Your message dated Fri, 03 Mar 2006 13:47:09 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#337992: fixed in acidlab 0.9.6b20-15
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: acidlab
Version: 0.9.6b20-13
Severity: serious
When upgrading from sarge, acidlab mess with conffiles and triggers the
dpkg conffiles handling for the file /etc/acidlab/acid_conf.php
while I did not modify it, which is confusing.
See the piuparts log at
<http://people.debian.org/~ballombe/misc/acidlab.piu>
<snip>
Setting up acidlab (0.9.6b20-13) ...
Configuration file `/etc/acidlab/acid_conf.php'
==> Modified (by you or by a script) since installation.
==> Package distributor has shipped an updated version.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : background this process to examine the situation
The default action is to keep your current version.
*** acid_conf.php (Y/I/N/O/D/Z) [default=N] ? D
--- /etc/acidlab/acid_conf.php 2005-11-07 18:01:39.000000000 +0000
+++ /etc/acidlab/acid_conf.php.dpkg-new 2005-11-01 13:44:36.000000000 +0000
@@ -9,7 +9,7 @@
* $foo = "c:\tmp" [OK]
* $foo = "c:\tmp\" [WRONG]
*/
-$DBlib_path = "/usr/share/adodb";
+$DBlib_path = "/usr/share/php/adodb";
/* The type of underlying alert database
*
@@ -17,7 +17,7 @@
* PostgresSQL : "postgres"
* MS SQL Server : "mssql"
*/
-$DBtype = "mysql";
+$DBtype = "DBTYPE";
/* Alert DB connection parameters
* - $alert_dbname : MySQL database name of Snort alert DB
@@ -29,18 +29,18 @@
* This information can be gleaned from the Snort database
* output plugin configuration.
*/
-$alert_dbname = "snort_log";
-$alert_host = "localhost";
-$alert_port = "";
-$alert_user = "root";
-$alert_password = "mypassword";
+$alert_dbname = "ALERT_NAME";
+$alert_host = "ALERT_HOST";
+$alert_port = "ALERT_PORT";
+$alert_user = "ALERT_USER";
+$alert_password = "ALERT_PASSWORD";
/* Archive DB connection parameters */
-$archive_dbname = "snort_archive";
-$archive_host = "localhost";
-$archive_port = "";
-$archive_user = "root";
-$archive_password = "mypassword";
+$archive_dbname = "ARCHIVE_NAME";
+$archive_host = "ARCHIVE_HOST";
+$archive_port = "ARCHIVE_PORT";
+$archive_user = "ARCHIVE_USER";
+$archive_password = "ARCHIVE_PASSWORD";
/* Type of DB connection to use
* 1 : use a persistant connection (pconnect)
@@ -221,22 +221,27 @@
/* Whois query */
$external_whois_link = "http://www.samspade.org/t/ipwhois?a=";;
//$external_whois_link =
"http://www.geektools.com/cgi-bin/proxy.cgi?targetnic=auto&query=";
+// Alternative:
+// $external_dns_link = "http://www.dnsstuff.com/tools/whois.ch?ip=";;
/* DNS query */
$external_dns_link = "http://www.samspade.org/t/dns?a=";;
+// Alternative:
+// $external_dns_link = "http://www.dnsstuff.com/tools/lookup.ch?type=A&name=";;
/* SamSpade "all" query */
$external_all_link = "http://www.samspade.org/t/lookat?a=";;
/* TCP/UDP port database */
-$external_port_link = "http://www.snort.org/ports.html?port=";;
-//$external_port_link = "http://www.portsdb.org/bin/portsdb.cgi?portnumber=";;
+// No longer available:
+// $external_port_link = "http://www.snort.org/ports.html?port=";;
+$external_port_link = "http://www.portsdb.org/bin/portsdb.cgi?portnumber=";;
/* Signature references */
$external_sig_link = array("bugtraq" =>
array("http://www.securityfocus.com/bid/";, ""),
- "snort" =>
array("http://www.snort.org/snort-db/sid.html?sid=";, ""),
+ "snort" =>
array("http://www.snort.org/pub-bin/sigs.cgi?sid=";, ""),
"cve" =>
array("http://cve.mitre.org/cgi-bin/cvename.cgi?name=";, ""),
- "nessus" =>
array("http://cgi.nessus.org/plugins/dump.php3?id=";, ""),
+ "nessus" =>
array("http://www.nessus.org/plugins/index.php?view=single&id=";, ""),
"arachnids" =>
array("http://www.whitehats.com/info/ids";, ""),
"mcafee" =>
array("http://vil.nai.com/vil/content/v_";, ".htm"),
"icat" =>
array("http://icat.nist.gov/icat.cfm?cvename=";, ""));
1
</snip>
Cheers,
--
Bill. <[EMAIL PROTECTED]>
Imagine a large red swirl here.
