* Hilko Bengen: >>> | In Bro through 2.5.5, there is a DoS in IRC protocol names command >>> | parsing in analyzer/protocol/irc/IRC.cc. >> >> ping, can we get this one (and CVE-2018-16807) uploaded still in time >> for buster? > > Working on 2.6.1, but I need to get broker (and a new upstream versio > nof actor-framework) into unstable first. Working on that, too.
So that didn't work out -- bro/2.6.1 is still sitting in NEW, along with some of its build-dependencies. :-( I don't know yet if or when I'll be able to backport fixes for the outstanding CVE-worthy bugs. Cheers, -Hilko