| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: suricata | Distribution: openSUSE Tumbleweed |
| Version: 8.0.0 | Vendor: openSUSE |
| Release: 1.1 | Build date: Fri Jul 18 13:26:30 2025 |
| Group: Unspecified | Build host: reproducible |
| Size: 17499375 | Source RPM: suricata-8.0.0-1.1.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: https://www.openinfosecfoundation.org/ | |
| Summary: Open Source Next Generation Intrusion Detection and Prevention Engine | |
The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. OISF is part of and funded by the Department of Homeland Security's Directorate for Science and Technology HOST program (Homeland Open Security Technology), by the the Navy's Space and Naval Warfare Systems Command (SPAWAR), as well as through the very generous support of the members of the OISF Consortium. More information about the Consortium is available, as well as a list of our current Consortium Members.
GPL-2.0-only
* Fri Jul 18 2025 Eyad Issa <eyadlorenzo@gmail.com>
- Enable source package signature verification
https://en.opensuse.org/openSUSE:Package_source_verification
- Update keyring. Key ID taken from
https://docs.suricata.io/en/suricata-8.0.0/verifying-source-files.html#importing-the-oisf-signing-key
* Mon Jul 07 2025 Eyad Issa <eyadlorenzo@gmail.com>
- Disable LTO because of build issues when building the Rust
components.
- Remove htp dependency
- Remove lua dependency
- Enable eBPF support
- Remove old configure flags
- Migrate %setup to %autosetup
- Update to version 8.0.0:
* Lua breaking changes:
~ No ability to load third-party modules in Lua rules
~ No access to the “os” Lua library for access to system
resources such as the file system
~ Moving global Lua functions that access Suricata features
to Lua libraries
* The general detection engine performance was improved.
* PCAP reading mode can now process files faster.
* Suricata initialization has been significantly improved.
* More protocol conversions to Rust including:
LibHTP, FTP, ENIP, MIME parsing
* New protocols: ARP: decoder and logger, DNS over HTTPS (DoH),
LDAP support, Multicast DNS (mDNS), POP3: decoder and logger,
SDP: parse traffic over SIP, SIP: parse traffic over TCP,
Websocket support
* Data JSON for data sets: enrich alerts using metadata in
datasets
* New transforms and keywords: from_base64, entropy, luaxform
* requires: rules can check for keywords or features
* Integer keywords: accept hexadecimal notation, negated ranges,
enumerations, bitmask
* IPS: Suricata as a Firewall. The firewall mode is considered
experimental and may be subject to changes during the 8.0
lifecycle.
* Lua 5.4 has been “vendored” into the Suricata code base,
making it always available by default.
* Lua now runs in a sandboxed environment, so users can allow
Lua rules with confidence they won’t perform activities such
as writing to files or opening sockets or other system-level
access allowed by an unrestricted Lua runtime.
* Improvements to output formats
* Release blog post:
https://suricata.io/2025/07/08/suricata-8-0-0-released/
* Tue May 27 2025 Eyad Issa <eyadlorenzo@gmail.com>
- Update to version 7.0.10:
* Address a critical issue in 7.0.9 affecting AF_PACKET users:
setting a BPF would cause Suricata to fail to start up.
- Update to version 7.0.9:
* LibHTP has been updated to version 0.5.50
* Fix CVE-2025-29915: HIGH
* Fix CVE-2025-29917: HIGH
* CVE-2025-29918: HIGH
* CVE-2025-29916: Moderate
* Tue Apr 22 2025 Eyad Issa <eyadlorenzo@gmail.com>
- Invert libhs inclusion condition to handle other architectures
* Wed Jan 15 2025 Eyad Issa <eyadlorenzo@gmail.com>
- Added suricata-devel package
- Added libsuricata package
* Enable shared library build
- Use pkgconfig to find build dependencies
- Remove coccinelle build dependency
- Only build with XDP/eBPF support when available
- Only build with libmagic/libnet support when available
- Update to version 7.0.8:
* Various security, performance, accuracy, and stability issues
have been fixed.
