Bug#856649: suricata: IPv4 defrag evasion issue

2023-04-10 Thread Salvatore Bonaccorso
Source: suricata Source-Version: 3.2.1-1~exp1 Hi Sascha, On Mon, Apr 10, 2023 at 11:11:12PM +0200, Sascha Steinbiss wrote: > Hi Salvatore, > > > > (re: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856649) > > > > > > Can we just close this bug? This has been addressed for years, and I am

Bug#856649: suricata: IPv4 defrag evasion issue

2023-04-10 Thread Sascha Steinbiss
Hi Salvatore, (re: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856649) Can we just close this bug? This has been addressed for years, and I am not sure we need to keep these open forever. Can you pin point the upstream version where this was fixed? Sure, you did so yourself in your

Bug#856649: suricata: IPv4 defrag evasion issue

2023-04-10 Thread Salvatore Bonaccorso
Hi, On Sun, Apr 09, 2023 at 01:16:34PM +0200, Sascha Steinbiss wrote: > Hi, > > (re: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856649) > > Can we just close this bug? This has been addressed for years, and I am not > sure we need to keep these open forever. Can you pin point the

Bug#856649: suricata: IPv4 defrag evasion issue

2023-04-09 Thread Sascha Steinbiss
Hi, (re: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856649) Can we just close this bug? This has been addressed for years, and I am not sure we need to keep these open forever. Thanks and best regards Sascha OpenPGP_signature Description: OpenPGP digital signature

Bug#856649: suricata: IPv4 defrag evasion issue

2017-03-20 Thread Chris Lamb
Hi Arturo, > I would like to ask, What are your plans regarding wheezy? Just jumping in here as I just had a look at backporting this patch. I think there might be some issues with the upstream patch anyway, eg.:

Bug#856649: suricata: IPv4 defrag evasion issue

2017-03-20 Thread Arturo Borrero Gonzalez
On 19 March 2017 at 20:22, Salvatore Bonaccorso wrote: > > It's CVE-2017-7177. I have updated the security-tracker. > Yes, thanks Salvatore. All seems right. The upload with the fix is in unstable, in his way for stretch. I would like to ask, What are your plans regarding

Bug#856649: suricata: IPv4 defrag evasion issue

2017-03-19 Thread Salvatore Bonaccorso
Control: retitle -1 suricata: CVE-2017-7177: IPv4 defrag evasion issue On Wed, Mar 15, 2017 at 07:36:26AM +, Chris Lamb wrote: > Hi, > > > suricata: IPv4 defrag evasion issue > > Any update with getting a CVE on this? :) It's CVE-2017-7177. I have updated the security-tracker. Regards,

Bug#856649: suricata: IPv4 defrag evasion issue

2017-03-15 Thread Salvatore Bonaccorso
Hello Chris, On Wed, Mar 15, 2017 at 07:36:26AM +, Chris Lamb wrote: > Hi, > > > suricata: IPv4 defrag evasion issue > > Any update with getting a CVE on this? :) No, unfortuantely we haven't heard back yet. Regards, Salvatore

Bug#856649: suricata: IPv4 defrag evasion issue

2017-03-15 Thread Chris Lamb
Hi, > suricata: IPv4 defrag evasion issue Any update with getting a CVE on this? :) Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#856649: suricata: IPv4 defrag evasion issue

2017-03-03 Thread Salvatore Bonaccorso
Source: suricata Version: 2.0.7-2 Severity: important Tags: patch upstream security Forwarded: https://redmine.openinfosecfoundation.org/issues/2019 Details: https://redmine.openinfosecfoundation.org/issues/2019 Fixed by: