| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: libsuricata8_0_0 | Distribution: openSUSE Tumbleweed |
| Version: 8.0.0 | Vendor: openSUSE |
| Release: 1.1 | Build date: Fri Jul 18 13:26:30 2025 |
| Group: Development/Libraries/C and C++ | Build host: reproducible |
| Size: 12764432 | Source RPM: suricata-8.0.0-1.1.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: https://www.openinfosecfoundation.org/ | |
| Summary: Open Source Next Generation Intrusion Detection and Prevention Engine Library | |
The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This package contains the shared library.
GPL-2.0-only
* Fri Jul 18 2025 Eyad Issa <eyadlorenzo@gmail.com>
- Enable source package signature verification
https://en.opensuse.org/openSUSE:Package_source_verification
- Update keyring. Key ID taken from
https://docs.suricata.io/en/suricata-8.0.0/verifying-source-files.html#importing-the-oisf-signing-key
* Mon Jul 07 2025 Eyad Issa <eyadlorenzo@gmail.com>
- Disable LTO because of build issues when building the Rust
components.
- Remove htp dependency
- Remove lua dependency
- Enable eBPF support
- Remove old configure flags
- Migrate %setup to %autosetup
- Update to version 8.0.0:
* Lua breaking changes:
~ No ability to load third-party modules in Lua rules
~ No access to the “os” Lua library for access to system
resources such as the file system
~ Moving global Lua functions that access Suricata features
to Lua libraries
* The general detection engine performance was improved.
* PCAP reading mode can now process files faster.
* Suricata initialization has been significantly improved.
* More protocol conversions to Rust including:
LibHTP, FTP, ENIP, MIME parsing
* New protocols: ARP: decoder and logger, DNS over HTTPS (DoH),
LDAP support, Multicast DNS (mDNS), POP3: decoder and logger,
SDP: parse traffic over SIP, SIP: parse traffic over TCP,
Websocket support
* Data JSON for data sets: enrich alerts using metadata in
datasets
* New transforms and keywords: from_base64, entropy, luaxform
* requires: rules can check for keywords or features
* Integer keywords: accept hexadecimal notation, negated ranges,
enumerations, bitmask
* IPS: Suricata as a Firewall. The firewall mode is considered
experimental and may be subject to changes during the 8.0
lifecycle.
* Lua 5.4 has been “vendored” into the Suricata code base,
making it always available by default.
* Lua now runs in a sandboxed environment, so users can allow
Lua rules with confidence they won’t perform activities such
as writing to files or opening sockets or other system-level
access allowed by an unrestricted Lua runtime.
* Improvements to output formats
* Release blog post:
https://suricata.io/2025/07/08/suricata-8-0-0-released/
* Tue May 27 2025 Eyad Issa <eyadlorenzo@gmail.com>
- Update to version 7.0.10:
* Address a critical issue in 7.0.9 affecting AF_PACKET users:
setting a BPF would cause Suricata to fail to start up.
- Update to version 7.0.9:
* LibHTP has been updated to version 0.5.50
* Fix CVE-2025-29915: HIGH
* Fix CVE-2025-29917: HIGH
* CVE-2025-29918: HIGH
* CVE-2025-29916: Moderate
* Tue Apr 22 2025 Eyad Issa <eyadlorenzo@gmail.com>
- Invert libhs inclusion condition to handle other architectures
* Wed Jan 15 2025 Eyad Issa <eyadlorenzo@gmail.com>
- Added suricata-devel package
- Added libsuricata package
* Enable shared library build
- Use pkgconfig to find build dependencies
- Remove coccinelle build dependency
- Only build with XDP/eBPF support when available
- Only build with libmagic/libnet support when available
- Update to version 7.0.8:
* Various security, performance, accuracy, and stability issues
have been fixed.
* This release addresses CVE IDs:
~ CVE-2024-55627: CRITICAL
~ CVE-2024-55605: CRITICAL
~ CVE-2024-55629: HIGH
~ CVE-2024-55628: HIGH
~ CVE-2024-55626: LOW
- Update to version 7.0.7:
* LibHTP has been updated to version 0.5.49
* Various security, performance, accuracy, and stability issues
have been fixed.