* This release addresses CVE IDs:
~ CVE-2024-55627: CRITICAL
~ CVE-2024-55605: CRITICAL
~ CVE-2024-55629: HIGH
~ CVE-2024-55628: HIGH
~ CVE-2024-55626: LOW
- Update to version 7.0.7:
* LibHTP has been updated to version 0.5.49
* Various security, performance, accuracy, and stability issues
have been fixed.
* This release addresses CVE IDs:
~ CVE-2024-45797: CRITICAL
~ CVE-2024-47187: CRITICAL
~ CVE-2024-47188: CRITICAL
~ CVE-2024-47522: HIGH
~ CVE-2024-45795: HIGH
~ CVE-2024-45796: HIGH
- Update to version 7.0.6
* Various security, performance, accuracy, and stability issues
have been fixed.
* JA4 for TLS and QUIC has been backported to Suricata 7.0.6.
* These releases address CVE IDs:
~ CVE-2024-37151: CRITICAL
~ CVE-2024-38536: HIGH
~ CVE-2024-38534: HIGH
~ CVE-2024-38535: CRITICAL
* Mon Jul 15 2024 Eyad Issa <eyadlorenzo@gmail.com>
- Depend on vectorscan, as hyperscan has gone closed source
* Sat Jun 22 2024 Eyad Issa <eyadlorenzo@gmail.com>
- Update to version 7.0.5
* LibHTP has been updated to version 0.5.48. This version is
bundled with these new Suricata releases.
* Suricata-Update has been updated to 1.3.3 in Suricata 7.0.5.
* Various security, performance, accuracy, and stability issues
have been fixed.
https://redmine.openinfosecfoundation.org/versions/206
* These releases address CVE IDs:
~ CVE-2024-32663 - Critical severity
~ CVE-2024-32664 - High severity
~ CVE-2024-32867 - Moderate severity
- Update to version 7.0.4
* Various security, performance, accuracy, and stability issues
have been fixed.
https://redmine.openinfosecfoundation.org/versions/202
* Mon Feb 19 2024 Otto Hollmann <otto.hollmann@suse.com>
- Update to version 7.0.3
* LibHTP required version is 0.5.46. This is the version that is bundled
with the releases.
* Various security, performance, accuracy, and stability issues have been fixed.
https://redmine.openinfosecfoundation.org/versions/200
* These releases address CVE IDs:
- CVE-2024-23839 - Critical severity
- CVE-2024-23836 - Critical severity
- CVE-2024-23835 - High severity
- CVE-2024-24568 - Moderate severity
* Thu Oct 19 2023 Otto Hollmann <otto.hollmann@suse.com>
- Update to version 7.0.2
* Various security, performance, accuracy, and stability issues have been fixed.
https://redmine.openinfosecfoundation.org/versions/198
* Mon Sep 25 2023 Otto Hollmann <otto.hollmann@suse.com>
- Update to version 7.0.1
* LibHTP required version is 0.5.45. This is the version that is bundled
with the release.
* Various security, performance, accuracy, and stability issues have been
fixed.
* Thu Jul 27 2023 Otto Hollmann <otto.hollmann@suse.com>
- Update to version 7.0.0
* Main features:
- DPDK IDS/IPS 35 support for primary mode was added
- AF_XDP IDS 17support by Richard McConnell at Rapid7
- HTTP/HTTP2 new keywords for header inspection
- TLS: client certificate logging and detection
- Bittorrent parser by Aaron Bungay
- IPS: new default DROP behavior for exception policies 7
- EVE documented and validated with a json schema
- HTTP/2 support is no longer considered experimental
- NETMAP API 14
- Conditional PCAP 43 by Eric Leblond and Scott Jordan
- Initial libsuricata support
- VLAN support extended from 2 to 3 layers
* Performance improvements:
- file.data MPM split per app protocol
- New lighter rule profiling mode by Eric Leblond
- SMB: many fixes and optimizations
- Hash calculation using Rust crypto instead of NSS
- Flow manager tuning
- Many more performance-related counters
- Stream buffer, which is used by stream engine, file tracking, and more, is more memory efficient
* Secure Deployment / Security
- Linux Landlock support added by Eric Leblond
- Use of setrlimit to prevent Suricata from creating another process
- Lock cargo crates
- Default to secure settings for Datasets and Lua
- Maximum number of transactions for several protocols
- New Security Policies: https://github.com/OISF/suricata/blob/master/SECURITY.md 15
* Protocols
- QUICv1, GQUIC support added. GQUIC contributed by Emmanuel Thompson
- PostgreSQL support added
- HTTP/2 deflate decompression, byte-ranges support
- VN-Tag support
- Modbus rewritten to Rust with Eve logging added by Simon Dugas
- IKEv1 support added by Sascha Steinbiss and Frank Honza
- ESP flow tracking and logging
- Minimal telnet parser
- Active flow and TCP counters
- Network service header
- Remove dependency on system’s /etc/protocols
* Rules
- Added new rule keywords for DHCP, Kerberos, SNMP, TLS, QUIC
- JA3(s) support for QUIC
- New (experimental) class of keywords through “frames API”: NFS, SMB, DNS, telnet, SSL/TLS
- HTTP request files and NFS now support file.data
- “XOR” transform was added
- Lua: access to more rule info
- The byte_test, byte_math, and byte_jump keywords allow a variable name for the byte count value.
- flow.age keyword was added
* IPS
- Exception Policies added to better control packet handling in such conditions as memory caps being hit
- DPDK support
* Socket Control
- Get flow stats over Unix socket
- Datasets management commands were added
* Output
- Conditional packet capture allows packets to be written to disk only after an alert has been triggered
- New “stream” eve output type for debugging the stream engine
- Log engine verdict on rejected/dropped/passed packets
* Dev corner
- Total: 1375 files changed, 130027 insertions(+), 127626 deletions(-)
- Rust: 173 files changed, 39279 insertions(+), 13830 deletions(-)
- C: 978 files changed, 73882 insertions(+), 109446 deletions(-)
- Docs: 142 files changed, 6636 insertions(+), 1890 deletions(-)
- Much stricter C compiler flags.
- Clang’s scan-build clean, which is enforced in CI.
- CI was expanded.
- Rust parsers upgraded to using Nom 7
* Upgrade notes:
- Suricata 7.0 now uses pcre2 instead of pcre1.
- The MSRV (minimum supported Rust version) has been updated to 1.63.0 from 1.41.1 minimum in Suricata 6.0.
- Support for Prelude (libprelude) has been removed
- Suricata 7.0 requires and bundles libhtp 0.5.45
* Tue Jun 20 2023 Otto Hollmann <otto.hollmann@suse.com>
- Update to version 6.0.13
* LibHTP has been updated to 0.5.44. This is a required version that is
bundled with the release.
* Security #6119: datasets: absolute path in rules can overwrite arbitrary
files (6.0.x backport)
* Bug #6138: Decode-events of IPv6 packets are not triggered
(6.0.x backport)
* Bug #6136: suricata-update: dump-sample-configs: configuration files not
found (6.0.x backport)
* Bug #6125: http2: cpu overconsumption in rust moving/memcpy in
http2_parse_headers_blocks (6.0.x backport)
* Bug #6113: ips: txs still logged for dropped flow (6.0.x backport)
* Bug #6056: smtp: long line discard logic should be separate for server and
client (6.0.x backport)
* Bug #6055: ftp: long line discard logic should be separate for server and
client (6.0.x backport)
* Bug #5990: smtp: any command post a long command gets skipped
(6.0.x backport)
* Bug #5982: smtp: Long DATA line post boundary is capped at 4k Bytes
(6.0.x backport)
* Bug #5809: smb: convert transaction list to vecdeque (6.0.x backport)
* Bug #5604: counters: tcp.syn, tcp.synack, tcp.rst depend on flow
(6.0.x backport)
* Bug #5550: dns: allow dns messages with invalid opcodes (6.0.x backport)
* Task #5984: libhtp 0.5.44 (6.0.x backport)
* Documentation #6134: userguide: add instructions/explanation for
(not) running suricata with root (6.0.x backport)
* Documentation #6121: datasets: 6.0.x work-arounds for dataset supply chain
attacks
* Wed May 10 2023 Otto Hollmann <otto.hollmann@suse.com>
- Update to version 6.0.12
* Various performance, accuracy, and stability issues have been fixed.
