Monday, December 6, 2021

Open-source version of Snort 2.9.19.0 available now

 SNORTⓇ released its newest open-source version, 2.9.19.0, this morning.

You can download this version on Snort.org. As you may remember, version 2.9.18.0 reached its end-of-life last week, so anyone using that version should update immediately. 

Here's a rundown of everything that's new in this release:

New Additions

  • Added support for AppID to detect login success and failure for IMAP and POP3 protocols.

Improvements / Fix

  • Fixed an issue where the verdict will be applied to the next session when a timeout occurs in some scenarios.
  • Removed an excessively flooding log.
  • Fixed possible integer overflow.
  • Added fix to GCC compiled snort to use AC-BNFA-Q search-method when Intel-CPM is enabled.
  • Fixed terminology to be bias-free in log/error messages.
  • Fixed a potential race condition.
  • Added fix to not to drop packets when the window size is 0 by TCP normalizer and added a new alert with GID 129 and SID 21 when such packets are seen.