Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Snort 2.9.17.0 has been released

From: "Joel Esler \(jesler\) via Snort-sigs" <snort-sigs () lists snort org>
Date: Mon, 23 Nov 2020 02:52:28 +0000
Please stop emailing every thread on every list and read the bottom of the emails on each of the lists for instructions 
on how to unsubscribe. 

Sent from my  iPhone


On Nov 22, 2020, at 21:42, Erland Churqui <EChurqui () redenlace com bo> wrote:


Cancelar la suscripción
 
Gracias
 
De: Snort-devel <snort-devel-bounces () lists snort org> En nombre de Joel Esler (jesler) via Snort-devel
Enviado el: jueves, 19 de noviembre de 2020 23:01
Para: Snort <Snort-users () lists snort org>; snort-sigs () lists snort org; snort-devel () lists snort org
Asunto: [Snort-devel] Snort 2.9.17.0 has been released
 
Snort 2.9.17.0 has been released
Join us as we are pleased to release a bug fix version of Snort 2.9.17.0!  First, some release notes:


New Additions

            • Added support for s7Commplus protocol.
            • Support for allowing common names across rule options.
            • Added support to detect TCP Fast Open packets.
 
Improvements / Fix
            • Added support for HTTP range field parsing to detect if HTTP response/request is indeed partial or full 
content.
            • Miscellaneous SMB bug fixes.
            • Fixed TCP segment queue hole issue as per the RFC793 recommendation for OOO Ack packet handling.
            • Fixed multiple static analysis issues.
            • Fixed DNS application detector failing to detect DNS traffic in some scenarios
            • Fixed complier warnings
            • Fix to populate original IP in dropped events when inline normalization is enabled in unified2 output 
method
            • Fixed handling of encrypted traffic by the SIP preprocessor
            • Added port 853 to the SSL detector for DNS over TLS runs on SSL
                        • Also improved SIP preprocessor to detect SSL encrypted SIP traffic better
            • Fixes to byte_math operation
            • Fixed GCC 10.1.1 compile issues
            • Fixed incorrect filtering of UDP traffic when "ignore_any_rules" is configured
            • Fix to address some cases of ambiguous codes between SMTP & FTP and when SMTP server does not support 
EHLO
            • Fixed AppID caching proxy IP instead of tunneled IP in the dynamic cache during ultrasurf traffic
            • Fixed popup message on Windows uninstall operation
            • Added message to ask users to choose 4.1.1 of winpcap when on Windows.

As always this maintenance release of Snort 2.9.17.0 is available on our Snort downloads page.  For any questions, 
please feel free to visit our Snort-Users mailing list.


Este correo electrónico y sus anexos (si existieran) son confidenciales y están dirigidos únicamente al destinatario. 
La copia electrónica o física y posterior distribución no está permitida salvo para fines institucionales 
específicos. En caso de recibir este mensaje por equivocación, le solicitamos borrarlo y comunicárnoslo 
inmediatamente; así como no copiar ni divulgar su contenido a ninguna persona.
El contenido de este mensaje involucra únicamente al remitente y no representa necesariamente una manifestación de 
ATC S. A., a no ser que expresamente se comunique y el remitente esté autorizado para hacerlo.

Attachment: smime.p7s
Description: 

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!
Previous By Date Next
Previous By Thread Next

Current thread: