Bug 220026 - security/suricata: Update to 3.2.2
Summary: security/suricata: Update to 3.2.2
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Richard Gallamore
URL:
Keywords:
Depends on: 220025
Blocks: 212192
  Show dependency treegraph
 
Reported: 2017-06-16 05:06 UTC by Franco Fichtner
Modified: 2017-06-18 15:07 UTC (History)
2 users (show)

See Also:
koobs: maintainer-feedback+

Attachments
patch against head (3.73 KB, patch)
2017-06-16 05:06 UTC, Franco Fichtner 		franco: maintainer-approval+
Details | Diff
poudriere build log (382.68 KB, text/plain)
2017-06-16 06:14 UTC, Franco Fichtner 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Franco Fichtner 2017-06-16 05:06:06 UTC 
Created attachment 183514 [details]
patch against head

Hi,

This updates Suricata to version 3.2.2 and brings several changes.

The update *requires* the following update of libhtp:

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220025

The update *closes* the following report:

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212192

The following issue has been *superseded* and can be closed:

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=210490

Suricata 3.2.2 changelog:

* Support additional runmodes for unix-socket
* make install-full can have race conditions on OSX
* af-packet: faulty VLAN handling in tpacket-v3 mode
* bad checksum 0xffff
* ippair: xbit unset memory leak
* file store: file log / file store mismatch with multiple files
* app-layer: fix memleak on bad traffic
* http body handling: failed assertion
* ippair: pair is direction sensitive
* defrag – overlap issue in linux policy
* unix socket: race condition on start up

Changes for the port:

* Depends on libhtp 0.5.24 or greater
* Listen on multiple PCAP interfaces via RC script
* Dependencies added in the 3.2.1 update move to the PRELUDE option where they belong


Cheers,
Franco
Comment 1 Kubilay Kocak freebsd_committer freebsd_triage 2017-06-16 05:14:46 UTC 
Thank you Franco. Please:

- Confirm the changes pass QA (poudriere in particular)
- Declare maintainer approval by setting maintainer-approval to + on attachments. Attachment -> Details -> maintainer-approval [+]
Comment 2 Franco Fichtner 2017-06-16 06:14:59 UTC 
Created attachment 183517 [details]
poudriere build log
Comment 3 commit-hook freebsd_committer freebsd_triage 2017-06-18 15:07:08 UTC 
A commit references this bug:

Author: ultima
Date: Sun Jun 18 15:06:34 UTC 2017
New revision: 443829
URL: https://svnweb.freebsd.org/changeset/ports/443829

Log:
  * Updated to 3.2.2
  * Depends on libhtp 0.5.24 or greater
  * Listen on multiple PCAP interfaces via RC script
  * Dependencies added in the 3.2.1 update move to the PRELUDE option where they belong

   - Support additional runmodes for unix-socket
   - make install-full can have race conditions on OSX
   - af-packet: faulty VLAN handling in tpacket-v3 mode
   - bad checksum 0xffff
   - ippair: xbit unset memory leak
   - file store: file log / file store mismatch with multiple files
   - app-layer: fix memleak on bad traffic
   - http body handling: failed assertion
   - ippair: pair is direction sensitive
   - defrag ? overlap issue in linux policy
   - unix socket: race condition on start up

  PR:		220026
  Submitted by:	Franco Fichtner <franco@opnsense.org> (maintainer)
  Reviewed by:	matthew (mentor)
  Approved by:	matthew (mentor)
  Differential Revision:	https://reviews.freebsd.org/D11251

Changes:
  head/security/suricata/Makefile
  head/security/suricata/distinfo
  head/security/suricata/files/suricata.in
  head/security/suricata/pkg-plist
Comment 4 Richard Gallamore freebsd_committer freebsd_triage 2017-06-18 15:07:27 UTC 
Committed, thanks!