Project

General

Profile

1.3.1

closed

08/21/2012

Bug fix release for 1.3 branch

100%

15 issues   (15 closed — 0 open)

Upgrading Suricata 1.3 to Suricata 1.3.1

Suricata 1.3.1 is a small update over 1.3, so there have been few visible changes.

HTTP double decoding

In 1.3 Suricata double decoded the complete URI in any case. For 1.3.1 this has been changed. The decoding now again depends on the selected server personality. To enable double decoding again 2 per server options were added:

double-decode-path: <yes|no>
double-decode-query: <yes|no>

Both default to "no".

Example config:

libhtp:
   default-config:
     personality: IDS
     request-body-limit: 3072
     response-body-limit: 3072
     double-decode-path: yes
     double-decode-query: no

For a discussion about this see tickets #464 and #504.

Time tracking
Estimated time 18.00 hours
Issues by
Bug

15/15