* This release addresses CVE IDs:
~ CVE-2024-45797: CRITICAL
~ CVE-2024-47187: CRITICAL
~ CVE-2024-47188: CRITICAL
~ CVE-2024-47522: HIGH
~ CVE-2024-45795: HIGH
~ CVE-2024-45796: HIGH
- Update to version 7.0.6
* Various security, performance, accuracy, and stability issues
have been fixed.
* JA4 for TLS and QUIC has been backported to Suricata 7.0.6.
* These releases address CVE IDs:
~ CVE-2024-37151: CRITICAL
~ CVE-2024-38536: HIGH
~ CVE-2024-38534: HIGH
~ CVE-2024-38535: CRITICAL
* Mon Jul 15 2024 Eyad Issa <eyadlorenzo@gmail.com>
- Depend on vectorscan, as hyperscan has gone closed source
* Sat Jun 22 2024 Eyad Issa <eyadlorenzo@gmail.com>
- Update to version 7.0.5
* LibHTP has been updated to version 0.5.48. This version is
bundled with these new Suricata releases.
* Suricata-Update has been updated to 1.3.3 in Suricata 7.0.5.
* Various security, performance, accuracy, and stability issues
have been fixed.
https://redmine.openinfosecfoundation.org/versions/206
* These releases address CVE IDs:
~ CVE-2024-32663 - Critical severity
~ CVE-2024-32664 - High severity
~ CVE-2024-32867 - Moderate severity
- Update to version 7.0.4
* Various security, performance, accuracy, and stability issues
have been fixed.
https://redmine.openinfosecfoundation.org/versions/202
* Mon Feb 19 2024 Otto Hollmann <otto.hollmann@suse.com>
- Update to version 7.0.3
* LibHTP required version is 0.5.46. This is the version that is bundled
with the releases.
* Various security, performance, accuracy, and stability issues have been fixed.
https://redmine.openinfosecfoundation.org/versions/200
* These releases address CVE IDs:
- CVE-2024-23839 - Critical severity
- CVE-2024-23836 - Critical severity
- CVE-2024-23835 - High severity
- CVE-2024-24568 - Moderate severity
* Thu Oct 19 2023 Otto Hollmann <otto.hollmann@suse.com>
- Update to version 7.0.2
* Various security, performance, accuracy, and stability issues have been fixed.
https://redmine.openinfosecfoundation.org/versions/198
* Mon Sep 25 2023 Otto Hollmann <otto.hollmann@suse.com>
- Update to version 7.0.1
* LibHTP required version is 0.5.45. This is the version that is bundled
with the release.
* Various security, performance, accuracy, and stability issues have been
fixed.
* Thu Jul 27 2023 Otto Hollmann <otto.hollmann@suse.com>
- Update to version 7.0.0
* Main features:
- DPDK IDS/IPS 35 support for primary mode was added
- AF_XDP IDS 17support by Richard McConnell at Rapid7
- HTTP/HTTP2 new keywords for header inspection
- TLS: client certificate logging and detection
- Bittorrent parser by Aaron Bungay
- IPS: new default DROP behavior for exception policies 7
- EVE documented and validated with a json schema
- HTTP/2 support is no longer considered experimental
- NETMAP API 14
- Conditional PCAP 43 by Eric Leblond and Scott Jordan
- Initial libsuricata support
- VLAN support extended from 2 to 3 layers
* Performance improvements:
- file.data MPM split per app protocol
- New lighter rule profiling mode by Eric Leblond
- SMB: many fixes and optimizations
- Hash calculation using Rust crypto instead of NSS
- Flow manager tuning
- Many more performance-related counters
- Stream buffer, which is used by stream engine, file tracking, and more, is more memory efficient
* Secure Deployment / Security
- Linux Landlock support added by Eric Leblond
- Use of setrlimit to prevent Suricata from creating another process
- Lock cargo crates
- Default to secure settings for Datasets and Lua
- Maximum number of transactions for several protocols
- New Security Policies: https://github.com/OISF/suricata/blob/master/SECURITY.md 15
* Protocols
- QUICv1, GQUIC support added. GQUIC contributed by Emmanuel Thompson
- PostgreSQL support added
- HTTP/2 deflate decompression, byte-ranges support
- VN-Tag support
- Modbus rewritten to Rust with Eve logging added by Simon Dugas
- IKEv1 support added by Sascha Steinbiss and Frank Honza
- ESP flow tracking and logging
- Minimal telnet parser
- Active flow and TCP counters
- Network service header
- Remove dependency on system’s /etc/protocols
* Rules
- Added new rule keywords for DHCP, Kerberos, SNMP, TLS, QUIC
- JA3(s) support for QUIC
- New (experimental) class of keywords through “frames API”: NFS, SMB, DNS, telnet, SSL/TLS
- HTTP request files and NFS now support file.data
- “XOR” transform was added
- Lua: access to more rule info
- The byte_test, byte_math, and byte_jump keywords allow a variable name for the byte count value.
