Ubuntu
snort package

Please sync snort 2.8.5.2-1 (universe) from Debian unstable (main).

Bug #507848 reported by Bhavani Shankar
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
snort (Ubuntu)
Fix Released
Wishlist
Unassigned

Bug Description

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 affects ubuntu/snort
 status new
 importance wishlist
 subscribe ubuntu-universe-sponsors

Please sync snort 2.8.5.2-1 (universe) from Debian unstable (main).

Explanation of the Ubuntu delta and why it can be dropped:

Please sync the latest version of snort from unstable as it fixes a CVE
and they have applied ubuntu patch by dave walker.

Changelog since current lucid version 2.8.4.1-4ubuntu1:

snort (2.8.5.2-1) unstable; urgency=low

  * New upstream release
     - Fixes CVE-2009-3641: possible DoS due to crafted IPv6 packet when
       then -v option is enabled
  * Fix src/snort.c since it is not buildable, it seems that the distributed
    source code has a bug.

 -- Javier Fernandez-Sanguino Pen~a <email address hidden> Mon, 11 Jan 2010 23:53:05 +0100

snort (2.8.4.1-6) unstable; urgency=low

  * Package rebuild to fix libmysql depedency (Closes: #548831)
  * Remove use_static_footprint_sizes option from the stream5_tcp disassembler
    in etc/snort.conf as the use in production systems is actually discouraged
    [ see http://sourceforge.net/mailarchive/message.php?msg_name=d3a3e6ac0912080843i17a0302te36548e032b4b013%40mail.gmail.com ]
  * Lintian fixes:
     - Remove dh_undocumented from debian/rules
     - Add ${misc:Depends} to all binary packages
     - Use updated debhelper version (5)
     - Update Standards-Version (3.8.3)

 -- Javier Fernandez-Sanguino Pen~a <email address hidden> Wed, 09 Dec 2009 02:05:57 +0100

snort (2.8.4.1-5) unstable; urgency=low

  * Fix snort-stat so that it can generate proper emails even if Classification
    is missing from the alert log, use fix suggested by Pavel Mateja.

 -- Javier Fernandez-Sanguino Pen~a <email address hidden> Sun, 01 Nov 2009 00:43:02 +0100

 snort (2.8.4.1-4) unstable; urgency=low

   * Fix init.d so that if 'restart' is executed when no instance is
     running (no pidfile) it will try to start all of instances, just
     if 'start' was executed. (Closes: #540450)
   * Add information on how the init.d script works (Closes: #512810)
   * Fix name of file in README-database.Debian, remove the database
     information from the main README.Debian file.
   * Fix bug in debian/clean-sources.sh script (Closes: #547316)
   * Use a patch provided by Dave Walker <DaveWalker_AT_ubuntu.com>
     to prevent starting snort-mysql|pgsql if the database is not
configured
     yet. This bug cannot be really fixed until we use dbconfig-common
     here to ask for all the database information to the user
     through Debconf. (LP: #222091) (Closes: #545082)

 -- Javier Fernandez-Sanguino Pen~a <email address hidden> Wed, 23 Sep 2009
01:35:05 +0200
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFLUEB4NrEIsZrsMaARAtqYAKCxO2wvZvXxFTsQexKR9L+aferBxQCcCR79
a7RWihG72lhnwqTD6s7u+NU=
=y9fw
-----END PGP SIGNATURE-----

Related branches

lp:ubuntu/lucid/snort

CVE References

Revision history for this message
Ilya Barygin (randomaction) wrote :

Sync request ACKed. We have no delta currently btw (only changelog/maintainer).

Changed in snort (Ubuntu):
status: New → Confirmed
Revision history for this message
James Westby (james-w) wrote :

[Updating] snort (2.8.4.1-4ubuntu1 [Ubuntu] < 2.8.5.2-1 [Debian])
 * Trying to add snort...
  - <snort_2.8.5.2.orig.tar.gz: downloading from http://ftp.debian.org/debian/>
  - <snort_2.8.5.2-1.dsc: downloading from http://ftp.debian.org/debian/>
  - <snort_2.8.5.2-1.diff.gz: downloading from http://ftp.debian.org/debian/>
I: snort [universe] -> snort_2.8.4.1-4ubuntu1 [universe].
I: snort [universe] -> snort-common_2.8.4.1-4ubuntu1 [universe].
I: snort [universe] -> snort-doc_2.8.4.1-4ubuntu1 [universe].
I: snort [universe] -> snort-mysql_2.8.4.1-4ubuntu1 [universe].
I: snort [universe] -> snort-pgsql_2.8.4.1-4ubuntu1 [universe].
I: snort [universe] -> snort-rules-default_2.8.4.1-4ubuntu1 [universe].
I: snort [universe] -> snort-common-libraries_2.8.4.1-4ubuntu1 [universe].

Changed in snort (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.