snort (2.3.2-3) unstable; urgency=high * Pre-Depend on adduser since we use it on preinst * Changed debian/TODO * Snort-common now Replaces old snort versions (1.8.4beta1-1) since the configuration files where moved there from snort. Save for the ppp configuration file which was moved from snort-common to snort. Snort now Replaces snort-common versions previous to 2.0.2-3, that introduced the change, cannot conflict since we will end up with circular dependencies. (Closes: #311257) * Check MD5sums before rule files are moved from the old location to the new one in snort-rules-default's preinst when upgrading. If the files have not been changed from the ones provided by the woody version then remove them (Closes: #311263) -- Javier Fernandez-Sanguino Pen~a Wed, 1 Jun 2005 09:47:04 +0200 snort (2.3.2-2) unstable; urgency=low * Have snort-common Conflict on versions prior to the Source-Version to prevent users upgrading snort-common without upgrading snort. (Closes: #300785 * Fixed homepage location of Snort (Closes: #300727) * Fixed snort-stat so it can be used when the -y option is used with Snort, thanks to the patch provided by Chirik (Closes: #200276) * Updated German translation courtesy of Erik Schanze -- Javier Fernandez-Sanguino Pen~a Tue, 22 Mar 2005 01:26:55 +0100 snort (2.3.2-1) unstable; urgency=low * New upstream release. - Fixes some bugs in preprocessors - Rules updates * Fixed format of NEWS file, updated the version of the changelog entry so that everybody will read it on next upgrade (Closes: #299334) * Added debconf french translation provided by Christian Perrier (Closes: #299016) * Updated debconf dutch translation provided by Peter Vandenabeele (Closes: #296152) * The PPP script will now use the new /etc/default/snort mechanism (Closes: 298003 -- Javier Fernandez-Sanguino Pen~a Mon, 14 Mar 2005 13:26:45 +0100 snort (2.3.0-7) unstable; urgency=low * Do not change the permissions of /var/log/snort/ and /etc/snort/snort.conf if the administrator has setup an override using dpkg-statoverride (Closes: #296927) * Updated translation to Catalan with the one provided by Aleix Badia i Bosch -- Javier Fernandez-Sanguino Pen~a Sat, 26 Feb 2005 13:09:14 +0100 snort (2.3.0-6) unstable; urgency=low * Added tetex-extra to Build-Depends (Closes: #296814) * Refer to the proper file in debconf template (Closes: #296809) * Updated the spanish debconf translation. -- Javier Fernandez-Sanguino Pen~a Fri, 25 Feb 2005 00:43:19 +0100 snort (2.3.0-5) unstable; urgency=low * Upload of the experimental package to unstable Even though I don't get to fix #205683 and friends (and I would like to, before the release) This release Closes #283816, #241995, #289405, #247603 * Do not rotate log files if empty (Closes: #193299) * Added dutch translation (Closes: #247603) * Added yet another TODO item -- Javier Fernandez-Sanguino Pen~a Tue, 22 Feb 2005 21:36:40 +0100 snort (2.3.0-4) experimental; urgency=low * Call dh_installdocs with -i or -a depending on target, rename (Closes: #295228, #294755) * NEWS.Debian file to NEWS -- Javier Fernandez-Sanguino Pen~a Tue, 15 Feb 2005 08:33:34 +0100 snort (2.3.0-3) experimental; urgency=low * Create manual in build-indep location (Closes: #294755) * Fixed location of snort_manual and lisapaper in their respective doc-base files. * Added a reference to the FAQ through a new doc-base file. -- Javier Fernandez-Sanguino Pen~a Sat, 12 Feb 2005 12:23:35 +0100 snort (2.3.0-2) experimental; urgency=low * Improved postrm purge action by removing also obsolete configuration (since it's no longer in the conffiles) and the group. Also, synced all postrm scripts (mysql did not included the rmdir /etc/snort code) -- Javier Fernandez-Sanguino Pen~a Wed, 9 Feb 2005 08:44:05 +0100 snort (2.3.0-1) experimental; urgency=low (First