[Snort-users] Snort Blog: Snort 2.9.12.0 has been released

Ian snort_list at fishnet.co.uk
Fri Oct 12 04:52:45 EDT 2018


Hi,

I've just build from the source RPM on a centos 6 system that I 
previously built 2.9.11.0 using the command:

	rpmbuild --rebuild snort-2.9.12-1.src.rpm

The rpms created are:

	snort-openappid-2.9.12-1.x86_64.rpm
	snort-openappid-debuginfo-2.9.12-1.x86_64.rpm

Is this version with openappid a drop in replacement for the previous one ?

Will any reconfiguring need doing?

Thanks

Ian
-- 





On 11/10/2018 20:55, Joel Esler (jesler) via Snort-users wrote:
> 
>>
>> https://blog.snort.org/2018/10/snort-29120-has-been-released.html
>>
>>
>>   Snort 2.9.12.0 has been released
>>
>> Please join us as we welcome SNORTⓇ 2.9.12.0 to the family!
>>
>> Some release notes on this latest version:
>>
>>
>>         New Additions
>>
>>   * Parsing HTTP CONNECT to extract the tunnel IP and port information.
>>   * Alerting and dechunking for chunked encoding in HTTP1.0 request
>>     and response. 
>>
>>
>>         Improvements
>>
>>   * Fixed an issue where, if we have a junk line before HTTP response
>>     header, the header was wrongly parsed.
>>   * Fixed GZIP evasions where an HTTP response with
>>     content-encoding:gzip contains a body that has a GZIP-related
>>     anomaly.
>>   * Fixed an issue in certain scenarios where a BitTorrent pattern is
>>     seen only on the third packet of the session, causing us to miss
>>     our client detection.
>>   * SMB improvements for file detection and processing. 
>>
>>
>> We'd like to thank the following members of the Snort community for 
>> reporting issues and submitting code to the project:
>>
>>   * Elof
>>   * Anuj Patel
>>   * Markus
>>   * David Binderman
>>   * Stephan Zeisbarg 
>>
>>
>> As always, we welcome feedback and community participation in Snort on 
>> the snort-users mailing list <https://snort.org/community>.
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.snort.org
> Go to this URL to change user options or unsubscribe:
> https://lists.snort.org/mailman/listinfo/snort-users
> 
> 	To unsubscribe, send an email to:
> 	snort-users-leave at lists.snort.org
> 
> Please visit http://blog.snort.org to stay current on all the latest Snort news!
> 
> Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
> 




More information about the Snort-users mailing list