Friday, August 2, 2019

Snort 2.9.14.1 has been released!

Snort Community!

We know it's a Friday, so we don't expect everyone to run right out and update, but in trying to get everything done before Black hat / Defcon, we wanted to make sure that 2.9.14.1 was shipped before we all got on planes to head out to "Hacker Summer Camp".

We've just pushed 2.9.14.1 live on the website (snort.org/downloads).  Please head on over and check it out at your earliest convenience.

Release notes are essentially the same as 2.9.14.0, with one minor fix, so I'll repost those:

[*] New Additions

 * Added support for wild card port numbers in host cache and overwriting port service AppId.

 * Added support for new STLS client patterns to help better detect POP3S over SSL.

 * Added support for detecting Mac based SMTP Microsoft Outlook client application.

 * Added a new preprocessor alert 120:27 to alert if there is no proper end of header.

[*] Improvements / Fix

 * Improved appId detection for proxied traffic.

 * Fix for enabling flow profiling mode without restarting snort detection engine.

 * Fixed packet drop scenario.


Thanks so much for bearing with us while we figured out the little bug with packet acquisition.

As always, feedback can be directed to the Snort-users list.  Happy Snorting!