--- End Message ---
--- Begin Message ---
Source: acidlab
Source-Version: 0.9.6b20-15
We believe that the bug you reported is fixed in the latest version of
acidlab, which is due to be installed in the Debian FTP archive:
acidlab-doc_0.9.6b20-15_all.deb
to pool/main/a/acidlab/acidlab-doc_0.9.6b20-15_all.deb
acidlab-mysql_0.9.6b20-15_all.deb
to pool/main/a/acidlab/acidlab-mysql_0.9.6b20-15_all.deb
acidlab-pgsql_0.9.6b20-15_all.deb
to pool/main/a/acidlab/acidlab-pgsql_0.9.6b20-15_all.deb
acidlab_0.9.6b20-15.diff.gz
to pool/main/a/acidlab/acidlab_0.9.6b20-15.diff.gz
acidlab_0.9.6b20-15.dsc
to pool/main/a/acidlab/acidlab_0.9.6b20-15.dsc
acidlab_0.9.6b20-15_all.deb
to pool/main/a/acidlab/acidlab_0.9.6b20-15_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> (supplier of updated
acidlab package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 3 Mar 2006 18:32:50 +0100
Source: acidlab
Binary: acidlab-doc acidlab-pgsql acidlab acidlab-mysql
Architecture: source all
Version: 0.9.6b20-15
Distribution: unstable
Urgency: low
Maintainer: Jeremy T. Bouse <[EMAIL PROTECTED]>
Changed-By: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]>
Description:
acidlab - Analysis Console for Intrusion Databases
acidlab-doc - Analysis Console for Intrusion Databases (documentation)
acidlab-mysql - Analysis Console for Intrusion Databases for MySQL
acidlab-pgsql - Analysis Console for Intrusion Databases for Postgres
Closes: 337992 341131
Changes:
acidlab (0.9.6b20-15) unstable; urgency=low
.
[ Matt Brown ]
* Fixed incorrect handling of /etc/acidlab/acid_conf.php (Closes: #337992)
- acid_conf.php cannot be a conffile as the maintainer scripts modify it
- Added dependency on ucf and use that to manage acid_conf.php
- Attempt to recreate previous 'unmodified' acid_conf.php from the
0.9.6b20-10 package and use its md5sum to prevent unnecessary prompting
if possible. This should make sarge -> etch upgrades go smoothly if
the user has not modified the conf file.
Note: This will only work for upgrades from 0.9.6b20-10{,.1} but not
from upgrades of other versions of the package, since there archive only
hold these it shouldn't be much of an issue now.
[ Javier Fernandez-Sanguino ]
* Fix the issue that prevent alerts from being removed (Closes: #341131)
* When purging, remove the /etc/acidlab/acid_conf.php.md5sum file too
Files:
e3d568967dd2d1bd8ad9e21c7a1d236a 840 web extra acidlab_0.9.6b20-15.dsc
0fc2806d15c886db15fba9938851af8e 358577 web extra acidlab_0.9.6b20-15.diff.gz
0a7a76bc082692af0b537bc8f1b9d9b4 5684 web extra
acidlab-mysql_0.9.6b20-15_all.deb
c435cd31fd36952d75b8e73e325a0093 5684 web extra
acidlab-pgsql_0.9.6b20-15_all.deb
7275ad4ad20258d701e8c7a5b078a77c 277168 web extra
acidlab-doc_0.9.6b20-15_all.deb
34e76b12c926b1b6e55c40860f12bb6b 664266 web extra acidlab_0.9.6b20-15_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iQCVAwUBRAiDNvtEPvakNq0lAQL8VAP/VhyZLPofbtcZHX2oCIkIZWEMOpFbGq21
6OzLh7f5nrcBMSTC+PJQJnB5WFRXEzKVvEQnGgtCK+iRJs//qGkrwWpdb8UrwieB
gzS319nngA4QFLavhLbFoZDC/fb7Ase4ql665dAeoG1plJonL4RozibHlTHigg/C
e+EUCc7QgC0=
=NykG
-----END PGP SIGNATURE-----
--- End Message ---
