Re: Request of authorisation for an upload of Snort in stable to fix 503992
* Luk Claes:
>> I would like to make an upload to stable to fix bug 503992 of Snort. Basicly,
>> this bug was introduced with the patch for a security vulnerability but
>> introduced a sigsegv due to an improper call to a function. This error kills
>> the Snort IDS as soon as it receives fragmented traffic which. In some
>> systems (such as systems behind an ADSL) this seems to happen frequently
> Any reason why this regression caused by a security upload, should not
> be fixed by a security upload (I've put the Security Team in Cc)?
It's probably a security bug on its own, so it probably should go
through the DSA process, even though the bug was introduced through
t-p-u before the lenny release.