We know it's a Friday, so we don't expect everyone to run right out and update, but in trying to get everything done before Black hat / Defcon, we wanted to make sure that 2.9.14.1 was shipped before we all got on planes to head out to "Hacker Summer Camp".
We've just pushed 2.9.14.1 live on the website (snort.org/downloads). Please head on over and check it out at your earliest convenience.
Release notes are essentially the same as 2.9.14.0, with one minor fix, so I'll repost those:
[*] New Additions * Added support for wild card port numbers in host cache and overwriting port service AppId. * Added support for new STLS client patterns to help better detect POP3S over SSL. * Added support for detecting Mac based SMTP Microsoft Outlook client application. * Added a new preprocessor alert 120:27 to alert if there is no proper end of header. [*] Improvements / Fix * Improved appId detection for proxied traffic. * Fix for enabling flow profiling mode without restarting snort detection engine. * Fixed packet drop scenario.
Thanks so much for bearing with us while we figured out the little bug with packet acquisition.
As always, feedback can be directed to the Snort-users list. Happy Snorting!