"This is the first release after Suricata joined the Oss-Fuzz program, leading to discovery of a number of (potential) security issues. We expect that in the coming months we’ll fix more such issues, as the fuzzers increase their coverage and we continue to improve the seed corpus." e.g. Bug #3526: 5.0.x Kerberos vulnerable to TCP splitting evasion Bug #3585: htp: asan issue Bug #3592: Segfault on SMTP TLS Bug #3665: FTP: Incorrect ftp_memuse calculation.
@maintainer(s), please bump to 5.0.3.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=00b295187723410950b9e6fed2b221a68bdacb5b commit 00b295187723410950b9e6fed2b221a68bdacb5b Author: Marek Szuba <marecki@gentoo.org> AuthorDate: 2020-05-22 20:58:25 +0000 Commit: Marek Szuba <marecki@gentoo.org> CommitDate: 2020-05-22 21:01:55 +0000 net-analyzer/suricata: bump to 5.0.3 + remove 5.0.2 Bug: https://bugs.gentoo.org/724536 Signed-off-by: Marek Szuba <marecki@gentoo.org> net-analyzer/suricata/Manifest | 2 +- net-analyzer/suricata/{suricata-5.0.2.ebuild => suricata-5.0.3.ebuild} | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)
Thank you! :)