Bug #1391
Updated by Victor Julien about 9 years ago
This is technically a libhtp issue, but it affects Suricata detection and logging. Certain characters in the URI could confuse the parsing of the HTTP request line, leading to possible detection bypass for 'http_uri' and to incomplete logging of the URI. Libhtp 0.5.17 has been released to address this and is bundled in 2.0.7.
This issue was reported by Darien Huss of Emerging Threats.