma/7zTypes.h +#usr/include/htp/lzma/LzmaDec.h #usr/lib/libhtp.la #usr/lib/libhtp.so usr/lib/libhtp.so.2 diff --git a/lfs/libhtp b/lfs/libhtp index bec93a935..8a7ad6dfc 100644 --- a/lfs/libhtp +++ b/lfs/libhtp @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2015 Michael Tremer & Christian Schmidt # +# Copyright (C) 2019 Michael Tremer & Christian Schmidt # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@ include Config -VER = 0.5.30 +VER = 0.5.32 THISAPP = libhtp-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = ec0d8c57f9c611719e07668bbad7e685 +$(DL_FILE)_MD5 = db2e049c8e3b5e4826e18b75a0dc0f62 install : $(TARGET)