Re: Please unfreeze snort 2.7.0-20
* Javier Fernández-Sanguino Peña [Mon, 27 Oct 2008 21:56:52 +0100]:
Hello, Javier.
> Snort 2.7.0-20, recently uploaded to unstable, introduces a fix for a known
> security vulnerability (CVE-2008-1804). Please unfreeze this package so that
> the fix can move into Lenny.
The i386 binaries that were uploaded to t-p-u depended on the pcre3 on
unstable (they were built in an unstable system/chroot and not in a
testing one). They hence can't migrate to testing.
I scheduled a binNMU of snort/i386/t-p-u to fix this, but as it happens
snort is not binNMUable.
Please make a new sourceful upload of snort to t-p-u, but please fix
binNMUability at the same time; I'm attaching a patch. Please make sure
that the fix is included on the next upload to unstable as well.
And it'd be great to see the CVS files gone from the t-p-u packages too.
Thanks,
--
Adeodato Simó dato at net.com.org.es
Debian Developer adeodato at debian.org
Faced with the choice between changing one's mind and proving that there
is no need to do so, almost everyone gets busy with the proof.
-- J.K. Galbraith
diff -u -r snort-2.7.0-20.2.orig/debian/control snort-2.7.0-20.2/debian/control
--- snort-2.7.0-20.2.orig/debian/control 2008-05-01 22:58:44.000000000 +0200
+++ snort-2.7.0-20.2/debian/control 2008-11-02 12:28:32.000000000 +0100
@@ -11,7 +11,7 @@
Package: snort
Architecture: any
Pre-Depends: adduser (>= 3.11)
-Depends: snort-common-libraries (>=${binary:Version}), snort-rules-default (>= ${binary:Version}), debconf (>= 0.2.80) | debconf-2.0, syslogd | system-log-daemon, ${shlibs:Depends}, snort-common (>= ${binary:Version}), logrotate
+Depends: snort-common-libraries (>=${binary:Version}), snort-rules-default (>= ${source:Version}), debconf (>= 0.2.80) | debconf-2.0, syslogd | system-log-daemon, ${shlibs:Depends}, snort-common (>= ${source:Version}), logrotate
Conflicts: snort-mysql, snort-pgsql
Replaces: snort-common (<< 2.0.2-3)
Recommends: iproute
@@ -68,7 +68,7 @@
Architecture: any
Priority: extra
Pre-Depends: adduser (>= 3.11)
-Depends: snort-common-libraries (>=${binary:Version}), snort-rules-default (>= ${binary:Version}), debconf (>= 0.2.80) | debconf-2.0, syslogd | system-log-daemon, ${shlibs:Depends}, snort-common (>= ${binary:Version}), logrotate
+Depends: snort-common-libraries (>=${binary:Version}), snort-rules-default (>= ${source:Version}), debconf (>= 0.2.80) | debconf-2.0, syslogd | system-log-daemon, ${shlibs:Depends}, snort-common (>= ${source:Version}), logrotate
Recommends: iproute
Suggests: snort-doc
Conflicts: snort, snort-pgsql
@@ -89,7 +89,7 @@
Provides: snort
Architecture: any
Priority: optional
-Depends: snort-common-libraries (>=${binary:Version}), snort-rules-default (>= ${binary:Version}), debconf (>= 0.2.80) | debconf-2.0, adduser (>= 3.11), syslogd | system-log-daemon, ${shlibs:Depends}, snort-common (>= ${binary:Version}), logrotate
+Depends: snort-common-libraries (>=${binary:Version}), snort-rules-default (>= ${source:Version}), debconf (>= 0.2.80) | debconf-2.0, adduser (>= 3.11), syslogd | system-log-daemon, ${shlibs:Depends}, snort-common (>= ${source:Version}), logrotate
Recommends: iproute
Suggests: snort-doc
Conflicts: snort, snort-mysql
Reply to: