Accepted acidlab 0.9.6b20-19 (source)
Ubuntu Installer
archive at ubuntu.com
Wed May 2 19:58:02 BST 2007
Accepted:
acidlab 0.9.6b20-19 was ACCEPTED.
Component: universe Section: web
Origin: Debian/unstable
Format: 1.7
Date: Wed, 02 May 2007 13:52:33 +0100
Source: acidlab
Binary: acidlab-mysql, acidlab-doc, acidlab, acidlab-pgsql
Architecture: source
Version: 0.9.6b20-19
Distribution: gutsy
Urgency: high
Maintainer: Javier Fernandez-Sanguino Pen~a <jfs at computer.org>
Changed-By: Ubuntu Archive Auto-Sync <archive at ubuntu.com>
Description:
acidlab - Analysis Console for Intrusion Databases
Closes: 108787 139018 143760 144449 154331 154677 155212 157434 158720 165114 174052 182552 183623 183666 219700 223508 223508 223523 229153 247730 267005 270171 273978 303217 307712 314566 315135 331732 337992 341131 366774 403459 407732 407736 407764 407787 407797 407876 410381
Changes:
acidlab (0.9.6b20-19) unstable; urgency=low
.
* Put Czech debconf update in the proper location (Closes: #410381)
.
acidlab (0.9.6b20-18) unstable; urgency=low
.
* Upload to fix pending l10n issues, thanks to Christian Perrier
for providing a patch for many of these.
[ l10n / i18n changes ]
* Mark debconf templates as translatable, depend on newer yada version.
(Closes: #366774)
* Debconf templates translations:
- French added, provided by Christian Perrier
- Spanish added, provided by myself.
- German added, provided by Matthias Julius. (Closes: #407764)
- Portuguese added, provided by Miguel Figueiredo (Closes: #407787)
- Swedish added, provided by Daniel Nylander (Closes: #407736)
- Czech translation, provided by Miroslav Kure (Closes: #407797)
- Norwegian Bokmal added, provided by Bjorn Steensrud (Closes: #407732)
- Romanian added. Directly sent by the translator for the NMU.
- Russian added, provided by Yuri Kozlo (Closes: #407876)
* Create a debian/po directory to handle debconf translations.
[ dependencies changes ]
* Fix circular dependencies by having acidlab Depend: on the sql php library
packages directly. If users install with the dummy packages the
dependencies should be handled properly (since they will get one of them)
(Closes: #403459)
* Remove php3 libraries from dependencies, they are not available in Debian
any longer.
* Have the dummy packages Depend on the php5 version of the mysql or pgsql
php libraries. Acidbase scripts might need to be modified to support php5
installations, though, that's why the debconf text remains unchanged.
.
acidlab (0.9.6b20-17) unstable; urgency=low
.
* *Really* take over this package. I hate yada. Next thing on my list is to
kill it.
.
acidlab (0.9.6b20-16) unstable; urgency=low
.
* Took over this package. The previous maintainer allowed it to be
removed from ftp.debian.org.
* Re-uploading to sid to try to get this (unchanged) package into etch,
unfortunately, acidbase cannot superceed acidlab in 'etch'
(as we thought about initially in #319389) since acidbase
has its own license problems (#402406) which are not easily solvable.
Acidlab is mature enough that it could be used as a really simple frontend
to Snort, and no one is available now in etch.
* Notice that this will help users that have acidlab already installed since
there will be no migration path to acidbase just yet (will have to rethink
migration options for etch+1)
* Update years in php lists to cover up to 2010
.
acidlab (0.9.6b20-15) unstable; urgency=low
.
[ Matt Brown ]
* Fixed incorrect handling of /etc/acidlab/acid_conf.php (Closes: #337992)
- acid_conf.php cannot be a conffile as the maintainer scripts modify it
- Added dependency on ucf and use that to manage acid_conf.php
- Attempt to recreate previous 'unmodified' acid_conf.php from the
0.9.6b20-10 package and use its md5sum to prevent unnecessary prompting
if possible. This should make sarge -> etch upgrades go smoothly if
the user has not modified the conf file.
Note: This will only work for upgrades from 0.9.6b20-10{,.1} but not
from upgrades of other versions of the package, since there archive only
hold these it shouldn't be much of an issue now.
[ Javier Fernandez-Sanguino ]
* Fix the issue that prevent alerts from being removed (Closes: #341131)
* When purging, remove the /etc/acidlab/acid_conf.php.md5sum file too
.
acidlab (0.9.6b20-14) unstable; urgency=low
.
* Typo fix in the templates (debian/packages)
.
acidlab (0.9.6b20-13) unstable; urgency=high
.
* Patch [013] SECURITY fix:
- Add proper filtering in all ImportHTTP variables using either the new
functions to check for numeric/alphanumeric chars or the filterSql()
function to prevent SQL injection attacks. This patch fixes CVE-2005-3325
but also other attack vectors not mentioned in the initial advisory
(http://www.frsirt.com/english/advisories/2005/2188)
* Patch [014] Updated dates of php selections up to 2007
* Changed patch [010]: fix locations of Nessus
* New patch [015]: fix location of Snort database, provided alternative
Ports lookup and added alternative locations for DNS queries (Closes: #315135)
* Fixed FSF address in debian/copyright
* Patch [016]: Allow graphic data to be represented until 2007. This patch
together with patch [014] means that acid's last date is 2007 which should be
enough since we are going to replace it with BASE in the short term
(Closes: #314566, #307712, #303217, #270171)
* Document the changes that need to be done in order to extend the available
year options (Closes: #247730)
* Added a debian/TODO to describe how to fix the issue with new years with a
simple for each loop.
* Acidlab now depends on "| debconf-2.0" as requested by Joey Hess, I
changed debian/packages instead of debian/control this time (Closes: #331732)
* To reduce the risk of possible vulnerabilities in the code, made the
default apache.conf allow access only from localhost and document this in
the README file
* Document the fact that this version is actually 0.9.6b20+patches from the
latest upstream release 0.9.6b23 and that the later will never be
released. (Closes: #155212)
* Added the upstream homepage to all package descriptions.
.
acidlab (0.9.6b20-12) unstable; urgency=low
.
* Added a dependency on "| debconf-2.0" as requested by Joey Hess
.
acidlab (0.9.6b20-11) unstable; urgency=low
.
* Php-adodb path (since 4.64-1) is now /usr/share/php/adodb, fixed
the configuration and adjusted Depends:
.
acidlab (0.9.6b20-10) unstable; urgency=low
.
* Yada is a PITA to work with. Build-Depends-Indep should be
correct now. (Closes: #273978)
.
acidlab (0.9.6b20-9) unstable; urgency=high
.
* Actually fix the Depends in the right location
.
acidlab (0.9.6b20-8) unstable; urgency=high
.
* Updated Depends regarding PHP4 and libphp-adodb
* Updated path for phplot (Closes: #267005)
.
acidlab (0.9.6b20-7) unstable; urgency=medium
.
* Added missing Build-Depends on sharutils, FTBFS bug introduced
in 0.9.6b20-5.1 (Closes: #229153)
.
acidlab (0.9.6b20-6) unstable; urgency=low
.
* Patch [012] Modified acid_db_setup.php and create_acid_tbls_pgsql.sql substituting
datetime -> timestamp since that type is now deprecated in PostgreSQL
(even though the changelog for PostgreSQL does not mention the fact of
_when_ was it removed from the RDBS since it worked in 7.0, oh well)
(Closes: #223508)
.
acidlab (0.9.6b20-5.1) unstable; urgency=low
.
* NMU (approved by maintainer)
- Move all the code (save the graphing side) to latest upstream
version fixing a number of bugs. This version is still labeled
0.9.6b20 since it is not _fully 0.9.6b23. Relevant changes
- Proper support for newer PostgreSQL versions with changes introduced
in 0.9.6b21 (Closes: #223508, #174052)
* Removed patches 004-007 since they no longer apply to the new
sources.
* Patch [008]: update Whois servers' IP addresses (Closes: #183623)
* Patch [009]: Will add portscan2 to main page stats (Closes: #183666)
* Patch [010]: Add Nessus references to signatures (Closes: #182552)
* Provided a way to download certain URLs that will get installed as
local documentation: debian/rules-add. It's not added to
debian/rules, like I usually do, since there is no way in yada to make
it create targets not associated to build/install/clean (Closes: #223523)
* Documentation is provided in an acidlab-doc package.
* Created dummy packages acidlab-pgsql and acidlab-mysql in order to
ease installation (Closes: #219700)
* Added versioned dependancies for libphp-adodb (Closes: #165114)
* Avoid using /tmp/ in postinst, and user /etc/acidlab/ for temporary
files instead in order to avoid race-conditions or symlink attacks
(using directories users can write to is asking for trouble)
* Patch [011]: Added trim() to GetSingleSignatureReference in order
to avoid problems when signatures contain spaces (this happens
with snortcenter)
* Added proper copyright notice.
* Changed postrm code so that the package can be removed if it's not fully
installed/configured with debconf.
* Added myself as co-maintainer.
.
acidlab (0.9.6b20-5) unstable; urgency=low
.
* Change in adodb's path due to change in package location
* Attempting to correct permissionson acid_conf.php (Closes: #158720)
.
acidlab (0.9.6b20-4) unstable; urgency=low
.
* Corrected permissions on acid_conf.php (Closes: #157434)
.
acidlab (0.9.6b20-3) unstable; urgency=low
.
* Bug fix package release to close several bugs in BTS
* Corrected dependencies (Closes: #144449, #154677)
* Applied patch [006] to correct acid_db.inc (Closes: #143760)
* Applied patch [007] to correct acid_ag_main.php (Closes: #154331)
.
acidlab (0.9.6b20-2) unstable; urgency=low
.
* Corrected permissions/ownership of acid_conf.php (Closes: #139018)
.
acidlab (0.9.6b20-1) unstable; urgency=low
.
* Initial Debian version. (Closes: #108787)
Files:
3d3a292278e8d18f8aac4bcab23d9b5c 789 web extra acidlab_0.9.6b20-19.dsc
d50a0a83187c76f7cad188cfc55c85e8 393353 web extra acidlab_0.9.6b20-19.diff.gz
More information about the gutsy-changes
mailing list