As mentioned on Twitter yesterday, we will be releasing Snort 2.9.1.1 today. I'll have an additional post when it is released along with the accompanying VRT rule release.
In the meantime here are the release notes:
2011-10-05 - Snort 2.9.1.1
[*] New Additions
* Added the ability to use shared memory (linux only) for the
experimental IP reputation preprocessor. See README.reputation for details.
* Added a Unix control socket (linux only), used to issue commands to
running Snort processes. Currently, it is only used by the IP
Reputation preprocessor for communication regarding the shared memory.
See the Snort Manual and the tools/control directory for more details.
[*] Improvements
* Improved HTTP Inspect and rule processing for both raw compress
and zlib deflated data. Expanded coverage of normalization for
Unicode encoded data.
* Updated HTTP Inspect PAF support to better handle HTTP 1.1 responses.
