ELA-44-1 suricata security update

wrong handling of package flow

2018-09-24
Packagesuricata
Version1.2.1-2+deb7u2
Related CVEs CVE-2016-10728

If an ICMPv4 error packet is received as the first packet on a flow in the to_client direction, it can lead to missed TCP/UDP detection in packets arriving afterwards.

For Debian 7 Wheezy, these problems have been fixed in version 1.2.1-2+deb7u2.

We recommend that you upgrade your suricata packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/