SNORTⓇ released its newest open-source version, 126.96.36.199, this morning.
You can download this version on Snort.org. As you may remember, version 188.8.131.52 reached its end-of-life last week, so anyone using that version should update immediately.
Here's a rundown of everything that's new in this release:
- Added support for AppID to detect login success and failure for IMAP and POP3 protocols.
Improvements / Fix
- Fixed an issue where the verdict will be applied to the next session when a timeout occurs in some scenarios.
- Removed an excessively flooding log.
- Fixed possible integer overflow.
- Added fix to GCC compiled snort to use AC-BNFA-Q search-method when Intel-CPM is enabled.
- Fixed terminology to be bias-free in log/error messages.
- Fixed a potential race condition.
- Added fix to not to drop packets when the window size is 0 by TCP normalizer and added a new alert with GID 129 and SID 21 when such packets are seen.