New version is available https://suricata-ids.org/2018/02/14/suricata-4-0-4-available/ It fixes several issues including security related This is a security update fixing a number of security issues, as well as a fair number of regular issues. Security CVE-2018-6794 was requested for issue #2440 Changes Bug #2306: suricata 4 deadlocks during failed output log reopening Bug #2361: rule reload hangup Bug #2389: BUG_ON asserts in AppLayerIncFlowCounter (4.0.x) Bug #2392: libhtp 0.5.26 (4.0.x) Bug #2422: [4.0.3] af_packet: a leak that (possibly) breaks an inline channel Bug #2438: various config parsing issues Bug #2439: Fix timestamp offline when pcap timestamp is zero (4.0.x) Bug #2440: stream engine bypass issue (4.0.x) Bug #2441: der parser: bad input consumes cpu and memory (4.0.x) Bug #2443: DNP3 memcpy buffer overflow (4.0.x) Bug #2444: rust/dns: Core Dump with malformed traffic (4.0.x) Bug #2445: http bodies / file_data: thread space creation writing out of bounds
I believe https://bugs.gentoo.org/647666 should be fixed prior to fixing this bug as this is library used by suricata.
@maintainers ping, Please rev bump this. Michael Boyle Gentoo Security Padawan
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5073a26b023b9b579b550c2d92fe949d9dbda2a5 commit 5073a26b023b9b579b550c2d92fe949d9dbda2a5 Author: Marek Szuba <marecki@gentoo.org> AuthorDate: 2018-06-11 14:03:15 +0000 Commit: Marek Szuba <marecki@gentoo.org> CommitDate: 2018-06-11 14:04:06 +0000 net-analyzer/suricata: remove vulnerable 4.0.3 Bug: https://bugs.gentoo.org/647664 Package-Manager: Portage-2.3.40, Repoman-2.3.9 net-analyzer/suricata/Manifest | 1 - net-analyzer/suricata/suricata-4.0.3.ebuild | 167 ---------------------------- 2 files changed, 168 deletions(-)