projects / suricata.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(merge: db5887e f805f66)
suricata (1:6.0.1-3+deb11u1) bullseye-security; urgency=medium
authorThorsten Alteholz <debian@alteholz.de>
Sun, 30 Mar 2025 10:03:02 +0000 (12:03 +0200)
committerThorsten Alteholz <debian@alteholz.de>
Sun, 30 Mar 2025 10:03:02 +0000 (12:03 +0200)
commitdb0e32fa0da9b3b3e8deadb0eda671b7ea61549b
treeaaedb72419b3b784b904fea2e01ba186acee7408tree | snapshot
parentdb5887e2ddd60c5a02173ac1ff1aff3447393708commit | diff
parentf805f6659a602418434529268923b737d8a25b3ecommit | diff
suricata (1:6.0.1-3+deb11u1) bullseye-security; urgency=medium

  * Non-maintainer upload by the LTS Team.
  * CVE-2021-45098
    Fix bypass of HTTP-based signature by faking an RST TCP packet.
  * CVE-2023-35852
    Fix unintended file access in local filesystem.
  * CVE-2024-32663
    Fix using large amount of memory.
  * CVE-2024-37151
    Fix mishandling of multiple fragmented packets, which might lead to
    policy bypass.
  * CVE-2024-45796
    Fix logic error during fragment reassembly.
  * CVE-2025-29918
    Fix infinite loop.
  * CVE-2024-55626
    Fix buffer overflow due to large BPF filter file.

[dgit import unpatched suricata 1:6.0.1-3+deb11u1]
61 files changed:
debian/building-in-ci.sh | | blob
debian/changelog | | blob
debian/control | | blob
debian/copyright | | blob
debian/libhtp-0.5.24-1.install | | blob
debian/libhtp-0.5.24-1.lintian-overrides | | blob
debian/libhtp-0.5.24-1.symbols | | blob
debian/oinkmaster/suricata-oinkmaster | | blob
debian/oinkmaster/suricata-oinkmaster-updater | | blob
debian/oinkmaster/suricata-oinkmaster-updater.8 | | blob
debian/oinkmaster/suricata-oinkmaster.conf | | blob
debian/patches/CVE-2021-45098.patch | | blob
debian/patches/CVE-2023-35852-1.patch | | blob
debian/patches/CVE-2023-35852-2.patch | | blob
debian/patches/CVE-2024-32663-1.patch | | blob
debian/patches/CVE-2024-32663-2.patch | | blob
debian/patches/CVE-2024-37151.patch | | blob
debian/patches/CVE-2024-45796.patch | | blob
debian/patches/CVE-2024-55626.patch | | blob
debian/patches/CVE-2025-29916-1.patch | | blob
debian/patches/CVE-2025-29916-2.patch | | blob
debian/patches/CVE-2025-29916-3.patch | | blob
debian/patches/CVE-2025-29917.patch | | blob
debian/patches/CVE-2025-29918.patch | | blob
debian/patches/avoid-to-include-if_tunnel-h.patch | | blob
debian/patches/configure-clang-variable.patch | | blob
debian/patches/cross.patch | | blob
debian/patches/debian-default-cfg.patch | | blob
debian/patches/fix-repeated-builds.patch | | blob
debian/patches/import-sockio-h.patch | | blob
debian/patches/llc.patch | | blob
debian/patches/no-use-gnu.patch | | blob
debian/patches/remove-conflicting-python-file.patch | | blob
debian/patches/reproducible.patch | | blob
debian/patches/series | | blob
debian/patches/stream-no-reject-bad-ack.patch | | blob
debian/patches/with-ebpf-includes.patch | | blob
debian/rules | | blob
debian/source/format | | blob
debian/suricata-oinkmaster.install | | blob
debian/suricata-oinkmaster.manpages | | blob
debian/suricata.1 | | blob
debian/suricata.README.Debian | | blob
debian/suricata.default | | blob
debian/suricata.dirs | | blob
debian/suricata.init | | blob
debian/suricata.install | | blob
debian/suricata.lintian-overrides | | blob
debian/suricata.logrotate | | blob
debian/suricata.maintscript | | blob
debian/suricata.manpages | | blob
debian/suricata.preinst | | blob
debian/suricata.service | | blob
debian/suricatactl-filestore.1 | | blob
debian/suricatactl.1 | | blob
debian/suricatasc.1 | | blob
debian/tests/control | | blob
debian/tests/suricata-oinkmaster-updater.sh | | blob
debian/tests/systemd-service-test.sh | | blob
debian/upstream/signing-key.asc | | blob
debian/watch | | blob
Unnamed repository; edit this file 'description' to name the repository.