Download Suricata 4.0.4

Version 4.0.4 of Suricata has been released. Suricata is an open source network intrusion detection system (IDS), intrusion prevention system (IPS), and network security monitoring engine. It can be used to monitor network traffic and alert a system administrator if anything suspicious is detected. The Open Information Security Foundation is coordinating the development, with help from the community and various manufacturers. The with it on json Based logging system Eve collected data can be done with, among other things, log stash are used to display information graphically again at to give. In version 4.0, the detection capabilities have been improved, there are additional options for displaying the data and more protocols are supported. The following improvements have also been made in this update:

Suricata 4.0.4 available!

We are pleased to announce Suricata 4.0.4. This is a security update fixing a number of security issues, as well as a fair number of regular issues.

Security

• CVE-2018-6794 was requested for issue #2440

changes

• Bug #2306: suricata 4 deadlocks during failed output log reopening
• Bug #2361: rule reload hangup
• Bug #2389: BUG_ON asserts in AppLayerIncFlowCounter (4.0.x)
• Bug #2392: libhtp 0.5.26 (4.0.x)
• Bug #2422: [4.0.3] af_packet: a leak that (possibly) breaks an inline channel
• Bug #2438: various config parsing issues
• Bug #2439: Fix timestamp offline when pcap timestamp is zero (4.0.x)
• Bug #2440: stream engine bypass issue (4.0.x)
• Bug #2441: der parser: bad input consumes cpu and memory (4.0.x)
• Bug #2443: DNP3 memcpy buffer overflow (4.0.x)
• Bug #2444: rest/dns: Core Dump with malformed traffic (4.0.x)
• Bug #2445: http bodies / file_data: thread space creation writing out of bounds

Logstash Kibana fed with information from Suricata with json output.