* Remove legacy pfring install guide
* Fri Apr 21 2023 Otto Hollmann <otto.hollmann@suse.com>
- Update to version 6.0.11
* LibHTP has been updated to 0.5.43. This is a required version that is
bundled with the release.
* Various security, performance, accuracy, and stability issues have been
fixed.
* Thu Feb 09 2023 Otto Hollmann <otto.hollmann@suse.com>
- Update to version 6.0.10
Various security, performance, accuracy, and stability issues have been fixed
https://forum.suricata.io/t/suricata-6-0-10-released/3175/2
* Security #5804: Suricata crashes while processing FTP (6.0.x backport)
* Bug #5815: detect: config keyword prevents tx cleanup (6.0.x backport)
* Bug #5812: nfs: debug validation triggered on nfs2 read
* Bug #5810: smb/ntlmssp: parser incorrectly assumes fixed field order
(6.0.x backport)
* Bug #5806: exceptions: midstream flows are dropped if
midstream=true && stream.midstream-policy=drop-flow (6.0.x backport)
* Bug #5796: TLS Handshake Fragments not Reassembled (6.0.x backport)
* Bug #5795: detect/udp: different detection from rules when UDP/TCP header is
broken (6.0.x backport)
* Bug #5793: decode: Padded packet to minimal Ethernet length marked with
invalid length event (6.0.x backport)
* Bug #5791: smb: unbounded file chunk queuing after gap (6.0.x backport)
* Bug #5763: libbpf: Use of legacy code in eBPF/XDP programs (6.0.x backport)
* Bug #5762: detect/pcre: JIT not disabled when OS doesn't allow RWX pages
* Bug #5760: nfs: ASSERT: attempt to subtract with overflow (compound)
(6.0.x backport)
* Bug #5749: iprep/ipv6: warning issued on valid reputation input
(6.0.x backport)
* Bug #5744: netmap: 6.0.9 v14 backport causes known packet stalls from v14
implementation in "legacy" mode too
* Bug #5738: smb: failed assertion
(!((f->alproto == ALPROTO_SMB && txd->files_logged != 0))),
function CloseFile, file output-file.c (6.0.x backport)
* Bug #5735: smtp: quoted-printable encoding skips empty lines in files
(6.0.x backport)
* Bug #5723: eve: missing common fields like community id for some event types
like RFB
* Bug #5601: detect: invalid hex character in content leads to bad debug
message (6.0.x backport)
* Bug #5565: Excessive qsort/msort time when large number of rules using
tls.fingerprint (6.0.x backport)
* Bug #5299: YAML warning from default config on 6.0.5
* Optimization #5797: tls: support incomplete API to replace internal buffering
* Optimization #5790: smb: set defaults for file chunk limits (6.0.x backport)
- add dependency libhtp >= 0.5.42
* Tue Nov 29 2022 Michael Ströder <michael@stroeder.com>
- Update to version 6.0.9
Various security, performance, accuracy and stability issues have been fixed
https://forum.suricata.io/t/suricata-6-0-9-released/3012
- build now requires libhtp >= 0.5.42
* Mon Oct 03 2022 Martin Hauke <mardnh@gmx.de>
- Use hyperscan-devel instead of 'pkgconfig(libhs)' to prevent:
"unresolvable: have choice for pkgconfig(libhs): hyperscan-devel
vectorscan-devel"
* Wed Sep 28 2022 Michael Ströder <michael@stroeder.com>
- Update to version 6.0.8
https://forum.suricata.io/t/suricata-6-0-8-released/2808
https://forum.suricata.io/t/suricata-6-0-7-released/2807
https://forum.suricata.io/t/suricata-6-0-6-and-5-0-10-released/2637
- build now requires libhtp >= 0.5.41
* Tue Jun 28 2022 Otto Hollmann <otto.hollmann@suse.com>
- Copy config files and update rules
- Add python3-PyYAML as dependency for suricata-update
* Tue Jun 28 2022 Otto Hollmann <otto.hollmann@suse.com>
- Update to version 6.0.5
https://forum.suricata.io/t/suricata-6-0-5-and-5-0-9-released/2415
- LibHTP has been updated to 0.5.40. This is a required version that
is bundled with both releases.
