Open Information Security Foundation

04/23/2024

04:56 PM Suricata Documentation #6982 (New): offset: no documentation that offset can be a name

The documentation for the @offset@ keyword has no information that it can also be a variable name from a @byte_extract@. Jason Ish

04/19/2024

09:13 PM Suricata Bug #6949 (In Review): detect/http.response_body: false positive because not enforcing direction to_client (7.0.x backport)

PR: https://github.com/OISF/suricata/pull/10920 Jason Ish

06:47 PM Suricata Task #6968 (New): decode: unify decode thread module with receive thread module

Decode modules are coupled to their receive module and having them as a separate thread module serves no purpose anym... Jason Ish

04/16/2024

06:49 PM Suricata Bug #6923 (Closed): jsonbuilder: serializes Rust f64 NaNs to an invalid literal (7.0.x backport)

Merged into main-7.0.x. Jason Ish

05:10 PM Suricata-Update Bug #6932 (In Review): missing engine rules: ssh, mqtt

https://github.com/OISF/suricata-update/pull/344 Jason Ish

03:36 PM Suricata Task #6961 (In Progress): lua create: use a rust crate to vendor lua

Create a GitHub repository and Rust crate to use as a container for vendoring Lua.
Example: https://github.com/jas... Jason Ish

04/15/2024

02:59 PM Suricata Feature #4776: lua: vendor latest lua stable

One way to do this is to bundle the Lua source as a Rust crate, proof of concept PR: https://github.com/OISF/suricata... Jason Ish

04/12/2024

06:37 PM Suricata Feature #1971 (In Progress): lua: make mandatory

Jason Ish

06:36 PM Suricata Task #6952: ppa: run as a non-root user

Victor Julien wrote in #note-4:
> One question is: when should we do this? Seems risky to do it in a patch release?
... Jason Ish

02:37 PM Suricata Task #6952 (Assigned): ppa: run as a non-root user

Like the RPM, which uses run-as. Jason Ish