Discover Government News

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-bd4eed8466
2024-03-07 00:56:19.124094
--------------------------------------------------------------------------------

Name        : suricata
Product     : Fedora 39
Version     : 6.0.16
Release     : 1.fc39
URL         : https://suricata-ids.org/
Summary     : Intrusion Detection System
Description :
The Suricata Engine is an Open Source Next Generation Intrusion
Detection and Prevention Engine. This engine is not intended to
just replace or emulate the existing tools in the industry, but
will bring new ideas and technologies to the field. This new Engine
supports Multi-threading, Automatic Protocol Detection (IP, TCP,
UDP, ICMP, HTTP, TLS, FTP and SMB! ), Gzip Decompression, Fast IP
Matching, and GeoIP identification.

--------------------------------------------------------------------------------
Update Information:

This update fixes: CVE-2024-23835,  CVE-2024-23836, CVE-2024-23837,
CVE-2024-23839, CVE-2024-24568.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Feb 26 2024 Steve Grubb  6.0.16-1
- New security and bugfix release
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2266171 - CVE-2024-24568 suricata: potential bypass of rules inspecting HTTP2 headers [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2266171
  [ 2 ] Bug #2266172 - CVE-2024-24568 suricata: potential bypass of rules inspecting HTTP2 headers [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2266172
  [ 3 ] Bug #2267727 - CVE-2024-23836 suricata: crafted traffic can cause denial of service [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2267727
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-bd4eed8466' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------
--
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Do not reply to spam, report it: https://pagure.io/login/

Fedora 39: suricata 2024-bd4eed8466

March 7, 2024
This update fixes: CVE-2024-23835, CVE-2024-23836, CVE-2024-23837, CVE-2024-23839, CVE-2024-24568.

Summary

The Suricata Engine is an Open Source Next Generation Intrusion

Detection and Prevention Engine. This engine is not intended to

just replace or emulate the existing tools in the industry, but

will bring new ideas and technologies to the field. This new Engine

supports Multi-threading, Automatic Protocol Detection (IP, TCP,

UDP, ICMP, HTTP, TLS, FTP and SMB! ), Gzip Decompression, Fast IP

Matching, and GeoIP identification.

Update Information:

This update fixes: CVE-2024-23835, CVE-2024-23836, CVE-2024-23837, CVE-2024-23839, CVE-2024-24568.

Change Log

* Mon Feb 26 2024 Steve Grubb 6.0.16-1 - New security and bugfix release

References

[ 1 ] Bug #2266171 - CVE-2024-24568 suricata: potential bypass of rules inspecting HTTP2 headers [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2266171 [ 2 ] Bug #2266172 - CVE-2024-24568 suricata: potential bypass of rules inspecting HTTP2 headers [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2266172 [ 3 ] Bug #2267727 - CVE-2024-23836 suricata: crafted traffic can cause denial of service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2267727

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-bd4eed8466' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
Name : suricata
Product : Fedora 39
Version : 6.0.16
Release : 1.fc39
URL : https://suricata-ids.org/
Summary : Intrusion Detection System

Related News