Enhancements:
- add configure --enable-hardened-build
- add configure --pie (position independent executable)
- add new_http_inspect alert for loss of sync
- add peg counts for new_http_inspect
- add peg counts for sd_pattern
- add file_log inspector to log file events
- add filename support to file daq
- update file processing configuration
- add high availability support for udp and icmp
- add support for safe C library
- add new http_inspect alerts abusive content-length and transfer-encodings
- add \b matching to sensitive data
- add obfuscation for sensitive data
- add support for unprivileged operation
- convert legacy allocations to memory manager for better memory profiling
- add double-decoding to new_http_inspect
- add obfuscation support for cmg and unified2
- various snort2lua updates and fixes
- fix default prime tables for internal hash functions
- fix new_http_inspect bounds issues
- miscellaneous cmake and auto tools build fixes
- add / update unit tests
- fix additional memory leaks
- fix compiler warnings
- fix static analysis issues
- fix handling of bpf file failures
- fix link with dynamic DAQ
- fix multi-DAQ instance configuration
- prevent profiler double counting on recursion
- initial appid port - in progress
- continued porting of dce_rpc - smb transaction processing
- openssl is now a mandatory dependency
- DAQ 2.1 has many updates - see the ChangeLog for details
Happy Snorting!
The Snort Release Team