Re: SANS Alert - Snort Vulnerability - stil Vulnerabile ?
>> > > snort vulnerability was posted in BTS.
>> > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=183719
>> > >
>> > > # but, yes, DSA have not been released yet.
>> >
>> Is Woody version stil Vulnerabile to this serious security bug ?
>>
>
>The fixed version is 1.9.1.
Yes, probably Przemek would know that, I think.
He said "Woody version", so that question is about Woody's snort only.
You know, Woody is "Stable" release, so package is NOT upgraded.
BUT when DSA(Debian Security Advisary) would be announced, new fixed
package would come.
Woody's snort would be vulnerable version but there's a setting to
avoid exploit. (maybe, so that no DSA yet?)
># apt-cache policy snort
>snort:
> Installed: (none)
> Candidate: 1.8.4beta1-3
> Version Table:
> 1.9.1-4 0
> 500 ftp://ftp.us.debian.org unstable/main Packages
> 1.8.7-4 0
> 500 ftp://ftp.us.debian.org testing/main Packages
> 1.8.4beta1-3 0
> 1001 ftp://ftp.us.debian.org stable/main Packages
I don't know "apt-cache policy <package>" usage.
it seems useful :)
--
Hideki Yamane mailto:henrich @ iijmio-mail.jp, mb.kcom.ne.jp
henrich @ azumanga-daioh.org, ma-aya.{net, to}
Reply to: