Information on source package suricata

Available versions

ReleaseVersion
jessie2.0.7-2+deb8u1
jessie (security)2.0.7-2+deb8u2
stretch3.2.1-1+deb9u1
buster1:4.0.5-1
sid1:4.0.5-1

Open issues

BugjessiestretchbustersidDescription
TEMP-0856648-2BC2C9vulnerable (no DSA)fixedfixedfixeddns: out of bound memory read
CVE-2018-6794vulnerable (no DSA)vulnerable (no DSA)fixedfixedSuricata before 4.0.4 is prone to an HTTP detection bypass ...
CVE-2018-14568vulnerable (no DSA)vulnerable (no DSA)fixedfixedSuricata before 4.0.5 stops TCP stream inspection upon a TCP RST from a ...
CVE-2017-7177vulnerable (no DSA)fixedfixedfixedSuricata before 3.2.1 has an IPv4 defragmentation evasion issue caused ...
CVE-2017-15377vulnerable (no DSA)vulnerable (no DSA)fixedfixedIn Suricata before 4.x, it was possible to trigger lots of redundant ...

Resolved issues

BugDescription
TEMP-0783007-4C0B51http uri parsing issue
TEMP-0000000-C04FE8dcerpc: exit()'s on malloc failure
CVE-2016-10728An issue was discovered in Suricata before 3.1.2. If an ICMPv4 error ...
CVE-2015-8954The MemcmpLowercase function in Suricata before 2.0.6 improperly ...
CVE-2015-0971The DER parser in Suricata before 2.0.8 allows remote attackers to ...
CVE-2015-0928libhtp 0.5.15 allows remote attackers to cause a denial of service ...
CVE-2014-6603The SSHParseBanner function in SSH parser (app-layer-ssh.c) in ...
CVE-2013-5919Suricata before 1.4.6 allows remote attackers to cause a denial of ...

Security announcements

DSA / DLADescription
DLA-1508-1suricata - security update
DLA-865-1suricata - security update
DSA-3254-1suricata - security update

Search for package or bug name: Reporting problems