ELA-1367-1 suricata security update

several different issues

2025-03-31
Packagesuricata
Version1:4.1.2-2+deb10u3 (buster)
Related CVEs CVE-2021-45098 CVE-2024-37151 CVE-2024-45796 CVE-2024-55626 CVE-2025-29918


Several issues have been found in suricata, the next Generation Intrusion Detection and Prevention Tool. They are related to bypass of HTTP-based signature, mishandling of multiple fragmented packets, logic errors, infinite loops and buffer overflows.



For Debian 10 buster, these problems have been fixed in version 1:4.1.2-2+deb10u3.

We recommend that you upgrade your suricata packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.