[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Request of authorisation for an upload of Snort in stable to fix 503992

* Luk Claes:

>> I would like to make an upload to stable to fix bug 503992 of Snort. Basicly,
>> this bug was introduced with the patch for a security vulnerability but
>> introduced a sigsegv due to an improper call to a function. This error kills
>> the Snort IDS as soon as it receives fragmented traffic which. In some
>> systems (such as systems behind an ADSL) this seems to happen frequently
>> enough.
>
> Any reason why this regression caused by a security upload, should not
> be fixed by a security upload (I've put the Security Team in Cc)?

It's probably a security bug on its own, so it probably should go
through the DSA process, even though the bug was introduced through
t-p-u before the lenny release.
Reply to: