Gianni Tedesco
Gianni Tedesco
@catenacyber created new PR, actually I got my remotes mixed up so I was rebasing on origin/master not upstream/master, woops :)
> @giannitedesco can you rebase both this PR and the S-V one ? It looks like sslv2-handshake is now failing with this PR > > Flow has > > ```...
@catenacyber So I just commented out the SSLv2 protocol decode stuff, so they can be uncommented if/when that gets implemented. At least the test can verify the detection of protocol...
> The commit message in this PR seems to say otherwise. Is it fixing SSLv2 or SSLv3 detect patterns ? This is fixing SSLv2 detect patterns. There are two distinct...
Anyway, adding support for decoding SSLv2 (and fragmented handshakes for that matter) is another question, and they are much bigger jobs.
> > > Flow has > > > ``` > > > "app_proto": "tls", > > > "app_proto_tc": "failed", > > > ``` > > If we want to fix...
> > @inashivb is there a `skip` keyword for Suricata-verify ? > > There is one but seems like it is > > 1. bound to features (e.g. https://github.com/OISF/suricata-verify/blob/master/tests/filestore-v2.3-fserror/test.yaml#L7) >...
Duplicates #640
Just to make this clear. What this means for users is that if they have *ever* installed the virtio-win package per the instructions, they will be vulnerable to being rooted...
This is now CVE-2020-29665