- flow.age keyword was added
* IPS
- Exception Policies added to better control packet handling in such conditions as memory caps being hit
- DPDK support
* Socket Control
- Get flow stats over Unix socket
- Datasets management commands were added
* Output
- Conditional packet capture allows packets to be written to disk only after an alert has been triggered
- New “stream” eve output type for debugging the stream engine
- Log engine verdict on rejected/dropped/passed packets
* Dev corner
- Total: 1375 files changed, 130027 insertions(+), 127626 deletions(-)
- Rust: 173 files changed, 39279 insertions(+), 13830 deletions(-)
- C: 978 files changed, 73882 insertions(+), 109446 deletions(-)
- Docs: 142 files changed, 6636 insertions(+), 1890 deletions(-)
- Much stricter C compiler flags.
- Clang’s scan-build clean, which is enforced in CI.
- CI was expanded.
- Rust parsers upgraded to using Nom 7
* Upgrade notes:
- Suricata 7.0 now uses pcre2 instead of pcre1.
- The MSRV (minimum supported Rust version) has been updated to 1.63.0 from 1.41.1 minimum in Suricata 6.0.
- Support for Prelude (libprelude) has been removed
- Suricata 7.0 requires and bundles libhtp 0.5.45
* Tue Jun 20 2023 Otto Hollmann <otto.hollmann@suse.com>
- Update to version 6.0.13
* LibHTP has been updated to 0.5.44. This is a required version that is
bundled with the release.
* Security #6119: datasets: absolute path in rules can overwrite arbitrary
files (6.0.x backport)
* Bug #6138: Decode-events of IPv6 packets are not triggered
(6.0.x backport)
* Bug #6136: suricata-update: dump-sample-configs: configuration files not
found (6.0.x backport)
* Bug #6125: http2: cpu overconsumption in rust moving/memcpy in
http2_parse_headers_blocks (6.0.x backport)
* Bug #6113: ips: txs still logged for dropped flow (6.0.x backport)
* Bug #6056: smtp: long line discard logic should be separate for server and
client (6.0.x backport)
* Bug #6055: ftp: long line discard logic should be separate for server and
client (6.0.x backport)
* Bug #5990: smtp: any command post a long command gets skipped
(6.0.x backport)
* Bug #5982: smtp: Long DATA line post boundary is capped at 4k Bytes
(6.0.x backport)
* Bug #5809: smb: convert transaction list to vecdeque (6.0.x backport)
* Bug #5604: counters: tcp.syn, tcp.synack, tcp.rst depend on flow
(6.0.x backport)
* Bug #5550: dns: allow dns messages with invalid opcodes (6.0.x backport)
* Task #5984: libhtp 0.5.44 (6.0.x backport)
* Documentation #6134: userguide: add instructions/explanation for
(not) running suricata with root (6.0.x backport)
* Documentation #6121: datasets: 6.0.x work-arounds for dataset supply chain
attacks
* Wed May 10 2023 Otto Hollmann <otto.hollmann@suse.com>
- Update to version 6.0.12
* Various performance, accuracy, and stability issues have been fixed.
* Remove legacy pfring install guide
* Fri Apr 21 2023 Otto Hollmann <otto.hollmann@suse.com>
- Update to version 6.0.11
* LibHTP has been updated to 0.5.43. This is a required version that is
bundled with the release.
* Various security, performance, accuracy, and stability issues have been
fixed.
