Suricata v4.1.4_8 Package Update Release Notes
bmeeks last edited by bmeeks
This update fixes an issue with displaying the last rules update job status, corrects the spelling of a syslog() PRIORITY constant in the GeoIP2 database update cron task script and corrects a bug in the earlier v4.1.4_7 update that could result in a configured Suricata interface being overwritten.
Formerly the rules update status info was stored in the
config.xmlfile, but that resulted in unnecessary backups of
config.xmlwith each rules update job run. A previous package update removed the call to write_config() that was generating the unnecessary backup, but that prevented the recording of rules update time and status. The rules update execution time and status are now recorded locally in a small file on the firewall.
A PHP warning message is generated in the crash log due to use of an unknown constant in a call to the syslog() function in the GeoIP2 database update cron task.
Rules update task info (execution time and status) is displaying as either "unknown" or the last package installation date and time.
When more than one interface is configured, it is possible during the post-install script run as part of Suricata package installation that the final Suricata interface's configuration could be overwritten with the configuration of the first Suricata interface resulting in the loss of the final interface.