Snort 220.127.116.11 includes changes for the following:
* Updates to HTTP Inspect to handle normalization with large number of directories, eliminate false positives when chunks span multiple packets, and remove the upper limit on the gzip memcap.
* Update stream handling for TCP session cleanup with RSTs and other TCP state tracking.
* Update for active responses to fragmented IPv6 traffic and to the react page configuration.
* Updates to SIP preprocessor to limit false positives.
* Update for correct logging in unified2 when interface is passive.
* Add stats for SMTP preprocessor at termination.
* State tracking improvements to SMB processing in the dcerpc2 preprocessor when missing packets on a session.