Re: Status of libhtp and suricata in squeeze
On 16 March 2015 at 10:59, Raphael Hertzog <hertzog@debian.org> wrote:
> Hello,
>
> Moritz Mühlenhoff told me that you did consider libhtp/suricata
> unusable in wheezy and planned to ask for the removal of the package
> in wheezy. Because of that, the security team ignores the currently
> open CVE against those packages.
> https://security-tracker.debian.org/tracker/source-package/suricata
> https://security-tracker.debian.org/tracker/source-package/libhtp
>
> That said the packages are also in squeeze and they are affected in the
> same way (AFAIK). Are the versions in squeeze also unusable like those
> in wheezy ?
>
This is security software, which needs to stay updated to be useful.
That's the kind of 'usability' we are speaking about.
I believe upstream is no longer supporting 1.x series, which is the
version included in both squeeze and wheezy.
--
Arturo Borrero González
Reply to: