[Snort-sigs] Snort Blog: Snort 18.104.22.168 has been released
Joel Esler (jesler)
jesler at cisco.com
Thu Oct 11 15:55:53 EDT 2018
Snort 22.214.171.124 has been released
Please join us as we welcome SNORTⓇ 126.96.36.199 to the family!
Some release notes on this latest version:
* Parsing HTTP CONNECT to extract the tunnel IP and port information.
* Alerting and dechunking for chunked encoding in HTTP1.0 request and response.
* Fixed an issue where, if we have a junk line before HTTP response header, the header was wrongly parsed.
* Fixed GZIP evasions where an HTTP response with content-encoding:gzip contains a body that has a GZIP-related anomaly.
* Fixed an issue in certain scenarios where a BitTorrent pattern is seen only on the third packet of the session, causing us to miss our client detection.
* SMB improvements for file detection and processing.
We'd like to thank the following members of the Snort community for reporting issues and submitting code to the project:
* Anuj Patel
* David Binderman
* Stephan Zeisbarg
As always, we welcome feedback and community participation in Snort on the snort-users mailing list<https://snort.org/community>.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-sigs