[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Please unfreeze snort 2.7.0-20

* Javier Fernández-Sanguino Peña [Mon, 27 Oct 2008 21:56:52 +0100]:

Hello, Javier.

> Snort 2.7.0-20, recently uploaded to unstable, introduces a fix for a known
> security vulnerability (CVE-2008-1804). Please unfreeze this package so that
> the fix can move into Lenny.

The i386 binaries that were uploaded to t-p-u depended on the pcre3 on
unstable (they were built in an unstable system/chroot and not in a
testing one). They hence can't migrate to testing.

I scheduled a binNMU of snort/i386/t-p-u to fix this, but as it happens
snort is not binNMUable.

Please make a new sourceful upload of snort to t-p-u, but please fix
binNMUability at the same time; I'm attaching a patch. Please make sure
that the fix is included on the next upload to unstable as well.

And it'd be great to see the CVS files gone from the t-p-u packages too.

Thanks,

-- 
Adeodato Simó                                     dato at net.com.org.es
Debian Developer                                  adeodato at debian.org
 
Faced with the choice between changing one's mind and proving that there
is no need to do so, almost everyone gets busy with the proof.
                -- J.K. Galbraith

diff -u -r snort-2.7.0-20.2.orig/debian/control snort-2.7.0-20.2/debian/control
--- snort-2.7.0-20.2.orig/debian/control	2008-05-01 22:58:44.000000000 +0200
+++ snort-2.7.0-20.2/debian/control	2008-11-02 12:28:32.000000000 +0100
@@ -11,7 +11,7 @@
 Package: snort
 Architecture: any
 Pre-Depends: adduser (>= 3.11)
-Depends: snort-common-libraries (>=${binary:Version}), snort-rules-default (>= ${binary:Version}), debconf (>= 0.2.80) | debconf-2.0, syslogd | system-log-daemon, ${shlibs:Depends}, snort-common (>= ${binary:Version}), logrotate
+Depends: snort-common-libraries (>=${binary:Version}), snort-rules-default (>= ${source:Version}), debconf (>= 0.2.80) | debconf-2.0, syslogd | system-log-daemon, ${shlibs:Depends}, snort-common (>= ${source:Version}), logrotate
 Conflicts: snort-mysql, snort-pgsql
 Replaces: snort-common (<< 2.0.2-3)
 Recommends: iproute
@@ -68,7 +68,7 @@
 Architecture: any
 Priority: extra
 Pre-Depends: adduser (>= 3.11)
-Depends: snort-common-libraries (>=${binary:Version}), snort-rules-default (>= ${binary:Version}), debconf (>= 0.2.80) | debconf-2.0, syslogd | system-log-daemon, ${shlibs:Depends}, snort-common (>= ${binary:Version}), logrotate
+Depends: snort-common-libraries (>=${binary:Version}), snort-rules-default (>= ${source:Version}), debconf (>= 0.2.80) | debconf-2.0, syslogd | system-log-daemon, ${shlibs:Depends}, snort-common (>= ${source:Version}), logrotate
 Recommends: iproute
 Suggests: snort-doc
 Conflicts: snort, snort-pgsql
@@ -89,7 +89,7 @@
 Provides: snort
 Architecture: any
 Priority: optional
-Depends: snort-common-libraries (>=${binary:Version}), snort-rules-default (>= ${binary:Version}), debconf (>= 0.2.80) | debconf-2.0, adduser (>= 3.11), syslogd | system-log-daemon, ${shlibs:Depends}, snort-common (>= ${binary:Version}), logrotate
+Depends: snort-common-libraries (>=${binary:Version}), snort-rules-default (>= ${source:Version}), debconf (>= 0.2.80) | debconf-2.0, adduser (>= 3.11), syslogd | system-log-daemon, ${shlibs:Depends}, snort-common (>= ${source:Version}), logrotate
 Recommends: iproute
 Suggests: snort-doc
 Conflicts: snort, snort-mysql
Reply to: