This release contains support for Snort 18.104.22.168. Additionally, new packages have been added that contain 4 digit version numbers.
New package names:
The packages have been updated with support for Snort 22.214.171.124. Additionally, a number of improvements have been made to the packages to help clarify which packages to use with your specific snort version.
The old package names are still available but they are now symlinked to
the new package names. The symlinks will exist for the next 30 days. This should hopefully prevent auto updaters from failing to update correctly.
1. snortrules-snapshot-2853_s.tar.gz -> snortrules-snapshot-CURRENT_s.tar.gz
2. snortrules-snapshot-2853_s.tar.gz -> snortrules-snapshot-2.8_s.tar.gz
* IMPORTANT *
The above is not a typo. The 2853 is symlinked to CURRENT and the 2.8 packages this is intentional, as to not break auto updaters that define CURRENT incorrectly.
There are no new symlinks for registered users as the new packages won't be available to registered users for 30 days.
Additional Package Updates.
1. Packages are now locked to the version of snort they support. This includes sub directories in the packages. For examples the 2853 packages now only contain SO rules for 126.96.36.199.
2. Snort.conf in etc/ directory has been updated to support additional features in 188.8.131.52 and 184.108.40.206.
3. Preprocessor Rules are now contained in the package.
4. For 220.127.116.11 Sensitive data rules are contained in the package.
Not running 18.104.22.168 and downloading CURRENT / 2.8 / 2853 packages ?:
1. You will need to modify oinkmaster, pulled pork, or whatever update system you are using to remove 22.214.171.124 version specific rule keywords or snort will fail to load.