* Thu Feb 09 2023 Otto Hollmann <otto.hollmann@suse.com>
- Update to version 6.0.10
Various security, performance, accuracy, and stability issues have been fixed
https://forum.suricata.io/t/suricata-6-0-10-released/3175/2
* Security #5804: Suricata crashes while processing FTP (6.0.x backport)
* Bug #5815: detect: config keyword prevents tx cleanup (6.0.x backport)
* Bug #5812: nfs: debug validation triggered on nfs2 read
* Bug #5810: smb/ntlmssp: parser incorrectly assumes fixed field order
(6.0.x backport)
* Bug #5806: exceptions: midstream flows are dropped if
midstream=true && stream.midstream-policy=drop-flow (6.0.x backport)
* Bug #5796: TLS Handshake Fragments not Reassembled (6.0.x backport)
* Bug #5795: detect/udp: different detection from rules when UDP/TCP header is
broken (6.0.x backport)
* Bug #5793: decode: Padded packet to minimal Ethernet length marked with
invalid length event (6.0.x backport)
* Bug #5791: smb: unbounded file chunk queuing after gap (6.0.x backport)
* Bug #5763: libbpf: Use of legacy code in eBPF/XDP programs (6.0.x backport)
* Bug #5762: detect/pcre: JIT not disabled when OS doesn't allow RWX pages
* Bug #5760: nfs: ASSERT: attempt to subtract with overflow (compound)
(6.0.x backport)
* Bug #5749: iprep/ipv6: warning issued on valid reputation input
(6.0.x backport)
* Bug #5744: netmap: 6.0.9 v14 backport causes known packet stalls from v14
implementation in "legacy" mode too
* Bug #5738: smb: failed assertion
(!((f->alproto == ALPROTO_SMB && txd->files_logged != 0))),
function CloseFile, file output-file.c (6.0.x backport)
* Bug #5735: smtp: quoted-printable encoding skips empty lines in files
(6.0.x backport)
* Bug #5723: eve: missing common fields like community id for some event types
like RFB
* Bug #5601: detect: invalid hex character in content leads to bad debug
message (6.0.x backport)
* Bug #5565: Excessive qsort/msort time when large number of rules using
tls.fingerprint (6.0.x backport)
* Bug #5299: YAML warning from default config on 6.0.5
* Optimization #5797: tls: support incomplete API to replace internal buffering
* Optimization #5790: smb: set defaults for file chunk limits (6.0.x backport)
- add dependency libhtp >= 0.5.42
* Tue Nov 29 2022 Michael Ströder <michael@stroeder.com>
- Update to version 6.0.9
Various security, performance, accuracy and stability issues have been fixed
https://forum.suricata.io/t/suricata-6-0-9-released/3012
- build now requires libhtp >= 0.5.42
* Mon Oct 03 2022 Martin Hauke <mardnh@gmx.de>
- Use hyperscan-devel instead of 'pkgconfig(libhs)' to prevent:
"unresolvable: have choice for pkgconfig(libhs): hyperscan-devel
vectorscan-devel"
* Wed Sep 28 2022 Michael Ströder <michael@stroeder.com>
- Update to version 6.0.8
https://forum.suricata.io/t/suricata-6-0-8-released/2808
https://forum.suricata.io/t/suricata-6-0-7-released/2807
https://forum.suricata.io/t/suricata-6-0-6-and-5-0-10-released/2637
- build now requires libhtp >= 0.5.41
* Tue Jun 28 2022 Otto Hollmann <otto.hollmann@suse.com>
- Copy config files and update rules
- Add python3-PyYAML as dependency for suricata-update
* Tue Jun 28 2022 Otto Hollmann <otto.hollmann@suse.com>
- Update to version 6.0.5
https://forum.suricata.io/t/suricata-6-0-5-and-5-0-9-released/2415
- LibHTP has been updated to 0.5.40. This is a required version that
is bundled with both releases.
- Suricata-Update, as bundled with 6.0.5, was updated to 1.2.4.
- Various security, performance, accuracy and stability issues have
been fixed.
* Tue Jan 25 2022 Hans-Peter Jansen <hpj@urpla.net>
- Update to version 6.0.4:
https://forum.suricata.io/t/suricata-6-0-4-and-5-0-8-released/1942
- Add luajit build conditional
- More man pages
/usr/lib/libsuricata.so.8.0.0
Generated by rpm2html 1.8.1
Fabrice Bellet, Sun Aug 10 23:32:16 2025