From d3d745d515d30da5553c725bf5ea6d751fc4af57 Mon Sep 17 00:00:00 2001 From: Victor Julien Date: Wed, 18 Dec 2013 14:01:28 +0100 Subject: [PATCH] Update Changelog for 2.0beta2 --- ChangeLog | 88 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 88 insertions(+) diff --git a/ChangeLog b/ChangeLog index 27f01dc52a..0b480bb77e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,91 @@ +2.0beta2 -- 2013-12-18 + +Bug #463: Suricata not fire on http reply detect if request are not http +Bug #640: app-layer-event:http.host_header_ambiguous set when it shouldn't +Bug #714: some logs not created in daemon mode +Bug #810: Alerts on http traffic storing the wrong packet as the IDS event payload +Bug #815: address parsing with negation +Bug #820: several issues found by clang 3.2 +Bug #837: Af-packet statistics inconsistent under very high traffic +Bug #882: MpmACCudaRegister shouldn't call PatternMatchDefaultMatcher +Bug #887: http.log printing unknown hostname most of the time +Bug #890: af-packet segv +Bug #892: detect-engine.profile - custom - does not err out in incorrect toclient/srv values - suricata.yaml +Bug #895: response: rst packet bug +Bug #896: pfring dna mode issue +Bug #897: make install-full fails if wget is missing +Bug #903: libhtp valgrind warning +Bug #907: icmp_seq and icmp_id keyword with icmpv6 traffic (master) +Bug #910: make check fails w/o sudo/root privs +Bug #911: HUP signal +Bug #912: 1.4.3: Unit test in util-debug.c: line too long. +Bug #914: Having a high number of pickup queues (216+) makes suricata crash +Bug #915: 1.4.3: log-pcap.c: crash on printing a null filename +Bug #917: 1.4.5: decode-ipv6.c: void function cannot return value +Bug #920: Suricata failed to parse address +Bug #922: trackers value in suricata.yaml +Bug #925: prealloc-sessions value bigger than allowed in suricata.yaml +Bug #926: prealloc host value in suricata.yaml +Bug #927: detect-thread-ratio given a non numeric value in suricata.yaml +Bug #928: Max number of threads +Bug #932: wrong IP version - on stacked layers +Bug #939: thread name buffers are sized inconsistently +Bug #943: pfring: see if we can report that the module is not loaded +Bug #948: apple ppc64 build broken: thread-local storage not supported for this target +Bug #958: SSL parsing issue (master) +Bug #963: XFF compile failure on OSX +Bug #964: Modify negated content handling +Bug #967: threshold rule clobbers suppress rules +Bug #968: unified2 not logging tagged packets +Bug #970: AC memory read error +Bug #973: Use different ids for content patterns which are the same, but one of them has a fast_pattern chop set on it. +Bug #976: ip_rep supplying different no of alerts for 2 different but semantically similar rules +Bug #979: clean up app layer protocol detection memory +Bug #982: http events missing +Bug #987: default config generates error(s) +Bug #988: suricata don't exit in live mode +Bug #989: Segfault in HTPStateGetTxCnt after a few minutes +Bug #991: threshold mem leak +Bug #994: valgrind warnings in unittests +Bug #995: tag keyword: tagging sessions per time is broken +Bug #998: rule reload triggers app-layer-event FP's +Bug #999: delayed detect inits thresholds before de_ctx +Bug #1003: Segmentation fault +Bug #1023: block rule reloads during delayed detect init +Bug #1026: pfring: update configure to link with -lrt +Bug #1031: Fix IPv6 stream pseudo packets +Bug #1035: http uri/query normalization normalizes 'plus' sign to space +Bug #1042: Can't match "emailAddress" field in tls.subject and tls.issuerdn +Bug #1061: Multiple flowbit set in one rule +Feature #234: add option disable/enable individual app layer protocol inspection modules +Feature #417: ip fragmentation time out feature in yaml +Feature #478: XFF (X-Forwarded-For) +Feature #602: availability for http.log output - identical to apache log format +Feature #622: Specify number of pf_ring/af_packet receive threads on the command line +Feature #727: Explore the support for negated alprotos in sigs. +Feature #746: Decoding API modification +Feature #751: Add invalid packet counter +Feature #752: Improve checksum detection algorithm +Feature #789: Clean-up start and stop code +Feature #813: VLAN flow support +Feature #878: add storage api +Feature #901: VLAN defrag support +Feature #904: store tx id when generating an alert +Feature #940: randomize http body chunks sizes +Feature #944: detect nic offloading +Feature #956: Implement IPv6 reject +Feature #957: reject: iface setup +Feature #959: Move post config initialisation code to PostConfLoadedSetup +Feature #981: Update all switch case fall throughs with comments on false throughs +Feature #983: Provide rule support for specifying icmpv4 and icmpv6. +Feature #986: set htp request and response size limits +Feature #1008: Optionally have http_uri buffer start with uri path for use in proxied environments +Feature #1009: Yaml file inclusion support +Feature #1032: profiling: per keyword stats +Optimization #583: improve Packet_ structure layout +Optimization #1018: clean up counters api +Optimization #1041: remove mkinstalldirs from git + 2.0beta1 -- 2013-07-18 - Luajit flow vars and flow ints support (#593)