Suricata Package v4.1.4_4 -- Release Notes

  • Suricata-4.1.4_4
    This update corrects a serious bug in the Legacy Mode blocking custom plugin that caused blocking of host IP addresses to fail, and when a firewall interface IP was changed while Suricata was running using Legacy Mode blocking, the Suricata process could crash. This bug was within the Suricata binary component. The latest binary version is now Suricata v4.1.4_2.

    To be sure you get all of the latest files, including the binary for this update, it is suggested that you first delete the Suricata package from your firewall and then install it again from the Available Packages tab in the PACKAGE MANAGER menu. Your settings will be preserved so long as the Save Settings checkbox is enabled on the GLOBAL SETTINGS tab of Suricata. This setting is enabled by default.

    Bug Fixes:

    1. Upgrade or reinstall of Suricata package removes default Suricata *-events rules files installed by the base Suricata binary package. Redmine issue #9581.

    2. Legacy Mode blocking not actually blocking offender IPs in some setups and also possible Suricata process crashes when running an interface in Legacy Mode.

Log in to reply