[ubuntu/jaunty] snort 2.7.0-22ubuntu1 (Accepted)
Luca Falavigna
dktrkranz at ubuntu.com
Tue Nov 11 16:25:23 GMT 2008
snort (2.7.0-22ubuntu1) jaunty; urgency=low
* Merge from Debian unstable, remaining Ubuntu changes:
+ src/preprocessors/flow/portscan/server_stats.c:
- Specify mode permission during open call, fix FTBFS.
snort (2.7.0-22) unstable; urgency=low
* Include patch from dato to make the package binNMU-safe
* Remove debian/CVS and debian/my/CVS
* Fix bug in snort-stat that made it miss alerts generated by preprocessors (they only contain
Priority) as well as fix the setting of $alert->{PRIORITY} for alerts
generated by rules. Thanks for Gabor Gombas for the patch. (Closes: #500215)
* Lintian fixes:
- Use Standards Version 3.8.0, no changes needed.
- Make snort-rules-default.postrm run with 'set +e' and append '|| true' to
rmdir calls so that the script does not abort if the directories are not
empty.
snort (2.7.0-21) unstable; urgency=low
* Reupload to unstable, build with proper libraries. Fix mess introduced
by previous upload.
snort (2.7.0-20.3) testing-proposed-updates; urgency=low
* Reupload to testing to *really* depend on newer libpcre.
* Include patch from dato to make the package binNMU-safe
* Remove debian/CVS and debian/my/CVS
snort (2.7.0-20.2) testing-proposed-updates; urgency=high
* Upload to testing-proposed-updates to fix security bug CVE-2008-1804 (see
below). This package cannot go through sid since the sid build uses a
newer libpcre version not available in lenny. (Closes: #483160)
snort (2.7.0-20) unstable; urgency=high
[ CVE-2008-1804 ]
* Fix error in preprocessors/spp_frag3.c that prevented Snort from properly
identifying packet fragments that had dissimilar TTL values, which allowed
remote attackers to bypass detection rules by using a different TTL for
each fragment. Also update src/generators.h to include the new FRAG3_MIN_TTL
defines (Closes: #483160)
Date: Tue, 11 Nov 2008 16:41:25 +0100
Changed-By: Luca Falavigna <dktrkranz at ubuntu.com>
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
https://launchpad.net/ubuntu/jaunty/+source/snort/2.7.0-22ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 11 Nov 2008 16:41:25 +0100
Source: snort
Binary: snort snort-common snort-doc snort-mysql snort-pgsql snort-rules-default snort-common-libraries
Architecture: source
Version: 2.7.0-22ubuntu1
Distribution: jaunty
Urgency: high
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
Changed-By: Luca Falavigna <dktrkranz at ubuntu.com>
Description:
snort - flexible Network Intrusion Detection System
snort-common - flexible Network Intrusion Detection System [common files]
snort-common-libraries - flexible Network Intrusion Detection System ruleset
snort-doc - Documentation for the Snort IDS [documentation]
snort-mysql - flexible Network Intrusion Detection System [MySQL]
snort-pgsql - flexible Network Intrusion Detection System [PostgreSQL]
snort-rules-default - flexible Network Intrusion Detection System ruleset
Closes: 483160 483160 500215
Changes:
snort (2.7.0-22ubuntu1) jaunty; urgency=low
.
* Merge from Debian unstable, remaining Ubuntu changes:
+ src/preprocessors/flow/portscan/server_stats.c:
- Specify mode permission during open call, fix FTBFS.
.
snort (2.7.0-22) unstable; urgency=low
.
* Include patch from dato to make the package binNMU-safe
* Remove debian/CVS and debian/my/CVS
* Fix bug in snort-stat that made it miss alerts generated by preprocessors (they only contain
Priority) as well as fix the setting of $alert->{PRIORITY} for alerts
generated by rules. Thanks for Gabor Gombas for the patch. (Closes: #500215)
* Lintian fixes:
- Use Standards Version 3.8.0, no changes needed.
- Make snort-rules-default.postrm run with 'set +e' and append '|| true' to
rmdir calls so that the script does not abort if the directories are not
empty.
.
snort (2.7.0-21) unstable; urgency=low
.
* Reupload to unstable, build with proper libraries. Fix mess introduced
by previous upload.
.
snort (2.7.0-20.3) testing-proposed-updates; urgency=low
.
* Reupload to testing to *really* depend on newer libpcre.
* Include patch from dato to make the package binNMU-safe
* Remove debian/CVS and debian/my/CVS
.
snort (2.7.0-20.2) testing-proposed-updates; urgency=high
.
* Upload to testing-proposed-updates to fix security bug CVE-2008-1804 (see
below). This package cannot go through sid since the sid build uses a
newer libpcre version not available in lenny. (Closes: #483160)
.
snort (2.7.0-20) unstable; urgency=high
.
[ CVE-2008-1804 ]
* Fix error in preprocessors/spp_frag3.c that prevented Snort from properly
identifying packet fragments that had dissimilar TTL values, which allowed
remote attackers to bypass detection rules by using a different TTL for
each fragment. Also update src/generators.h to include the new FRAG3_MIN_TTL
defines (Closes: #483160)
Checksums-Sha1:
d53103d3f03f267aeaec8fdc1db1a0f697559a85 1503 snort_2.7.0-22ubuntu1.dsc
8f0e6b6940229137bf9f96846061c52eaa0fc0d5 1601228 snort_2.7.0-22ubuntu1.diff.gz
Checksums-Sha256:
2fea3e50cec174882ed206464a9257268b0781544dcb3279f6470bd2a6161e54 1503 snort_2.7.0-22ubuntu1.dsc
23349b48b2d6140991b67ecadc280f85d5774fe3ddab74e900a5cafa6a9cb283 1601228 snort_2.7.0-22ubuntu1.diff.gz
Files:
6316ea9ae59536155ab11392933d011d 1503 net optional snort_2.7.0-22ubuntu1.dsc
0c1c8e703bc303dd373598e749b67e60 1601228 net optional snort_2.7.0-22ubuntu1.diff.gz
Original-Maintainer: Javier Fernandez-Sanguino Pen~a <jfs at debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkkZqSoACgkQnXjXEYa8KlBxQQCgi0ifzk0yMnohMQ2Rt5vyekZJ
c+cAnA3fXKlJEShyUyGZup1eVfOJzc+y
=tcIS
-----END PGP SIGNATURE-----
More information about the Jaunty-changes
mailing list