Merge branch 'snort3:master' into master

chbinousamy · Dec 5, 2023 · 0da87f8 · 0da87f8
2 parents 83cb4d6 + f873143
commit 0da87f8
Show file tree

Hide file tree

Showing 666 changed files with 9,100 additions and 8,323 deletions.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -3,7 +3,7 @@ project (snort CXX C)
 
 set (VERSION_MAJOR 3)
 set (VERSION_MINOR 1)
-set (VERSION_PATCH 71)
+set (VERSION_PATCH 76)
 set (VERSION_SUBLEVEL 0)
 set (VERSION "${VERSION_MAJOR}.${VERSION_MINOR}.${VERSION_PATCH}.${VERSION_SUBLEVEL}")
 

diff --git a/ChangeLog.md b/ChangeLog.md
@@ -1,3 +1,67 @@
+2023-12-03: 3.1.76.0
+
+* appid: added missed cppcheck warning
+* appid: adding support for memory profiling of third party lib
+* appid: additional check for lua logging
+* appid: fixing coverity issues
+* dns: fix parsing 'additionals' section in dns response
+* flow_cache: added new protocol base counters
+* pegs: make add_peg_count and set_peg_count protected to be available for the derived class
+* perf_mon: fix variable name issue reported by cppcheck
+
+2023-11-19: 3.1.75.0
+
+* appid: add appId for DNS over QUIC and DNS over HTTP/3 to application_ids.h
+* decompress: use list for OLE file entries to guarantee their order in file_data
+* detection: setting flag for flows with affected logging due to event filter
+
+2023-11-07: 3.1.74.0
+
+* actions, detection, file_api, flow, stream: coverity fixes
+* appid: clean up main thread appid debug and make appid on, off, on work
+* appid: lua log function with appiddebug check
+* build: address miscellaneous cppcheck warnings
+* build: fix up 32-bit compilation
+* build: fix coverity and cppcheck issues
+* build: remove unused functions reported by cppcheck
+* codecs: fix bad checksum when auth(51) protocol header is present between IP and TCP layer.
+* dce_rpc: added SMB Redesigned Multichannel enabled code
+* http_inspect: add correct handling of configuration error
+* ips_options: fix ack option
+* ips_options: fix flow bits
+* packet_io: fix incorrect counters caused by data plane counters reset
+* search_tool: allow an override of the search method
+* search_tool: fall back to normal mpse if no snort config
+
+2023-10-23: 3.1.73.0
+
+* appid: added support for appid trace logs with multiple logging levels
+* appid: fixing cppcheck issue
+* control: code refactor to support all unix flavors
+* detection: fix cleaning of rule profiling stats when profiling starts
+* host_cache: added segmented cache
+* http_inspect: handle reserved gzip flags
+* http_inspect: response to 0.9 isn't necessarily 0.9
+* profiler: extend field length to support uint64
+* stream: skip duplicated alerts in TcpReassemblerState's list. Thanks wenhao-in-chengdu for reporting the issue and suggesting a fix.
+* stream_tcp: ignore normalization checks when in midstream state
+
+2023-10-10: 3.1.72.0
+
+* active: added API for printing delayed action string
+* appid: support to get correct http session based on stream_id
+* control: allow one command at a time
+* dce_rpc: using  reset_using_rpkt() inline to what is there in eval() of SMB inspector code as well
+* flow_cache: added protocol base LRU caches
+* helpers: increase buffer space for function names, allow printing truncated names
+* http_inspect: clear fake headers snapshot for 0.9 response
+* http_inspect: run detection on failed utf decoding
+* memory: change NOW type counts to SUM type, where necessary
+* packet_io: fix daq stats
+* stream_tcp: accept 1 byte of trimmed probe data after zero window
+* stream_tcp: update rcv_nxt appropriately for each segment
+* tcp: timeout for embryonic and idle session
+
 2023-09-25: 3.1.71.0
 
 * appid, http_inspect, http2_inspect: create appid session if not present in decrypt event handler, add message section as part of StreamFlowIntf for httpx

diff --git a/cmake/FindDAQ.cmake b/cmake/FindDAQ.cmake
@@ -16,7 +16,7 @@ This module defines:
 #]=======================================================================]
 
 find_package(PkgConfig)
-pkg_check_modules(PC_DAQ libdaq>=3.0.12)
+pkg_check_modules(PC_DAQ libdaq>=3.0.13)
 
 # Use DAQ_INCLUDE_DIR_HINT and DAQ_LIBRARIES_DIR_HINT from configure_cmake.sh as primary hints
 # and then package config information after that.

diff --git a/doc/reference/builtin_stubs.txt b/doc/reference/builtin_stubs.txt
@@ -1287,6 +1287,10 @@ HTTP/2 preface received instead of an HTTP/1 method
 
 HTTP request method is not on allowed methods list or is on disallowed methods list.
 
+119:288
+
+HTTP reserved GZIP flags are set
+
 121:1
 
 Invalid flag set on HTTP/2 frame header
-Original file line number
+Diff line change
@@ Expand Up / @@ -1287,6 +1287,10 @@ HTTP/2 preface received instead of an HTTP/1 method @@
     HTTP request method is not on allowed methods list or is on disallowed methods list.
+:288
+    HTTP reserved GZIP flags are set
 :1
     Invalid flag set on HTTP/2 frame header
@@ Expand Down @@