Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock
Although it is an upstream release, please unblock suricata 4.1.4-1 for
buster.
Suricata is an Intrusion Detection System (IDS), which makes it
exposed to malicious traffic by design. The upstream release 4.1.4 fixes
several bugs and security issues (no CVE numbers).
The debdiff since 4.1.3 is too big to be included here (it contains
updates to many auto-generated files like configure), so I'm adding the
upstream changelog here:
Changes
Bug #2870: pcap logging with lz4 coverity warning
Bug #2883: ssh: heap buffer overflow
Bug #2884: mpls: heapbuffer overflow in file decode-mpls.c
Bug #2887: decode-ethernet: heapbuffer overflow in file decode-ethernet.c
Bug #2888: 4.1.3 core in HCBDCreateSpace
Bug #2894: smb 1 create andx request does not parse the filename correctly
Bug #2902: rust/dhcp: panic in dhcp parser
Bug #2903: mpls: cast of misaligned data leads to undefined behavior
Bug #2904: rust/ftp: panic in ftp parser
Bug #2943: rust/nfs: integer underflow
This release includes Suricata-Update 1.0.5
I hope the new version can be included.
Best regards,
Pierre
