There are too many changes to list here so check the ChangeLog for details.
Enhancements:
- port 2983 smb active response updates
- add JavaScript normalization to new http_inspect
- add MIME file processing to new http_inspect
- add alternate fast patterns for dce_udp endianness
- add dce auto detect to wizard
- fix appid service dispatch handling issue
thanks to João Soares; for reporting the issue - fix paf-type flushing of single segments
thanks to João Soares for reporting the issue - fix modbus_data handling to not skip options
thanks to FabianMalte.Kopp@b-tu.de for reporting the issue - fix comment in snort.lua re install directory use
thanks to Yang Wang for sending the pull request - fix fast pattern selection when multiple designated
thanks to j.mcdowell@titanicsystems.com for reporting the issue - fix image sizes to fit page
thanks to wyatuestc for reporting the issue - change -L to -K in README and manual
thanks to jncornett for reporting the issue - fix demonization
thanks to João Soares for reporting the issue
- appid overhaul to address threading issues, leaks, and sanitizer and analyzer issues
- fix appid pattern matching for http
- fix reload crash with file inspector
- fix various race conditions reported by thread sanitizer
- fix thread termination segfaults after DAQ module initialization fails
- several build fixes for non-x86, Illumos, and others
- create pid file after dropping privileges
- user manual was reorganized and expanded
Happy Snorting!
The Snort Release Team