View previous topic :: View next topic |
Author |
Message |
stian@barmen.nu n00b
Joined: 12 Jun 2002 Posts: 19
|
Posted: Thu Apr 03, 2003 8:48 am Post subject: Snort 1.9.1 vulnerabilities. |
|
|
Snort 1.9.1 seems to have a few security problems reported on securityfous.com. Sadly I am not too much of an ebuild builder so I urge whomever that know how and can find the time to make a build of the 2.0. rc2 which has these issues sorted.
Hope someone can help me! _________________ Best regards
Stian B. Barmen |
|
Back to top |
|
|
jasonm Tux's lil' helper
Joined: 25 Feb 2003 Posts: 90 Location: Calgary, Canada... Eh!
|
Posted: Thu Apr 03, 2003 9:24 am Post subject: |
|
|
I myself don't know much about it. Perhaps you should report it as a bug. Someone on the dev team may know how to fix it. _________________ Registered User # 323863
There is nothing new under the sun . . .
"Open source takes the bullshit out of software."
[small]~ Charles Ferguson on TechnologyReview.com[/small] |
|
Back to top |
|
|
wolf31o2 Retired Dev
Joined: 31 Jan 2003 Posts: 628 Location: Mountain View, CA
|
Posted: Thu Apr 03, 2003 3:01 pm Post subject: |
|
|
Are you sure the patches needed have not already been applied to 1.9.1 int eh newest ebuild? Many times, when a security patch comes along, it is added inline into the current version and the revision number is upped.
For example snort-1.9.1 and snort-1.9.1-r1 are different, the r1 probably includes fixes and patches. This is similar to how many distributions, such as Red Hat, include patches. Many times a program will report that it is a vulnerable version number, but if you look into the code, you will see that it has already been patched. |
|
Back to top |
|
|
stian@barmen.nu n00b
Joined: 12 Jun 2002 Posts: 19
|
Posted: Fri Apr 04, 2003 7:46 am Post subject: |
|
|
I have seen in the Changelog that Daniel Ahlberg har patched it on the 4th of March, but the voulnerabilities was reportet on the 28th of March. After this there has been done what is called "patch and bump revision for alpha" on the 29th of March, but I can't see that this helps any.
Still my urge is out there .. ! (I will report a bug ...!) _________________ Best regards
Stian B. Barmen |
|
Back to top |
|
|
ir0nkid n00b
Joined: 28 Feb 2003 Posts: 3 Location: anytown, usa
|
Posted: Wed Apr 16, 2003 9:05 am Post subject: snort 2.0 |
|
|
Yes, i have been watching
# emerge sync
# emerge -pv snort
But it's still at 1.9.1-r1. I believe the newest vulnerabilites (telnet decode preprosesor) have not been patched yet. Another thing, i was told that snort 1.9.1 is supposed to include the keywork byte_test in the rules, but i get an error on any rule that contains byte_test still. This would also be fixed if snort-v2 was ready for portage, and i think they have officially released 2.0 also |
|
Back to top |
|
|
stian@barmen.nu n00b
Joined: 12 Jun 2002 Posts: 19
|
Posted: Wed Apr 16, 2003 9:08 am Post subject: |
|
|
It seems that hey are looking into it now. Just got a reply from my bug report. We can see a few days.
-stian _________________ Best regards
Stian B. Barmen |
|
Back to top |
|
|
|