Snort vulnerability and upgrades...

Came across this new Cisco / Snort vulnerability (https://threatpost.com/cisco-high-severity-flaw-lets-malware-bypass-firepower-firewall/117165/).  

Does anyone who is more familiar with snort tuning and configuration know if this affects the version of Snort running on the Shield?  

Has anyone upgraded their Snort version to the newest version?  

Thanks in advance for all the support everyone on this forum is providing.  

Carlos.

Good find. As of yet, I haven't been able to tell if our build has file-inspect or not which is where the vuln is. I've tried to put in different options for it in the config and some pass and some error out from here: https://www.snort.org/faq/readme-file . The readme says the code was experimental.

If we do have file-inspect maybe we can turn off it's dependency like the frag3 preprocessor. I haven't been able to find much info on it except v2.9.8.2 patches it. I'll try to continue to research or if someone familiar with determining if our build was compiled with the file inspect flag.