Stay Secure with the Latest Linux Advisories

security advisoryintrusion detectionfedora

Fedora 29 Suricata: 2018-787ee605a5 Moderate: SMTP Parser Segfault

This update fixes a segfault in the SMTP parser. This bug is tracked as CVE-2018-18956. There are a number of other bugfixes and performance improvements.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-787ee605a5 2018-11-17 05:14:59.338123 --------------------------------------------------------------------------------Name : suricata Product : Fedora 29 Version : 4.0.6 Release : 1.fc29 URL : Summary : Intrusion Detection System Description : The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic Protocol Detection (IP, TCP, UDP, ICMP, HTTP, TLS, FTP and SMB! ), Gzip Decompression, Fast IP Matching, and GeoIP identification. --------------------------------------------------------------------------------Update Information: This update fixes a segfault in the SMTP parser. This bug is tracked as CVE-2018-18956. There are a number of other bugfixes and performance improvements. --------------------------------------------------------------------------------ChangeLog: * Tue Nov 6 2018 Steve Grubb - 4.0.6-1 - New upstream bugfix release - Fixes CVE-2018-18956 Segmentation fault in the ProcessMimeEntity function --------------------------------------------------------------------------------References: [ 1 ] Bug #1646984 - CVE-2018-18956 suricata: Segmentation fault in the ProcessMimeEntity function [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1646984 [ 2 ] Bug #1646983 - CVE-2018-18956 suricata: Segmentation fault in the ProcessMimeEntity function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1646983 --------------------------------------------------------------------------------This update can beinstalled with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-787ee605a5' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . This patch addresses an issue causing a crash in the HTTP parser. Additional improvements and various bug fixes are part of this version update for Suricata.. Suricata Update, SMTP Parser Fix, Bugfix, Fedora Security. . LinuxSecurity.com Team

Nov 17, 2018 Fedora