Ubuntu
snort package

main inclusion report

Bug #182806 reported by Fabio Massimo Di Nitto
12
Affects Status Importance Assigned to Milestone
snort (Ubuntu)
Won't Fix
Wishlist
Unassigned

Bug Description

Binary package hint: snort

See https://wiki.ubuntu.com/MainInclusionReportSnort

I am against including this package into main but i need to file the report as I was asked too. IMHO this package requires too much maintaince and it's not mature enough to hit main.

Fabio

Martin Pitt (pitti)
Changed in snort:
importance: Undecided → Medium
Revision history for this message
Matthias Klose (doko) wrote :

ubuntu-security: is this package maintainable by the security team?

Changed in snort:
status: New → Incomplete
Revision history for this message
Matthias Klose (doko) wrote :

new upstream 2.8.0.1 available (Nov 2007)

Revision history for this message
Kees Cook (kees) wrote :

Given that the Debian package has finally caught up with upstream, this is much easier to maintain from a security perspective. The snort devs are quick to respond to issues.

Revision history for this message
Kees Cook (kees) wrote :

That said, maintaining it for LTS may prove challenging, given how many binary parsers it contains. Unless there is a strong need for it to be in main, I would rather it stay in universe.

Changed in snort:
status: Incomplete → Confirmed
importance: Medium → Wishlist
Revision history for this message
Matthias Klose (doko) wrote :

> Given that the Debian package has finally caught up with upstream,
> this is much easier to maintain from a security perspective.

so you do have a preference for the 2.7.0 version? In that case we should the current version from debian, including fixes for the lsb init functions (independent of main inclusion).

In the case of promotion, a mir for libprelude is missing, plus the gs-common b-dep has to be replaced.

Revision history for this message
Nick Barcet (nijaba) wrote :

I will not fight over snort to be in main if it is a real pain to maintain it from a security perspective, but just want to note that
- it is a maintained package in RHEL5
- and I do think that IDS is quite a usefull feature for security conscious admins...

That said, I'll let the security team decide what is more appropriate for it.

Revision history for this message
Martin Pitt (pitti) wrote :

By Kees' comment 3 I am rejecting this, at least for LTS.

Changed in snort:
status: Confirmed → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.