|
|
|
|
@ -1,3 +1,39 @@
|
|
|
|
|
8.0.2 -- 2025-11-05
|
|
|
|
|
|
|
|
|
|
Security #8066: lua: stack overflow from unbounded stack allocation in LuaPushStringBuffer (8.0.x backport)(HIGH - CVE 2025-64344)
|
|
|
|
|
Security #8059: eve/http: stack overflow on large file transfers (8.0.x backport)(MODERATE - CVE 2025-64331)
|
|
|
|
|
Security #8058: util/swf: stack overflow on larger compressed data (8.0.x backport)(LOW - CVE 2025-64332)
|
|
|
|
|
Security #8057: eve/http: stack overflow from big content type (8.0.x backport)(HIGH - CVE 2025-64333)
|
|
|
|
|
Security #8022: eve/alert: heap buffer overflow on verdict (8.0.x backport)(MODERATE - CVE 2025-64330)
|
|
|
|
|
Security #7981: http: unbounded memory growth for decompression (8.0.x backport)(CRITICAL - CVE 2025-64334)
|
|
|
|
|
Security #7960: detect/entropy: null deref when used with base64_data (8.0.x backport)(HIGH - CVE 2025-64335)
|
|
|
|
|
Security #8064: unix-socket: use after free if client command is too long (8.0.x backport)
|
|
|
|
|
Bug #8076: snmp: detection-only setting is broken (8.0.x backport)
|
|
|
|
|
Bug #8053: python/Makefile: too open file permissions for defaults.py (8.0.x backport)
|
|
|
|
|
Bug #8034: flow/timeouts: yaml configured values unused for bypassed (8.0.x backport)
|
|
|
|
|
Bug #8020: tls: certificate SAN is freed in case of any error (8.0.x backport)
|
|
|
|
|
Bug #8016: detect/ip.src: does not load with lua transform (8.0.x backport)
|
|
|
|
|
Bug #8007: anomaly/ether_type: always logged as big endian (8.0.x backport)
|
|
|
|
|
Bug #8005: pcap-log: bpf-filter not applied when using multi mode (8.0.x backport)
|
|
|
|
|
Bug #7998: detect: replace keyword leaks memory (8.0.x backport)
|
|
|
|
|
Bug #7992: http2: wrong parsing of go away frames error code (8.0.x backport)
|
|
|
|
|
Bug #7990: dpdk: compile warning ‘rte_eth_bond_members_get’ is deprecated (8.0.x backport)
|
|
|
|
|
Bug #7976: dpdk: CPU exclude logic is broken (8.0.x backport)
|
|
|
|
|
Bug #7974: detect/files: signatures using file keywords on udp only app protos fail (8.0.x backport)
|
|
|
|
|
Bug #7961: mime: incorrect decoding of quoted-printable text attachments (8.0.x backport)
|
|
|
|
|
Bug #7943: runmode/dpdk: dpdk_vars initialized to NULL for any livedev (8.0.x backport)
|
|
|
|
|
Bug #7940: decoder/vxlan: packet drops with non-zero reserved fields (8.0.x backport)
|
|
|
|
|
Bug #7923: output/json: invalid IKE logs (8.0.x backport)
|
|
|
|
|
Bug #7911: eve/alert: incorrect verdict with pass + alert rule (8.0.x backport)
|
|
|
|
|
Bug #7910: lua/http: null dereference in accessor functions (8.0.x backport)
|
|
|
|
|
Feature #8072: flow: midstream exception policy "reject-both" support (8.0.x backport)
|
|
|
|
|
Task #7985: ci: Add multi-tenant test (8.0.x backport)
|
|
|
|
|
Task #7978: github/actions: add DPDK 23.11 build (8.0.x backport)
|
|
|
|
|
Task #5472: tracking: upgrading from 7 to 8
|
|
|
|
|
Documentation #7917: userguide: add section for rule hooks (8.0.x backport)
|
|
|
|
|
Documentation #7916: userguide: document tx scoped xbits (8.0.x backport)
|
|
|
|
|
Documentation #7914: devguide: Add Eve Output Plugins (8.0.x backport)
|
|
|
|
|
|
|
|
|
|
8.0.1 -- 2025-09-15
|
|
|
|
|
|
|
|
|
|
Security #7881: detect/tls: keyword tls.subjectaltname leads to NULL Deref if tls.subjectaltname contains zero(HIGH - CVE 2025-59150)
|
|
|
|
|
|
Shivani Bhardwaj
6 months ago