Re: Please unfreeze snort 2.7.0-20
* Javier Fernández-Sanguino Peña [Wed, 05 Nov 2008 01:27:40 +0100]:
> On Sun, Nov 02, 2008 at 12:31:04PM +0100, Adeodato Simó wrote:
> > * Javier Fernández-Sanguino Peña [Mon, 27 Oct 2008 21:56:52 +0100]:
> > Hello, Javier.
> > > Snort 2.7.0-20, recently uploaded to unstable, introduces a fix for a known
> > > security vulnerability (CVE-2008-1804). Please unfreeze this package so that
> > > the fix can move into Lenny.
> > The i386 binaries that were uploaded to t-p-u depended on the pcre3 on
> > unstable (they were built in an unstable system/chroot and not in a
> > testing one). They hence can't migrate to testing.
> I've recompiled and reuploaded new packages for t-p-u and sid fixing ths
> issues (pcre3 version in t-p-u and fixing binNMUability in both). Please
> review them.
Thanks for the upload. I've reviewed them, and I'll the version in t-p-u
once it's built for all arches.
Regarding the version in sid (2.7.0-22), this puzzles me a bit:
> + - Make snort-rules-default.postrm run with 'set +e' and append '|| true' to
> + rmdir calls so that the script does not abort if the directories are not
> + empty.
> -set -e
> +set +e
This is incoherent: set +e precisely ignores errors, so the "|| true" is
not needed. set -e OTOH makes the script terminate of errors, hence the
"|| true" could be needed for commands that you know could potentially
fail.
However:
> purge|disappear)
> if [ -d /etc/snort/rules ]; then
> - rmdir --ignore-fail-on-non-empty /etc/snort/rules
> + rmdir --ignore-fail-on-non-empty /etc/snort/rules || true
> fi
> if [ -d /etc/snort ]; then
> - rmdir --ignore-fail-on-non-empty /etc/snort
> + rmdir --ignore-fail-on-non-empty /etc/snort || true
If the objective of the "|| true" here is, as the changelog says, "not
abort if the directories are not empty", that is already guaranteed by
the --ignore-fail-on-non-empty flag, so the "|| true" is redundant here.
HTH,
--
Adeodato Simó dato at net.com.org.es
Debian Developer adeodato at debian.org
«Ara que ets la meva dona, te la fotré fins a la melsa, bacona!»
-- Terenci Moix, “Chulas y famosas”
Reply to: