[Snort-sigs] Snort has been released!

Snort Releases snortreleases at ...95...
Wed Dec 14 12:04:46 EST 2016

Please join the Snort team as we welcome the addition of Snort 
to General Availability!

Snort can be downloaded from the usual location on Snort.org 

The new keywords, when they are used, will cause older versions of Snort 
to fail. /(Meaning, you cannot use rules in and below, 
once those keywords are used.)/

Below are the release notes:

[*] New additions

  *  New rule option for byte_math. See the Snort manual for details.
  *  Added bitmask and from_end operations to byte_test. See the Snort 
manual for details.
  *  Added a Buffer Dump utility to trace all of the buffers used by 
snort during inspection.
         - Enable this by --enable-buffer-dump option to configure prior 
to building. See the Snort manual for details.
  *  Added new HTTP preprocessor alerts to detect multiple content 
encoding and multiple content length.
  *  Added support for SMTP Traffic detection over SSL (SMTPS).

[*] Improvements
  *  Fixed an issue which reduces extra service discovery to improve 
  *  Fixed multiple issues in AppID.
       - Reconstructed the call to port-service detection.
       - Fixed issue where AppId for Facebook over SPDY/HTTP 1.1 was 
       - Preventing third-party application identification for expected 
  *  Stability improvement for Stream preprocessor.
       - Addressed incorrect flushing of packets whose size is greater 
       - Fixed an issue where incorrect length argument in memcpy caused 
out of bound memory access.
  *  Fixed multiple issues in HttpInspect preprocessor.
       - Handling chunk encoding followed by \r\r\r\n and \n\n\n\r\r\n.
       - Fixed an issue with LZMA flash decompression.
  *  Fixed mime data processing issue in SMTP stateless inspection.
  *  Added support to decode packets that contains VLAN with Secure 
Group Tag (SGT).
  *  Fixed Issue related to DLL-Load in Snort on windows platforms for 

The Snort Team would like to thank the following for their contributions 
in the Snort release:

Marcel da Silva
Al Lewis
Steffen Ullrich

As always, join the conversation over on the Snort-Users list 
<https://snort.org/community> for any installation or upgrade assistance!

Thank you,

The Snort Team

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20161214/b47a32a5/attachment.html>

More information about the Snort-sigs mailing list