Open Information Security Foundation

05/12/2021

04:37 PM Suricata-Update Feature #4481 (New): list-sources: list locally added sources, and make it clear they are local sources

For reference: https://forum.suricata.io/t/suricata-update-add-source-for-previously-disabled-source/442/5 Jason Ish

05/10/2021

10:38 PM Suricata Task #4480 (Assigned): Packaging/RPM: Remove engine provided rules from /etc/suricata/rules

Suricata has been installing engine provided rules into /usr/share/suricata/rules since 5.0 instead of /etc/suricata/... Jason Ish

05/06/2021

11:59 PM Suricata-Update Feature #4479 (Assigned): Work on FIPS compliant CentOS releases.

On FIPS restricted machines, md5 is not available by default. However, a potential work-around exists.
https://for... Jason Ish

09:01 PM Suricata Bug #4472 (Closed): YAML -- interpretation of "~" (tilde)

PR: https://github.com/OISF/suricata/pull/6105
Now merged into master. Jason Ish

05/05/2021

05:45 PM Suricata Bug #4474 (In Review): dns: high resource usage on long lived dns connections

PR: https://github.com/OISF/suricata/pull/6108 Jason Ish

02:49 PM Suricata Bug #4474: dns: high resource usage on long lived dns connections

In 6.0.x we saw a case where the last cleaned up (free'd transaction) wasn't being recorded correctly. So for every t... Jason Ish

05/04/2021

08:41 PM Suricata Bug #4434 (Closed): Duplicate alert record in eve log when using unix-socket mode

Fix merge into master. Jason Ish

08:40 PM Suricata Bug #4225 (Closed): SC_ERROR_CONF_YAML_ERROR anomaly logger error when in socket mode

Fix merged into master. Jason Ish

05/03/2021

06:22 PM Suricata Bug #4472 (In Progress): YAML -- interpretation of "~" (tilde)

Per the YAML spec, the following should result in a null value:... Jason Ish

04/30/2021

04:56 PM Suricata Bug #4434 (In Review): Duplicate alert record in eve log when using unix-socket mode

Jason Ish