attempt at experimental, to avoid breaking installations running sid) * New upstream release * This version now uses libnet1, changed Build-Depends (Closes: #241995) * Introduced /etc/default/snort and removed /etc/snort/common.parameters this makes it easier to check for common situations (parsing the parameter file is quite complicated). The old common.parameters file is moved over to /etc/default/snort automatically, but retained in case the parsing has not been done properly (and will not be used until the common.parameters file is removed). This is described in the NEWS.Debian file. * Fixed the postint call so that the passwd and group are checked before they are created. Also fix chown call (still used '.' instead of ':') * Introduce a check for the status of Snort's logdirectory, it checks if it belongs to Snort (Closes: #247603) * This release provides debconf support for snort sensors in multiple interfaces (Closes: #283816) * Run update-debconf, seems I had not done this when I last made changes in the templates in 2.2.0-8 * Included the documentation available, including signatures. Also added the LaTeX manual included as well as the additional Build-Depends on tetex-bin and gs-common * Updated the FAQ (was about time!) from http://www.snort.org/docs/FAQ.txt * Added a README.docs file (pointing people to more documents) * Updated translations: - German, provided by Erik Schanze (Closes: #289405) -- Javier Fernandez-Sanguino Pen~a Wed, 26 Jan 2005 09:18:53 +0100 snort (2.2.0-9) unstable; urgency=low * Removed old (obsolete) converstion of PPPENV in /var/tmp in postinst which actually might open up security holes when using dialup access and installing/upgrading the package. * Updated translations: - Japanese, provided by Hideki Yamane (closes: #283128) - French, provided by Christian Perrier (closes: #284559) -- Javier Fernandez-Sanguino Pen~a Mon, 20 Dec 2004 01:35:21 +0100 snort (2.2.0-8) unstable; urgency=low * Updated the README.Debian file with proper information on how to setup multiple interfaces and rewrote the Debconf question to specify that it can be used to define multiple interfaces (Closes: #283816) * Added some additional TODO notes -- Javier Fernandez-Sanguino Pen~a Wed, 1 Dec 2004 17:04:38 +0100 snort (2.2.0-7) unstable; urgency=low * Make snort-common Arch: all (Closes: #278987) * The installation will now check if you are using a configuration that will not be able to work with the current Snort version and will forewarn you. The package installation will still fail (if Snort is started automatically) but the administrator will be pointed to where the error is (Closes: #165107) * Use dh_installman instead of dh_installmanpages and provide proper PACKAGE.manpages file since dh_installmanpages now fails to create the snort-common package properly. * Updated to the latest rules snapshot * Added an 'update-rules' target in debian/rules that downloads the latest rules snapshot and installs it in the package. [ Translations ] * Dutch update, provided by cobaco (Closes: #278719) * Japanese update, provided by Hideki Yamane (Closes: #279028) * French update, provided by Christian Perrier (Closes: #279833) * German update, provided by Erik Schanze (Closes: #280964) -- Javier Fernandez-Sanguino Pen~a Sat, 30 Oct 2004 22:47:34 +0200 snort (2.2.0-6) unstable; urgency=low * Added a 'config-check' option in init.d to test the user's configuration file. This could be used to determine (in postinst) if snort should be restarted and warn the user (not yet done). This will help fix #165107, #165351 (since similar user mistakes would be detected), #276565 and #247665. * Added more information to the TODOs * Moved DEBIAN_TRESHOLD to DEBIAN_THRESHOLD (save for the debconf value in order to avoid reseting it) (Closes: #256581) * Removed double space in template (Closes: #275936) * The snort-rules package now Suggests: snort instead of depending on it (Closes: #249697) * Updated rules with the latest snapshot. -- Javier Fernandez-Sanguino Pen~a Mon, 25 Oct 2004 23:47:45 +0200 snort (2.2.0-5) unstable; urgency=low * Rules update -- Javier Fernandez-Sanguino Pen~a Wed, 13 Oct 2004 12:11:21 +0200 snort (2.2.0-4) unstable; urgency=medium * Fix typo introduced in previous upload that prevents ppp init script from loading properly common.parameters (Closes: #275439) -- Javier Fernandez-Sanguino Pen~a Fri, 8 Oct 2004 09:50:06 +0200 snort (2.2.0-3) unstable; urgency=high * Added config-file discovery to ppp init.scripts so that Snort is started (-c) with the proper configuration file if available or snort.conf if not. Setting high severity so that users running Snort with PPP don't end up with a full /var filesystem (Closes: #268707) * Fixed bashism in /etc/ppp/if-up.d/snort * Modified the init.d an if-up.d scripts so that /etc/snort/snort.common.parameters is only used if it exists. * Snort-rules-default now Recommends: oinkmaster now that it is in the archive (accepted 01 Oct 2004), this does not close #191105 since IMHO a better signature update mechanism should be introduced. Also updated the related TODO item. * Added a FAQ Q&A regarding rule updates in README.Debian * Added code to detect for deprecated preprocessors and warn the user, curretnly the code will not touch the configuration files himself and will not detect if you are using the standard package configuration file. It will prevent users from having configuration issues, however (Closes: #247665) * Modified the init.d file so you can use 'status' to determine if the Snort sensors are up or not. * Updated the 2.2 rule set with the snapshot provided at snort.org, new rules include detection of the recent JPEG exploit (Closes: #274244) * Fixed typo in templates (unfuzzied modified entries) and updated JA translation provided by Hideki Yamane (Closes: #273138) -- Javier Fernandez-Sanguino Pen~a Sat, 2 Oct 2004 12:41:50 +0200 snort (2.2.0-2) unstable; urgency=low * Taking over maintainership of this package (Closes: #265343) * Have Snort{,-mysql,-pgsql} depend on the same versions of the common packages (was not done in the previous release) * Updated JA translation (Closes: #271755) * Added a list of todo items in debian/TODO -- Javier Fernandez-Sanguino Pen~a Wed, 15 Sep 2004 10:42:43 +0200 snort (2.2.0-1) unstable; urgency=low + The 'Please Adopt Me!' release. + Fixed build-depends on libpcap0.8-dev closes: #263923 + Fixed failure to start on multiple interfaces, each interface now uses it's own configuration file. Closes: #248908 + Snort{,-mysql,-pgsql} depend on the same versioned rules + common Closes: #257078 + NL, DE, pt_BR, FR, JA translations added Closes: #265508, #264301, #246553, #246374, #239206 + New upstream release closes: #262297 -- Sander Smeenk Sun, 15 Aug 2004 15:24:39 +0200 snort (2.1.2-2) unstable; urgency=low ! Once again: Thanks Mario 'BitKoenig' Holbe for your great help: + Moved 'dialup' interface guessing from ppp/ip-up to postinst + Cleanup restart: only restart current running interfaces This also cleans up: 'dialup' logcheck failure, if no snort running + Prepare for multisensor support + Use start-stop-daemon --retry instead of sleep and kill -9 + Use invoke-rc.d only, if it exists Closes: #191574 + Correct please_restart to please_restart_manually + Re-Unified prerm and postinst scripts + Fix the backward-compatible just-kill-them-all in prerm; do we really need it? It definitely didn't work before and since the old-package prerm is called anyways, we shouldn't. + Simplify snort.debian.conf creation + snort-doc/examples now has a snort-rules auto-update script! Closes: #242521, thanks Marcel! + Updated fr.po by Christian Perrier Closes: #244048, thanks Christian! + Recent changes to init / ip-{up,down} scripts fixed this bug: Closes: #226236 + Fixed database schema's in {pg,my}sql packages. This does not fix the 'schema is not installed when debconf prompts for it'-problem. Closes: #244017 + Problem with snort-pgsql.template fixed. Closes: #244175 -- Sander Smeenk Sun, 18 Apr 2004 14:39:19 +0200 snort (2.1.2-1) unstable; urgency=low + New upstream release + Templates corrected (reflect same text at shared options, typos) + -b switch removed from snort startup, log_tcpdump changed to snort.log Closes: #241425, #171190 + French debconf translation by Christian Perrier Closes: #241991 + Added checks on purge of snort-rules-default. Fixed breakage Closes: #239542 + Firewall interaction is explained in the FAQ Closes: #217174 + Snort now has snort.common.options, and no -b anymore. Closes: #217244 + Changed helptext in snort.debian.conf to be more generic. Closes: #196694 + Improved dialup suppport. MANY Thanks to Mario 'BitKoenig' Holbe for his great work on this subject and the changes to the init script! Closes: #226236 -- Sander Smeenk Sun, 4 Apr 2004 15:12:27 +0100 snort (2.1.1-1) unstable; urgency=low + New upstream release Closes: #238427 + Added catalan debconf templates (debian/po/ca.po) Closes: #236644 + Fixed packaging bugs. + Applied following changes by Javier Fernández-Sanguino Peña. Thanks!! * Snort group is now created using --system in all packages Closes: #231580 * Both the cron.daily script and the postinst scripts set a default value for STATS_RCPT and STATS_TRESHOLD to avoid buggy behaviours if the user does not setup a proper value when interfacing with debconf. Still, these values should be checked in the config scripts. (Closes: #173331) * Snort-stat now exists if there are no results which will avoid it from sending empty emails (Closes: #217913, #174508, #192401, #172529) * Improved the explanations in several templates (Closes: #217173) * Updated Japanese translation (and fixed some po format errors, hopefully without damaging the po file) (Closes: #226680) * Included Catalan debconf translation (Closes: #236644) * Updated pt-BR debconf translation (Closes: #228244) * Re-Added (partial) spanish debconf translation (it seems that the work I did back in december 2001 has not been moved to po-debconf!) -- Sander Smeenk Wed, 17 Mar 2004 18:46:28 +0100 snort (2.1.0-4) unstable; urgency=low + Fixed FTBFS with -B flag specified to dpkg-buildpackage Thanks Pascal Hakim. + Restart target in init.d script requires a sleep on slow systems. Thanks Marco Gaiarin. + Updated the ja.po templates snort (2.1.0-3) unstable; urgency=low + Split binary-indep packages from binary-arch target Closes: #226072, #157708, #185806 + ip-up.d script now correctly guesses the PPPENV settings Closes: #225956 + Updated the fr.po templates Closes: #225906 -- Sander Smeenk Sun, 04 Jan 2004 12:51:38 +0100 snort (2.1.0-2) unstable; urgency=low + Added example init.d script to manage multiple sensors. + No longer kills custom daemons at init.d stop Closes: #181637 + Fixed build-dependency on libpcre3-dev Closes: #225707 + Fixed manpage to reflect new SIGHUP handling Closes: #122689 + Already implemented 'statesaving' dialup scripts Closes: #101725 + Changed default flow-portscan configuration Closes: #225506 -- Sander Smeenk Fri, 02 Jan 2004 13:01:54 +0100 snort (2.1.0-1) unstable; urgency=low + New upstream version + Depend on perl-modules for perlscripts Closes: #212805 + Fixed breakage of upgrades when conffiles were removed by user Closes: #207970 + Added japanese translation of templates Closes: #224191 -- Sander Smeenk Sun, 21 Dec 2003 15:48:55 +0100 snort (2.0.2-3) unstable; urgency=low * ip-up.d/snort and