mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-14 04:52:59 +02:00
30f306a3e2
Changelog: "5.0.9 -- 2022-04-21 Security #4889: ftp: SEGV at flow cleanup due to protocol confusion Security #5025: ftp: GetLine function buffers data indefinitely if 0x0a was not found int the frag'd input Security #5028: smtp: GetLine function buffers data indefinitely if 0x0a was not found in the frag'd input Security #5253: Infinite loop in JsonFTPLogger Feature #4644: pthreads: set minimum stack size Bug #4466: dataset file not written when run as user Bug #4678: Configuration test mode succeeds when reference.config file contains invalid content Bug #4745: Absent app-layer protocol is always enabled by default Bug #4819: tcp: insert_data_normal_fail can hit without triggering memcap Bug #4823: conf: quadratic complexity Bug #4825: pppoe decoder fails when protocol identity field is only 1 byte Bug #4827: packetpool: packets in pool may have capture method ReleasePacket callbacks set Bug #4838: af-packet: cluster_id is not used when trying to set fanout support Bug #4878: datasets: memory leak in 5.0.x Bug #4887: dnp3: buffer over read in logging base64 empty objects Bug #4891: protodetect: SMB vs TLS protocol detection in midstream Bug #4893: TFTP: memory leak due to missing detect state Bug #4895: Memory leak with signature using file_data and NFS Bug #4897: profiling: Invalid performance counter when using sampling Bug #4901: eve: memory leak related to dns Bug #4932: smtp: smtp transaction not logged if no email is present Bug #4955: stream: too aggressive pruning in lossy streams Bug #4957: SMTP assertion triggered Bug #4959: suricatasc loop if recv returns no data Bug #4961: dns: transaction not created when z-bit set Bug #4963: Run stream reassembly on both directions upon receiving a FIN packet Bug #5058: dns: probing/parser can return error when it should return incomplete Bug #5063: Not keyword matches in Kerberos requests Bug #5096: output: timestamp missing usecs on Arm 32bit + Musl Bug #5099: htp: server personality radix handling issue Bug #5101: defrag: policy config can setup radix incorrectly Bug #5103: Application log cannot to be re-opened when running as non-root user Bug #5105: iprep: cidr support can set up radix incorrectly Bug #5107: detect/iponly: rule parsing does not always apply netmask correctly Bug #5109: swf: coverity warning Bug #5115: detect/ip_proto: inconsistent behavior when specifying protocol by string Bug #5117: detect/iponly: mixing netblocks can lead to FN/FP Bug #5119: smb: excessive CPU utilization and higher packet processing latency due to excessive calls to Vec::extend_from_slice() Bug #5137: smb: excessive memory use during file transfer Bug #5150: nfs: Integer underflow in NFS Bug #5157: xbits: noalert is allowed in rule language with other commands Bug #5164: iprep: use_cnt can get desynchronized (SIGABRT) Bug #5171: detect/iponly: non-cidr netmask settings can lead incorrect radix tree Bug #5193: SSL : over allocation for certificates Bug #5213: content:"22 2 22"; is parsed without error Bug #5227: 5.0.x: SMB: Wrong buffer being checked for possible overflow. Bug #5251: smb: integer underflows and overflows Task #5006: libhtp 0.5.40" Additionally, I moved the 'suricata' patch files into a separate directory. Apart from some line numbers, nothing else was changed. Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Reviewed-by: Adolf Belka <adolf.belka@ipfire.org>
IPFire 2.x - The Open Source Firewall
What is IPFire?
IPFire is a hardened, versatile, state-of-the-art Open Source firewall based on Linux. Its ease of use, high performance in any scenario and extensibility make it usable for everyone. For a full list of features have a look here.
This repository contains the source code of IPFire 2.x which is used to build the whole distribution from scratch, since IPFire is not based on any other distribution.
Where can I get IPFire?
Just head over to https://www.ipfire.org/download
How do I use this software?
We have a long and detailed wiki located here which should answers most of your questions.
But I have some questions left. Where can I get support?
You can ask your question at our community located here. A complete list of our support channels can be found here.
How can I contribute?
We have another document for this. Please look here.