Back to snort PTS page

Accepted snort 2.3.3-2 (source i386 all)

To: debian-devel-changes@lists.debian.org
Subject: Accepted snort 2.3.3-2 (source i386 all)
From: Javier Fernandez-Sanguino Pen~a <jfs@computer.org>
Date: Fri, 30 Sep 2005 14:47:30 -0700
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1ELSj4-0001d6-00@spohr.debian.org>
Reply-to: debian-devel@lists.debian.org
Sender: Archive Administrator <katie@spohr.debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Fri, 30 Sep 2005 21:21:43 +0200
Source: snort
Binary: snort-mysql snort-doc snort-rules-default snort-common snort-pgsql snort
Architecture: source i386 all
Version: 2.3.3-2
Distribution: unstable
Urgency: high
Maintainer: Javier Fernandez-Sanguino Pen~a <jfs@computer.org>
Changed-By: Javier Fernandez-Sanguino Pen~a <jfs@computer.org>
Description: 
 snort      - Flexible Network Intrusion Detection System
 snort-common - Flexible Network Intrusion Detection System [common files]
 snort-doc  - Documentation for the Snort IDS [documentation]
 snort-mysql - Flexible Network Intrusion Detection System [MySQL]
 snort-pgsql - Flexible Network Intrusion Detection System [PostgreSQL]
 snort-rules-default - Flexible Network Intrusion Detection System ruleset
Closes: 327791 328134 328134 330834
Changes: 
 snort (2.3.3-2) unstable; urgency=high
 .
   * Backport the following changes introduced in 2.4.1. Upstream changelog:
       * src/log.c:
         Fix problem in sniffer mode when incomplete TCP option data is received.
         Thanks A Hernandez for the find.
     (Closes: #328134)
     Note: This is a "security" bug but no CVE is assigned, it is actually
     something that can happen only if a Snort user willingly shoots himself
     on the foot (uses ASCII logging mode) or if he uses the fast output
     mode with some non-default options.
     For a detailed view see:
     Martin Roesch's mail "Snort DoS Fallacies" to snort-users and bugtraq:
     http://marc.theaimsgroup.com/?l=bugtraq&m=112665341207363&w=2
     http://marc.theaimsgroup.com/?l=snort-users&m=112657845119746&w=2
     http://marc.theaimsgroup.com/?l=snort-users&m=112667020331513&w=2
     http://marc.theaimsgroup.com/?l=snort-devel&m=112672013010948&w=2
     and also
     http://www.snort.org/pub-bin/snortnews.cgi#58
     To summarise: The only recommended alert methods in a production sensor
     are unified, syslog or database. And unified is The Right Way to run
     a sensor (others have important performance issues under high load )
     NOTE to Debian Security teams: I don't believe this bug merits a DSA
     (or a DTSA for that matter)
     (Closes: #328134)
   * Backport the following changes introduced in 2.4.2. Upstream changelog:
       * src/output-plugins/spo_log_database.c:
       * schemas/create_mysql:
         Fixes to address schema being a keyword in MySQL 5.0.  Thanks Wes Young,
         Adolfo Gomez, and Aleem Mawji for the updates.
     (Closes: #327791)
   * Added Swedish translation provided by Daniel Nylander (Closes: #330834)
Files: 
 188eaac5901d548951fd6d3a832a3daa 979 net optional snort_2.3.3-2.dsc
 77532e7b55c82f3da4bfc108c6f9d694 259641 net optional snort_2.3.3-2.diff.gz
 88fad41047c477ea2df24a72be36e627 92632 net optional snort-common_2.3.3-2_all.deb
 8c8c4127c35a8ece165e98ccd9a65e09 1354328 doc optional snort-doc_2.3.3-2_all.deb
 a0cab6208e547fff3d93b36e6b99b752 231472 net optional snort-rules-default_2.3.3-2_all.deb
 cd456b06ca9ea588c5683d65e6c9531f 359208 net optional snort_2.3.3-2_i386.deb
 3a05d076f1526556488acb3e31592f2c 366168 net extra snort-mysql_2.3.3-2_i386.deb
 5753db9f0ee5565b2e84362e4045b092 365616 net optional snort-pgsql_2.3.3-2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iQCVAwUBQz2hjvtEPvakNq0lAQJK3QP/U+ABdJ4Uu37n3ozjy8zanyKIBnm24kCd
gwotfrQEDnJaiydwg5S/1QqyPOx0i0JqQbnnhxA5YBmK8JKhxFvoIrnGImwTO/aD
AjmpzMpFZLM154/p84sbaOYCNM08wywPq/WRGQ5sc7em42i3GdNghJuueF4WIVoP
SGegPVt0h7s=
=bUhg
-----END PGP SIGNATURE-----


Accepted:
snort-common_2.3.3-2_all.deb
  to pool/main/s/snort/snort-common_2.3.3-2_all.deb
snort-doc_2.3.3-2_all.deb
  to pool/main/s/snort/snort-doc_2.3.3-2_all.deb
snort-mysql_2.3.3-2_i386.deb
  to pool/main/s/snort/snort-mysql_2.3.3-2_i386.deb
snort-pgsql_2.3.3-2_i386.deb
  to pool/main/s/snort/snort-pgsql_2.3.3-2_i386.deb
snort-rules-default_2.3.3-2_all.deb
  to pool/main/s/snort/snort-rules-default_2.3.3-2_all.deb
snort_2.3.3-2.diff.gz
  to pool/main/s/snort/snort_2.3.3-2.diff.gz
snort_2.3.3-2.dsc
  to pool/main/s/snort/snort_2.3.3-2.dsc
snort_2.3.3-2_i386.deb
  to pool/main/s/snort/snort_2.3.3-2_i386.deb


-- 
To UNSUBSCRIBE, email to debian-devel-changes-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org