init.d/snort now use the same startup arguments with an extra config file that holds the common parameters. Closes: #217244 + ip-{up,down}.d/snort moved from snort-common to snort{,-mysql,-pgsql} * Clarified debconf questions. Fixed typos, corrected grammar. Closes: #217173 * Updated what documenation files are included. Closes: #217174 -- Sander Smeenk Fri, 24 Oct 2003 18:05:26 +0200 snort (2.0.2-2) unstable; urgency=low * Fixed 'native package' problem Closes: #216326 * Fixed syntaxerrors in init script Closes: #215142 -- Sander Smeenk Sun, 19 Oct 2003 16:11:09 +0200 snort (2.0.2-1) unstable; urgency=low Pascal: * Make snort-rules-default depend on a recent version of snort Closes: #135603 * Delete configuration files and log files on purge. Closes: #180043 Sander: * Fixed the init.d script to not start snort in dialup mode at boot. Closes: #207291, #208003 -- Sander Smeenk Wed, 08 Oct 2003 21:09:34 +1000 snort (2.0.1-3) unstable; urgency=low + Fixed FTBFS: automake1.6 dependency (Closes: #207010) -- Sander Smeenk Mon, 25 Aug 2003 10:45:31 +0200 snort (2.0.1-2) unstable; urgency=low + Snort now co-maintained by Pascal Hakim + fr.po added, forgot the NMU by Christian Perrier + Untranslatable strings marked for translation fixed Closes: #206972, #192952 + create_postgresql.gz has been updated and now uses 'TIMESTAMP' Closes: #206372 + Changed the init.d's "start" section to support dialup mode Closes: #205873 + SNMP support has been removed upstream, I forgot to remove the MIB message from snort-common Closes: #206668 + Since the MIB note was removed, this also fixes inapropriate use of debconf, which Closes: #205085 -- Sander Smeenk Sun, 24 Aug 2003 11:41:23 +0200 snort (2.0.1-1) unstable; urgency=low + New upstream source -- Sander Smeenk Tue, 19 Aug 2003 16:32:46 +0200 snort (2.0.0-3.1) unstable; urgency=low + Eeps! Forgot my versioned dependencies! -- Sander Smeenk Mon, 05 May 2003 21:02:13 +0200 snort (2.0.0-3) unstable; urgency=low + Added 'Provides: Snort' to snort-{pg,my}sql (Closes: #190064) + Moved parameter -b to snort.conf (Closes: #190748) + Seems fixed, according to submitter (Closes: #184596) + Fixed ppp/ip-up.d/snort, first source, then test (Closes: #190999, #191894) + Dependency on libpq3 isn't mandatory since postgresql-dev depends on it. (Closes: #191570) -- Sander Smeenk Mon, 05 May 2003 20:27:03 +0200 snort (2.0.0-2) unstable; urgency=low + Fixed PPP environment variables in ip-up.d. (Closes: #190107) I really don't know how to support multiple instances of snort here + Versioned depends on snort-rules-default (Closes: #190111) + Fixed wrong pid-finding init.d script (Closes: #190154) + cronjob 'snort' renamed to '5snort' again (Closes: #190303) -- Sander Smeenk Wed, 23 Apr 2003 21:00:23 +0200 snort (2.0.0-1) unstable; urgency=high + New Upstream version + SECURITY FIXES (Closes: #189267) - XML logging and SNMP notification seems to be removed upstream ? + The init.d script has added intelligence that will hopefully detect wether snort was running in manual mode / dialup mode when logrotate ran, and leave it in that state (Closes: #186060) + Tried to fix snort-stat by adding -a option (Closes: #186214) + Renamed cronjob 5snort to snort (Closes: #186380) + Rebuilt with new libsnmp-0.4.2 linking (Closes: #186415) + po-debconf patch applied, thanks (Closes: #186881) + Including sid-msg.map and gen-msg.map (Closes: #187291) -- Sander Smeenk Sat, 05 Apr 2003 13:32:18 +0200 snort (1.9.1-4) unstable; urgency=low + Added dependency on perl-modules to snort-common (Closes: #185180) + Attempt 1 at fixing snort-stat again (Closes: #184622) + init.d script tells how to start snort on dialup system (Closes: #181074) + snort-stat supports -a now (scan whole file) (Closes: #184282) -- Sander Smeenk Tue, 18 Mar 2003 21:37:47 +0100 snort (1.9.1-3) unstable; urgency=low + Fixed Override Disparities + Added section to snort-paper (Closes: #183988, #183388) -- Sander Smeenk Wed, 12 Mar 2003 09:04:30 +0100 snort (1.9.1-2) unstable; urgency=low + Fixed PostgreSQL CreateDB-scheme (Closes: #181733) + Fixed snort-doc (Closes: #183988, #183388) + A supposed fix for #181477 introduced a new bug which is now fixed (Closes: #184128, #184071) + Fixed -s commandline argument. It doesn't need an argument. (Closes: #183790) + Startup arguments for init.d invocation and pppd invocation are now 'the same' (Closes: #183554) -- Sander Smeenk Mon, 10 Mar 2003 23:57:12 +0100 snort (1.9.1-1) unstable; urgency=high * SECURITY FIX ISS X-Force has discovered a remotely exploitable buffer overflow condition in Snort. A buffer overflow flaw exists in Snort RPC preprocessing code that is vulnerable to attack. -- Sander Smeenk Mon, 03 Mar 2003 21:15:27 +0100 snort (1.9.0rel-4) unstable; urgency=low + Changed logrotate (Closes: #176495) + Renamed 'portscan2' to 'portscan2.log' (Closes: #173978) + Recompile Fixed PostgreSQL dependency (Closes: #175977) + Applied patch against snort-stat (Closes: #175657) + Added 'portscan2-ignorehosts' example + enabled for $HOME_NET (Closes: #173985) + Marks old 'snort.rules.files' OBSOLETE (Closes: #173981) + Fixed snort-stat manpage to reflect alert.log (Closes: #175364) + Fixed snort-pgsql logging bug with last_cid (Closes: #166722) + Updated snort-rules-default to latest version + Recompile fixed libsnmp5 dependency (Closes: #183094, #182722) + Init scripts fixed (Closes: #181497) + Changed rights on /var/log/snort to snort.adm (Closes: #180216) + Fixed mkdir -p in snort-rules-default preinst (Closes: #180046) -- Sander Smeenk Sat, 25 Jan 2003 16:48:40 +0100 snort (1.9.0rel-3) unstable; urgency=low + Using invoke-rc.d instead of direct /etc/init.d calls (Closes: #165135) -- Sander Smeenk Thu, 17 Oct 2002 11:35:42 +0200 snort (1.9.0rel-2) unstable; urgency=low + Fixed Startup in Manual mode (Closes: #164644) + Fixed failing preinst in snort-rules-default (Closes: #164643) + No more useless cron messages (Closes: #158490) + Manually changed snort.c to fix -s cmdline problem (Closes: #164969) + DISABLED OLD PORTSCAN PREPROCESSOR, REPLACED BY PORTSCAN2 PREPROCESSOR -- Sander Smeenk Wed, 16 Oct 2002 19:58:29 +0200 snort (1.9.0rel-1) unstable; urgency=low + New Upstream Version + Moves old /etc/snort/*.rules to new rules/ directory (Closes: #158447, #160888) + Closes: #158845, leftover bug fixed in previous upload. + Files *were* created with incorrect permissions (Closes: #162386) + Fixed Logrotate (Closes: #158042, #159456) -- Sander Smeenk Sat, 31 Aug 2002 15:59:16 +0200 snort (1.9.0beta4-5) unstable; urgency=low + ASN.1 Decoder turned OFF because of TOO MANY LOGENTRIES! * Fixed Bugs (Closes: #157443) + Commented out the 'Initializing Output Plugins!' message. + Changed to logrotate to rotate logfiles (Closes: #157706) * Unreproducable, but changed to new rotation system (Closes: #156896) + Specified 'portscan2.log' as portscan2 preprocessor logfile + Supports 'any' in the address range question to not trust any side of the network. Wishlist but no bug was filed for this. + Fixed faulty information in templates (Closes: #158708) + Added README.PHP in contrib/ for clearness (Closes: #158714) + snort-stat reported hostname with \n at the end, chomped off now. -- Sander Smeenk Fri, 23 Aug 2002 22:17:20 +0200 snort (1.9.0beta4-4) unstable; urgency=low + Severe postinst breakage when installing newer versions of Snort from scratch. Fixed. + Fixed world-writable logfiles problem (Closes: #155893) + Password-field must be filled in. + snort-mysql's postinst put postgresql config in snort.conf :( -- Sander Smeenk Tue, 20 Aug 2002 13:21:42 +0200 snort (1.9.0beta4-3) unstable; urgency=low + Fixed world-writable logfiles problem (Closes: #155893) + Password-field must be filled in. + snort-mysql's postinst put postgresql config in snort.conf :( -- Sander Smeenk Tue, 20 Aug 2002 11:11:35 +0200 snort (1.9.0beta4-2) unstable; urgency=low + Found nicer way of fixing #155893 (Closes: #155893) + Typo two typos in bugnumbers. Previous #153221 should be (Closes: #153211) Previous #156119 should be (Closes: #156199) Sorry for the mixups. It was late :/ + Fixed b0rking preinsts (Closes: #157085) -- Sander Smeenk Fri, 16 Aug 2002 00:03:41 +0200 snort (1.9.0beta4-1) unstable; urgency=low + Fixes world readable configuration file problem (Closes: #154977, #155484) + XML output should work in this release (Closes: #153845) + MIB's moved to /usr/share/snmp/mibs (Closes: #153221) + snort-stat now uses threshold (Closes: #147197) + SMTP rules have been disabled per default (Closes: #153817) + Fixed typo's in debconf screens (Closes: #154687) + 'Hacked around' the logfiles-not-group-readable problem (Closes: #155893) + Upload accepted (Closes: #156119) + Leftover bugs that have been fixed earlier (Closes: #134979) * Fixed but no-bugreports: + 'Initializing Plugins' log-message removed from src/plugbase.c + Rules have moved from /etc/snort to /etc/snort/rules/ + snort-{pg,my}sql now update the snort.conf file properly + stream4 evasion-detection disabled + more... -- Sander Smeenk Wed, 14 Aug 2002 22:00:24 +0200 snort (1.8.7-4) unstable; urgency=low + Typo in snort-stat, fixed. -- Sander Smeenk Sat, 03 Aug 2002 11:21:49 +0200 snort (1.8.7-3) unstable; urgency=low + snort-stat now shows hostname from where it's reporting. + ruleset tuning (Closes: #155084) + i see no rules with <- direction specifier, snort starts just the way it should with telnet.rules and backdoor.rules (Closes: #153400) + Specific major-version Build-Depends on libsnmp4.2-dev (Closes: #155163) -- Sander Smeenk Sat, 03 Aug 2002 01:34:49 +0200 snort (1.8.7-2) unstable; urgency=low + Fixed situations where snort got restarted by cronscript while being started in dialup-mode. Snort should support -HUP'ing. + Fixed typo in /etc/snort/snort.conf (Closes: #152840, #152671) + Fixed stupid snmpd.conf auto-addition, that was bad (Closes: #153074) + Each MTA supplies 'sendmail' and each system has 'MTA' (Closes: #151678) + Snort-pgsql has debconf 'help' on configuring a DB (Closes: #149661) + Fixed snort-mysql.config problem (Closes: #110952) + Multiple subnets problem fixed (Closes: #146861) * Maintainer Wipes Forehead. -- Sander Smeenk Thu, 11 Jul 2002 21:06:50 +0200 snort (1.8.7-1) unstable; urgency=low + NEW UPSTREAM! * No more local-{first,last} creation in preinst (Closes: #152184) * var EXTERNAL_NET !$HOME_NET in snort.conf (Closes: #152182) -- Sander Smeenk Mon, 8 Jul 2002 10:59:16 +0200 snort (1.8.6-6) unstable; urgency=low * Fixed serious log-rotation problem (Closes: #151922) * Fixed typo in rules file: --enable-snmp versus --with-snmp + Reported in private mail, no bugs to close. * New ruleset & config & classification (Closes: #152070) * Not a bug (Closes: #152068) -- Sander Smeenk Fri, 5 Jul 2002 23:23:09 +0200 snort (1.8.6-5) unstable; urgency=low * Fixed 5snort cronjob, thanks for the patches. + Closes: #151336, #151341, #151393, #151395 * Can't check this problem, it looks fixed to me. + Closes: #94709 * Cronjob has been reworked so it uses /var/log/snort/alert, also snort.conf has been configured to log to syslog by default. + Closes: #146680 * Debconf frontend now supports multiple addresses (ranges) in address_range question. + Closes: #66932 * Bug-submitter thinks this bug is fixes now. + Closes: #104074 * Weird unaligned traps on alpha are unconfirmed snort-related. Also, haven't heard anyone else about this. + Closes: #130675 * Fixed