This updates suricata to the latest release, release announcement at https://forum.suricata.io/t/suricata-7-0-7-released/4877
6 CVEs fixed in this release, so it should be backported to 7.6-stable. Tested on amd64. I'm dropping maintainership in this update, as I will no longer be responsible for a suricata installation shortly. OKs? Thanks, Jeremy Index: Makefile =================================================================== RCS file: /cvs/ports/security/suricata/Makefile,v diff -u -p -u -p -r1.72 Makefile --- Makefile 2 Jul 2024 14:31:58 -0000 1.72 +++ Makefile 1 Oct 2024 15:41:14 -0000 @@ -3,7 +3,7 @@ NOT_FOR_ARCHS = powerpc64 riscv64 COMMENT = high performance network IDS, IPS and security monitoring -SURICATA_V = 7.0.6 +SURICATA_V = 7.0.7 SUPDATE_V = 1.3.3 DISTNAME = suricata-${SURICATA_V} @@ -12,8 +12,7 @@ SHARED_LIBS += htp HOMEPAGE = https://suricata.io/ -MAINTAINER = Gonzalo L. R. <gonz...@openbsd.org>, \ - Jeremy Evans <jer...@openbsd.org> +MAINTAINER = Gonzalo L. R. <gonz...@openbsd.org> # GPLv2 PERMIT_PACKAGE= Yes Index: distinfo =================================================================== RCS file: /cvs/ports/security/suricata/distinfo,v diff -u -p -u -p -r1.25 distinfo --- distinfo 2 Jul 2024 14:31:58 -0000 1.25 +++ distinfo 1 Oct 2024 15:41:26 -0000 @@ -1,2 +1,2 @@ -SHA256 (suricata-7.0.6.tar.gz) = IYJPf/Egh8DJud4gcZmnWpwxsDA2aIx8ucF48KO1f40= -SIZE (suricata-7.0.6.tar.gz) = 23644184 +SHA256 (suricata-7.0.7.tar.gz) = JtCjYZTVMID8iwm5mbK1qDxASfQK0H72rmnHIlpyi4Y= +SIZE (suricata-7.0.7.tar.gz) = 23652958 Index: patches/patch-configure_ac =================================================================== RCS file: /cvs/ports/security/suricata/patches/patch-configure_ac,v diff -u -p -u -p -r1.14 patch-configure_ac --- patches/patch-configure_ac 2 Jul 2024 14:31:58 -0000 1.14 +++ patches/patch-configure_ac 1 Oct 2024 15:48:42 -0000 @@ -3,7 +3,7 @@ To remove the pid file, its directory mu Index: configure.ac --- configure.ac.orig +++ configure.ac -@@ -2597,7 +2597,7 @@ if test "$WINDOWS_PATH" = "yes"; then +@@ -2599,7 +2599,7 @@ if test "$WINDOWS_PATH" = "yes"; then fi else EXPAND_VARIABLE(localstatedir, e_logdir, "/log/suricata/") Index: patches/patch-suricata_yaml_in =================================================================== RCS file: /cvs/ports/security/suricata/patches/patch-suricata_yaml_in,v diff -u -p -u -p -r1.22 patch-suricata_yaml_in --- patches/patch-suricata_yaml_in 2 Jul 2024 14:31:58 -0000 1.22 +++ patches/patch-suricata_yaml_in 1 Oct 2024 15:44:13 -0000 @@ -35,7 +35,7 @@ Index: suricata.yaml.in # Enable for multi-threaded eve.json output; output files are amended with # an identifier, e.g., eve.9.json #threaded: false -@@ -340,6 +342,7 @@ outputs: +@@ -341,6 +343,7 @@ outputs: - http-log: enabled: no filename: http.log @@ -43,7 +43,7 @@ Index: suricata.yaml.in append: yes #extended: yes # enable this for extended logging information #custom: yes # enable the custom logging format (defined by customformat) -@@ -350,6 +353,7 @@ outputs: +@@ -351,6 +354,7 @@ outputs: - tls-log: enabled: no # Log TLS connections. filename: tls.log # File to store TLS logs. @@ -51,7 +51,7 @@ Index: suricata.yaml.in append: yes #extended: yes # Log extended information like fingerprint #custom: yes # enabled the custom logging format (defined by customformat) -@@ -397,6 +401,7 @@ outputs: +@@ -398,6 +402,7 @@ outputs: - pcap-log: enabled: no filename: log.pcap @@ -59,7 +59,7 @@ Index: suricata.yaml.in # File size limit. Can be specified in kb, mb, gb. Just a number # is parsed as bytes. -@@ -435,6 +440,7 @@ outputs: +@@ -436,6 +441,7 @@ outputs: - alert-debug: enabled: no filename: alert-debug.log @@ -67,7 +67,7 @@ Index: suricata.yaml.in append: yes #filetype: regular # 'regular', 'unix_stream' or 'unix_dgram' -@@ -442,6 +448,7 @@ outputs: +@@ -443,6 +449,7 @@ outputs: - stats: enabled: yes filename: stats.log @@ -75,7 +75,7 @@ Index: suricata.yaml.in append: yes # append to file (yes) or overwrite it (no) totals: yes # stats for all threads merged together threads: no # per thread stats -@@ -535,6 +542,7 @@ outputs: +@@ -536,6 +543,7 @@ outputs: enabled: no type: file filename: tcp-data.log @@ -83,7 +83,7 @@ Index: suricata.yaml.in # Log HTTP body data after normalization, de-chunking and unzipping. # Two types: file or dir. -@@ -548,6 +556,7 @@ outputs: +@@ -549,6 +557,7 @@ outputs: enabled: no type: file filename: http-data.log @@ -91,7 +91,7 @@ Index: suricata.yaml.in # Lua Output Support - execute lua script to generate alert and event # output. -@@ -1203,9 +1212,9 @@ datasets: +@@ -1206,9 +1215,9 @@ datasets: ## # Run Suricata with a specific user-id and group-id: @@ -104,7 +104,7 @@ Index: suricata.yaml.in security: # if true, prevents process creation from Suricata by calling -@@ -1216,13 +1225,11 @@ security: +@@ -1219,13 +1228,11 @@ security: enabled: no directories: #write: @@ -118,7 +118,7 @@ Index: suricata.yaml.in lua: # Allow Lua rules. Disabled by default. -@@ -1235,7 +1242,7 @@ security: +@@ -1238,7 +1245,7 @@ security: # Default location of the pid file. The pid file is only used in # daemon mode (start Suricata with -D). If not running in daemon mode # the --pidfile command line option must be used to create a pid file. @@ -127,7 +127,7 @@ Index: suricata.yaml.in # Daemon working directory # Suricata will change directory to this one if provided -@@ -1303,8 +1310,7 @@ unix-command: +@@ -1306,8 +1313,7 @@ unix-command: #filename: custom.socket # Magic file. The extension .mgc is added to the value here. @@ -137,7 +137,7 @@ Index: suricata.yaml.in # GeoIP2 database file. Specify path and filename of GeoIP2 database # if using rules with "geoip" rule option. -@@ -1342,8 +1348,8 @@ legacy: +@@ -1345,8 +1351,8 @@ legacy: exception-policy: auto # IP Reputation @@ -148,7 +148,7 @@ Index: suricata.yaml.in #reputation-files: # - reputation.list -@@ -1825,7 +1831,7 @@ profiling: +@@ -1828,7 +1834,7 @@ profiling: limit: 10 # output to json @@ -157,7 +157,7 @@ Index: suricata.yaml.in # per keyword profiling keywords: -@@ -2155,22 +2161,44 @@ napatech: +@@ -2158,22 +2164,44 @@ napatech: # hashmode: hash5tuplesorted