| Package | suricata |
|---|---|
| Version | 1.2.1-2+deb7u2 |
| Related CVEs | CVE-2016-10728 |
If an ICMPv4 error packet is received as the first packet on a flow in the to_client direction, it can lead to missed TCP/UDP detection in packets arriving afterwards.
For Debian 7 Wheezy, these problems have been fixed in version 1.2.1-2+deb7u2.
We recommend that you upgrade your suricata packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.