- Suricata-Update, as bundled with 6.0.5, was updated to 1.2.4.
- Various security, performance, accuracy and stability issues have
been fixed.
* Tue Jan 25 2022 Hans-Peter Jansen <hpj@urpla.net>
- Update to version 6.0.4:
https://forum.suricata.io/t/suricata-6-0-4-and-5-0-8-released/1942
- Add luajit build conditional
- More man pages
/etc/logrotate.d/suricata /etc/suricata /etc/suricata/classification.config /etc/suricata/reference.config /etc/suricata/rules /etc/suricata/rules/Makefile /etc/suricata/rules/Makefile.am /etc/suricata/rules/Makefile.in /etc/suricata/rules/README.md /etc/suricata/rules/app-layer-events.rules /etc/suricata/rules/decoder-events.rules /etc/suricata/rules/dhcp-events.rules /etc/suricata/rules/dnp3-events.rules /etc/suricata/rules/dns-events.rules /etc/suricata/rules/enip-events.rules /etc/suricata/rules/files.rules /etc/suricata/rules/ftp-events.rules /etc/suricata/rules/http-events.rules /etc/suricata/rules/http2-events.rules /etc/suricata/rules/ipsec-events.rules /etc/suricata/rules/kerberos-events.rules /etc/suricata/rules/mdns-events.rules /etc/suricata/rules/modbus-events.rules /etc/suricata/rules/mqtt-events.rules /etc/suricata/rules/nfs-events.rules /etc/suricata/rules/ntp-events.rules /etc/suricata/rules/pgsql-events.rules /etc/suricata/rules/pop3-events.rules /etc/suricata/rules/quic-events.rules /etc/suricata/rules/rfb-events.rules /etc/suricata/rules/smb-events.rules /etc/suricata/rules/smtp-events.rules /etc/suricata/rules/ssh-events.rules /etc/suricata/rules/stream-events.rules /etc/suricata/rules/tls-events.rules /etc/suricata/rules/websocket-events.rules /etc/suricata/suricata.yaml /etc/suricata/threshold.config /usr/bin/suricata /usr/bin/suricata-update /usr/bin/suricatactl /usr/bin/suricatasc /usr/lib/suricata /usr/lib/suricata/python /usr/lib/suricata/python/suricata /usr/lib/suricata/python/suricata/__init__.py /usr/lib/suricata/python/suricata/config /usr/lib/suricata/python/suricata/config/defaults.py /usr/lib/suricata/python/suricata/update /usr/lib/suricata/python/suricata/update/__init__.py /usr/lib/suricata/python/suricata/update/commands /usr/lib/suricata/python/suricata/update/commands/__init__.py /usr/lib/suricata/python/suricata/update/commands/addsource.py /usr/lib/suricata/python/suricata/update/commands/checkversions.py /usr/lib/suricata/python/suricata/update/commands/disablesource.py /usr/lib/suricata/python/suricata/update/commands/enablesource.py /usr/lib/suricata/python/suricata/update/commands/listsources.py /usr/lib/suricata/python/suricata/update/commands/removesource.py /usr/lib/suricata/python/suricata/update/commands/updatesources.py /usr/lib/suricata/python/suricata/update/compat /usr/lib/suricata/python/suricata/update/compat/__init__.py /usr/lib/suricata/python/suricata/update/compat/argparse /usr/lib/suricata/python/suricata/update/compat/argparse/__init__.py /usr/lib/suricata/python/suricata/update/compat/argparse/argparse.py /usr/lib/suricata/python/suricata/update/compat/ordereddict.py /usr/lib/suricata/python/suricata/update/config.py /usr/lib/suricata/python/suricata/update/configs /usr/lib/suricata/python/suricata/update/configs/__init__.py /usr/lib/suricata/python/suricata/update/configs/disable.conf /usr/lib/suricata/python/suricata/update/configs/drop.conf /usr/lib/suricata/python/suricata/update/configs/enable.conf /usr/lib/suricata/python/suricata/update/configs/modify.conf /usr/lib/suricata/python/suricata/update/configs/threshold.in /usr/lib/suricata/python/suricata/update/configs/update.yaml /usr/lib/suricata/python/suricata/update/data /usr/lib/suricata/python/suricata/update/data/__init__.py /usr/lib/suricata/python/suricata/update/data/index.py /usr/lib/suricata/python/suricata/update/data/update.py /usr/lib/suricata/python/suricata/update/engine.py /usr/lib/suricata/python/suricata/update/exceptions.py /usr/lib/suricata/python/suricata/update/extract.py /usr/lib/suricata/python/suricata/update/loghandler.py /usr/lib/suricata/python/suricata/update/main.py /usr/lib/suricata/python/suricata/update/maps.py /usr/lib/suricata/python/suricata/update/matchers.py /usr/lib/suricata/python/suricata/update/net.py /usr/lib/suricata/python/suricata/update/notes.py /usr/lib/suricata/python/suricata/update/osinfo.py /usr/lib/suricata/python/suricata/update/parsers.py /usr/lib/suricata/python/suricata/update/rule.py /usr/lib/suricata/python/suricata/update/sources.py /usr/lib/suricata/python/suricata/update/util.py /usr/lib/suricata/python/suricata/update/version.py /usr/lib/systemd/system/suricata.service /usr/sbin/rcsuricata /usr/share/doc/packages/suricata /usr/share/doc/packages/suricata/AUTHORS /usr/share/doc/packages/suricata/Basic_Setup.txt /usr/share/doc/packages/suricata/GITGUIDE /usr/share/doc/packages/suricata/Setting_up_IPSinline_for_Linux.txt /usr/share/doc/packages/suricata/TODO /usr/share/doc/packages/suricata/Third_Party_Installation_Guides.txt /usr/share/fillup-templates/sysconfig.suricata /usr/share/licenses/suricata /usr/share/licenses/suricata/COPYING /usr/share/man/man1/suricata.1.gz /usr/share/man/man1/suricatactl-filestore.1.gz /usr/share/man/man1/suricatactl.1.gz /usr/share/man/man1/suricatasc.1.gz /usr/share/suricata /usr/share/suricata/classification.config /usr/share/suricata/reference.config /usr/share/suricata/rules /usr/share/suricata/rules/app-layer-events.rules /usr/share/suricata/rules/decoder-events.rules /usr/share/suricata/rules/dhcp-events.rules /usr/share/suricata/rules/dnp3-events.rules /usr/share/suricata/rules/dns-events.rules /usr/share/suricata/rules/enip-events.rules /usr/share/suricata/rules/files.rules /usr/share/suricata/rules/ftp-events.rules /usr/share/suricata/rules/http-events.rules /usr/share/suricata/rules/http2-events.rules /usr/share/suricata/rules/ipsec-events.rules /usr/share/suricata/rules/kerberos-events.rules /usr/share/suricata/rules/mdns-events.rules /usr/share/suricata/rules/modbus-events.rules /usr/share/suricata/rules/mqtt-events.rules /usr/share/suricata/rules/nfs-events.rules /usr/share/suricata/rules/ntp-events.rules /usr/share/suricata/rules/pgsql-events.rules /usr/share/suricata/rules/pop3-events.rules /usr/share/suricata/rules/quic-events.rules /usr/share/suricata/rules/rfb-events.rules /usr/share/suricata/rules/smb-events.rules /usr/share/suricata/rules/smtp-events.rules /usr/share/suricata/rules/ssh-events.rules /usr/share/suricata/rules/stream-events.rules /usr/share/suricata/rules/tls-events.rules /usr/share/suricata/rules/websocket-events.rules /var/lib/suricata /var/log/suricata
Generated by rpm2html 1.8.1
Fabrice Bellet, Thu Jul 31 23:37:22 2025