Bug#503992: Request of authorisation for an upload of Snort in stable to fix 503992
Javier Fernández-Sanguino Peña wrote: Hi release team, Hi Javier I would like to make an upload to stable to fix bug 503992 of Snort. Basicly, this bug was introduced with the patch for a security vulnerability but introduced a sigsegv due to an improper call to a function. This error kills the Snort IDS as soon as it receives fragmented traffic which. In some systems (such as systems behind an ADSL) this seems to happen frequently enough. Any reason why this regression caused by a security upload, should not be fixed by a security upload (I've put the Security Team in Cc)? Attached is the diff of the Snort release 2.7.0-20.4 I would like to upload vs. the version currently in stable. I would like permission from the stable release managers to upload this fixed version there, thanks. Cheers Luk -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#503992: Request of authorisation for an upload of Snort in stable to fix 503992
* Luk Claes: I would like to make an upload to stable to fix bug 503992 of Snort. Basicly, this bug was introduced with the patch for a security vulnerability but introduced a sigsegv due to an improper call to a function. This error kills the Snort IDS as soon as it receives fragmented traffic which. In some systems (such as systems behind an ADSL) this seems to happen frequently enough. Any reason why this regression caused by a security upload, should not be fixed by a security upload (I've put the Security Team in Cc)? It's probably a security bug on its own, so it probably should go through the DSA process, even though the bug was introduced through t-p-u before the lenny release. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#503992: Request of authorisation for an upload of Snort in stable to fix 503992
On Sun, Mar 22, 2009 at 03:39:40PM +0100, Florian Weimer wrote: * Luk Claes: Any reason why this regression caused by a security upload, should not be fixed by a security upload (I've put the Security Team in Cc)? No reason, I just thought this would not be considered a security bug. It's probably a security bug on its own, so it probably should go through the DSA process, even though the bug was introduced through t-p-u before the lenny release. Since Neil answered already I uploaded the packages to stable using the patch I sent. If you want them to go through the DSA process I guess the security team should do the upload themselves right? Regards Javier signature.asc Description: Digital signature
Bug#503992: Request of authorisation for an upload of Snort in stable to fix 503992
* Javier Fernández-Sanguino Peña: It's probably a security bug on its own, so it probably should go through the DSA process, even though the bug was introduced through t-p-u before the lenny release. Since Neil answered already I uploaded the packages to stable using the patch I sent. If you want them to go through the DSA process I guess the security team should do the upload themselves right? I don't think it's worth the effort because the point release is not too far away, right? Anyway, thanks for addressing this issue. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#503992: Request of authorisation for an upload of Snort in stable to fix 503992
Hi release team, I would like to make an upload to stable to fix bug 503992 of Snort. Basicly, this bug was introduced with the patch for a security vulnerability but introduced a sigsegv due to an improper call to a function. This error kills the Snort IDS as soon as it receives fragmented traffic which. In some systems (such as systems behind an ADSL) this seems to happen frequently enough. Attached is the diff of the Snort release 2.7.0-20.4 I would like to upload vs. the version currently in stable. I would like permission from the stable release managers to upload this fixed version there, thanks. Javier diff -Nru snort-2.7.0-20.3/debian/changelog snort-2.7.0/debian/changelog --- snort-2.7.0-20.3/debian/changelog 2008-11-04 22:38:11.0 +0100 +++ snort-2.7.0/debian/changelog 2009-03-22 00:17:24.0 +0100 @@ -1,3 +1,14 @@ +snort (2.7.0-20.4) stable; urgency=high + + * Fix error in call to LogMessage (missing parameters) which caused a +segfault when fragmented packages were received. This bug was introduced in +the patch to fix CVE-2008-1804. Urgency set to 'high' as in some +circunstances it makes Snort fail to start on startup or die after +working for only a few minutes. Also, this could be used as a DoS +attack against an IDS sensor rendering it useless. (Closes: #503992) + + -- Javier Fernandez-Sanguino Pen~a j...@debian.org Sun, 22 Mar 2009 00:16:44 +0100 + snort (2.7.0-20.3) testing-proposed-updates; urgency=low * Reupload to testing to *really* depend on newer libpcre. diff -Nru snort-2.7.0-20.3/src/preprocessors/spp_frag3.c snort-2.7.0/src/preprocessors/spp_frag3.c --- snort-2.7.0-20.3/src/preprocessors/spp_frag3.c 2008-10-22 01:33:03.0 +0200 +++ snort-2.7.0/src/preprocessors/spp_frag3.c 2009-03-22 00:18:23.0 +0100 @@ -1556,7 +1556,7 @@ */ p-fragtracker = NULL; } -LogMessage(%s(%d) == The ttl_limit option will be ignored, and Use of the ttl_limit option will be deprecated in a future release\n); +// LogMessage(%s(%d) == The ttl_limit option will be ignored, and Use of the ttl_limit option will be deprecated in a future release\n, file_name, file_line); } Frag3RemoveTracker(fkey, ft); signature.asc Description: Digital signature