Ubuntu Archive Auto-Sync katie at jackass.ubuntu.com
Tue Oct 25 04:36:57 CDT 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Origin: Debian/unstable
Format: 1.7
Date: Tue,  25 Oct 2005 09:12:58 +0100
Source: snort
Binary: snort-mysql, snort-common, snort-pgsql, snort, snort-rules-default, snort-doc
Architecture: source
Version: 2.3.3-2
Distribution: dapper
Urgency: high
Maintainer: Javier Fernandez-Sanguino Pen~a <jfs at computer.org>
Changed-By: Ubuntu Archive Auto-Sync <katie at jackass.ubuntu.com>
Description: 
 snort      - Flexible Network Intrusion Detection System
Closes: 205683 219696 265735 265878 290104 291616 306269 310096 313906 318695 321738 325223 326538 327791 328134 328134 330834
Changes: 
 snort (2.3.3-2) unstable; urgency=high
 .
   * Backport the following changes introduced in 2.4.1. Upstream changelog:
       * src/log.c:
         Fix problem in sniffer mode when incomplete TCP option data is received.
         Thanks A Hernandez for the find.
     (Closes: #328134)
     Note: This is a "security" bug but no CVE is assigned, it is actually
     something that can happen only if a Snort user willingly shoots himself
     on the foot (uses ASCII logging mode) or if he uses the fast output
     mode with some non-default options.
     For a detailed view see:
     Martin Roesch's mail "Snort DoS Fallacies" to snort-users and bugtraq:
     http://marc.theaimsgroup.com/?l=bugtraq&m=112665341207363&w=2
     http://marc.theaimsgroup.com/?l=snort-users&m=112657845119746&w=2
     http://marc.theaimsgroup.com/?l=snort-users&m=112667020331513&w=2
     http://marc.theaimsgroup.com/?l=snort-devel&m=112672013010948&w=2
     and also
     http://www.snort.org/pub-bin/snortnews.cgi#58
     To summarise: The only recommended alert methods in a production sensor
     are unified, syslog or database. And unified is The Right Way to run
     a sensor (others have important performance issues under high load )
     NOTE to Debian Security teams: I don't believe this bug merits a DSA 
     (or a DTSA for that matter)
     (Closes: #328134)
   * Backport the following changes introduced in 2.4.2. Upstream changelog:
       * src/output-plugins/spo_log_database.c:
       * schemas/create_mysql:
         Fixes to address schema being a keyword in MySQL 5.0.  Thanks Wes Young,
         Adolfo Gomez, and Aleem Mawji for the updates.
     (Closes: #327791)
   * Added Swedish translation provided by Daniel Nylander (Closes: #330834)
 .
 snort (2.3.3-1) unstable; urgency=low
 .
   * New upstream release.
   * Use upstream's FAQ in PDF format instead of debian/my/FAQ.txt, also
     have the FAQ available only in the snort-doc package (after fixing 
     the Makefile so that the faq.tex file does not get removed on distclean)
   * Fix typo in snort.8 manpage (Closes: #326538)
   * Fixed address of the FSF in debian/copyright
   * Updated debconf translations:
     - Vietnamese provided by Clytie Siddall
 .
 snort (2.3.2-8) unstable; urgency=low
 .
   * _Really_ use debhelper compat version 4 now
   * Remove debian/*conffiles since debhelper now marks them as config files
 .
 snort (2.3.2-7) unstable; urgency=low
 .
   * Fix lintian warnings
   * Fix error in database config scripts (when not upgrading, the
     wait_for_db_config key does not exist) (Closes: #325223)
   * Updated debconf translations:
      - French provided by Christian Perrier
 .
 snort (2.3.2-6) unstable; urgency=low
 .
   * Add Dependency on "debconf | debconf-2.0" as requested by Joey Hess
   * Use Debhelper compatibility version 4
   * New mechanism for database packages:
     - Introduce a mechanism to create /etc/snort/db-pending-config on
       initial installation of the database packages.
     - Have the init.d script abort the start attempt if the 
       /etc/snort/db-pending-config file exists.
     - Describe how to setup the database support in README-database.Debian
       and install this document in the database packages.
       (Closes: #205683, #219696, #265735, #265878, #290104, #291616)
   * po-debconf changes:
     (still waiting a little bit before switching to dbconfig-common)
     - Sinchronise all the debconf templates of the different snort 
       variants.
     - Change the wait_for_db_config message, now called 'needs_db_config'
       and provides slightly different information.
     - Fixed typos in German debconf translation courtesy of Jens Seidel
       (Closes: #313906)
     - Added Japanese translation contributed by Hideki Yamane
       (Closes: #310096)
     - Added Vietnamese translation contributed by Clytie Siddall 
       (Closes: #318695)
     - Added Czech translation contributed by Jan Outrata (Closes: #321738)
     - Updated the Spanish translation.
     - Improve the debconf dialog with suggestions from Justin B Rye
       (Closes: #306269)
     - Fix the templates so that all the files use the same strings, that
       should reduce the workload of translating almost identical lines.
       (but also fuzzies more of the translations above)
Files: 
 06bf140893e7cb120aaa9372d10a0100 2631270 net optional snort_2.3.3.orig.tar.gz
 188eaac5901d548951fd6d3a832a3daa 979 net optional snort_2.3.3-2.dsc
 77532e7b55c82f3da4bfc108c6f9d694 259641 net optional snort_2.3.3-2.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iQEVAwUBQ13pCgF4adwMEr3XAQLCdAf/ceIeSJxtqhhcmJzcdgYGikAuHw8KM5SB
yATJIrOt4aMCD5TOJdVhMAFxCSOsi35uArC6sfG0PAD6+jYLYUh6J5HPoaBfe1NH
4KpdCcKXR7WbjcMb+yswP6f+L2DGkH7n7KonF+mL409GyaO8/CbHl1+e569R5snZ
+BWVWwCuDjXSqwuplss29ovLvoWkQEEvWKsEdqo6pBILY/Efu5DeF91Mpl/ydKdF
3haehmFv8PqZCJgu2ts9lsV8ZMQfGtGGQRzhHzz2MqR3kbwIXzK59iKBS2xw3eBW
5xwwqyCFobX6R5vWjUQz1hZxVxsdGZEpkfMpqSlIHwn73tbe+ZvbyA==
=pqDn
-----END PGP SIGNATURE-----


Accepted:
snort_2.3.3-2.diff.gz
  to pool/universe/s/snort/snort_2.3.3-2.diff.gz
snort_2.3.3-2.dsc
  to pool/universe/s/snort/snort_2.3.3-2.dsc
snort_2.3.3.orig.tar.gz
  to pool/universe/s/snort/snort_2.3.3.orig.tar.gz




More information about the ubuntu-changes-auto mailing list