Snort Blog: Snort 2.9.12.0 has been released

["Joel Esler \(jesler\) via Snort-devel" <snort-devel () lists snort org>]

https://blog.snort.org/2018/10/snort-29120-has-been-released.html

Snort 2.9.12.0 has been released
Please join us as we welcome SNORTⓇ 2.9.12.0 to the family!

Some release notes on this latest version:
New Additions

  *   Parsing HTTP CONNECT to extract the tunnel IP and port information.
  *   Alerting and dechunking for chunked encoding in HTTP1.0 request and response.

Improvements

  *   Fixed an issue where, if we have a junk line before HTTP response header, the header was wrongly parsed.
  *   Fixed GZIP evasions where an HTTP response with content-encoding:gzip contains a body that has a GZIP-related 
anomaly.
  *   Fixed an issue in certain scenarios where a BitTorrent pattern is seen only on the third packet of the session, 
causing us to miss our client detection.
  *   SMB improvements for file detection and processing.

We'd like to thank the following members of the Snort community for reporting issues and submitting code to the project:


  *   Elof
  *   Anuj Patel
  *   Markus
  *   David Binderman
  *   Stephan Zeisbarg

As always, we welcome feedback and community participation in Snort on the snort-users mailing 
list<https://snort.org/community>.

_______________________________________________
Snort-devel mailing list
Snort-devel () lists snort org
https://lists.snort.org/mailman/listinfo/snort-devel

Please visit http://blog.snort.org for the latest news about Snort!