| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| reproducible.patch | Patch to make the suricata build reproducible This patch makes some changes to the suricata build to make it reproducible . Currently, it only filters out the -fdebug-prefix-map CFLAG which embeds the build path. |
Arturo Borrero Gonzalez <arturo@debian.org> | not-needed | 2016-09-05 | ||
| debian-default-cfg.patch | Debian default configuration This patch sets Debian defaults for suricata configuration. . Currently, it sets a proper path for suricata unix socket. |
Arturo Borrero Gonzalez <arturo@debian.org> | not-needed | 2016-12-01 | ||
| cross.patch | no | |||||
| no-use-gnu.patch | Don't use __USE_GNU __USE_GNU is a glibc-internal symbol. AC_USE_SYSTEM_EXTENSIONS is the proper autoconf way to enable extensions. |
Adrian Bunk <bunk@debian.org> | no | |||
| fix-repeated-builds.patch | do not clean vendor directory on distclean dh_auto_clean calls make distclean, which in the case of Suricata also removes the vendor directory. This breaks repeated builds. |
Sascha Steinbiss <satta@debian.org> | no | 2018-12-26 | ||
| configure-clang-variable.patch | configure: Introduce CLANG variable | Hilko Bengen <bengen@debian.org> | no | 2019-01-22 | ||
| with-ebpf-includes.patch | Add --with-ebpf-includes parameter | Hilko Bengen <bengen@debian.org> | no | 2019-07-23 | ||
| import-sockio-h.patch | [PATCH] af-packet: fix build on recent Linux kernels | Eric Leblond <eric@regit.org> | no | 2019-07-17 | ||
| remove-conflicting-python-file.patch | do not install the suricata Python module Suricata's Python tools only import submodules of 'suricata'. Not installing this module ensures that there is no chance of having an __init__.py in the root module directory that might clash with other packages, e.g. suricata- update. |
Sascha Steinbiss <satta@debian.org> | yes | upstream | 2019-09-18 | |
| avoid-to-include-if_tunnel-h.patch | [PATCH] ebpf: avoid to include if_tunnel.h This is causing a dependency issue as file from another architecture have to be installed. |
Eric Leblond <eric@regit.org> | no | 2019-10-31 | ||
| llc.patch | no | |||||
| stream-no-reject-bad-ack.patch | [PATCH] stream/tcp: don't reject on bad ack Not using a packet for the streaming analysis when a non zero ACK value and ACK bit was unset was leading to evasion as it was possible to start a session with a SYN packet with a non zero ACK value to see the full TCP stream to escape all stream and application layer detection. This addresses CVE-2021-35063. |
Eric Leblond <el@stamus-networks.com> | no | 2021-05-28 |