the debconf script's perl-regexp to support multiple subnet-definition seperated by commas + Closes: #146945 * Once more fixed /etc/snort/snort.conf _NOT_ to log to syslog, since that would stop logging to /var/log/snort/alert, and that would break the snort-stat cronjob, and more. -- Sander Smeenk Sun, 30 Jun 2002 00:29:26 +0200 snort (1.8.6-4) unstable; urgency=low + Fixed POSIX shell incompatibility (Closes: #150409) + Fixed Suggests instead of Recommends on snort-doc. (Closes: #150768, #150702) + Fixed RULE_PATH setting in snort.conf + Fixed syslog default log-type in snort.conf (Closes: #46680, #124169) + The cronjob in this release _tries_ syslogd-listfiles, and if that is not available defaults to /var/log/auth.log. (Closes: #120991) + Added section in README.Debian about FLEXRESP rules and snort-not-starting because of permission denied (Closes: #132577) + Fixed Subject: in body instead of headers (Closes: #132220, #145836) + Fixed 'misleading comments' in snort.conf (Closes: #145749) + The empty snort.conf problem was fixed in 1.8.6-1? (Closes: #144218) + This was fixed in an earlier release (Closes: #134792) + Applied patch against cronjob (Closes: #151229) + Package 'debianutils' is in base and required, so no dependancies are nescasary (Closes: #145837) + Subjectless email fixed (Closes: #145876) + Cronjob emails daily-alerts instead of weekly (Closes: #145901) + Looks fixed to me (Closes: #136220) + Thanks for the patches everyone!! Greatly appreciated! (Closes: #151257) -- Sander Smeenk Fri, 28 Jun 2002 11:22:13 +0200 snort (1.8.6-3) unstable; urgency=low * New Maintainer! Sander Smeenk + POSTGRESQL SUPPORT WHOO (Closes: #108348) -- Sander Smeenk Tue, 4 Jun 2002 21:28:15 +0200 snort (1.8.6-2) unstable; urgency=low * [debian/snort-rules-default.conffiles] Added missing entries. * [debian/rules] Honour DEB_BUILD_OPTIONS. * [debian/rules] Use a variable to hold configure options that are common to the variant packages. * [debian/rules] Use debhelper *.dirs . * [debian/*.doc-base] New. * Bumped Standards-Version. * Previous uploads fixed more bugs than noted. (Closes: #142508, #143294, #131948) * Enabled SNMP support. * Added Spanish translations to debconf templates. (Closes: #126725) * Changes above by JHM (thanks!) * Added a new snort_stat.pl (Closes: #143875, #131887, #143962) -- Robert van der Meulen Mon, 29 Apr 2002 13:03:24 +0200 snort (1.8.6-1) unstable; urgency=low * Sander Smeenk fixed: + Closes: #111533, #131047 * Changed snort.template and made a clear text about what HOME_NET is used for. I had to remove the de_DE and pt_BR translations though. + Closes: #134063 * The postinst now creates /etc/snort/snort.debian.conf if it doesn't exist by echoing a basic content into the file. Kinda ugly, but it works. + Closes: #132220, #134898, #136848, #139143, #139423 * These are all about snort-stat and empty daily emails. Reported against version 1.7-9, and it seems to be fixed now. + Closes: #109135, #117010 * Typo. Fixed. + Closes: #104447 * Ooooooh ns.somehost.tld is portscanning me! Add the nameservers to the DNS_SERVER value in snort.conf. Although I think this was fixed in 1.8.4beta2 + Closes: #116169 * I added 1 or 2 lines of short descriptive text to each package's description. It should be more clear now. + Closes: #67176, #130242, #133591, #79095, #102320 * These are left-over bugs. Fixed in earlier releases. + Closes: #128689, #131049 * Fixed the init.d script so that it doesn't say "already started" on errors. Snort returns 0(good) or 1(bad), not 2. + Closes: #143268 * The supplied patch didn't contain any valid patchable entries. The script has changed that much that I assume it has been fixed already. * Thanks, smeenk :) -- Robert van der Meulen Fri, 19 Apr 2002 16:21:35 +0200 snort (1.8.4beta1-2) unstable; urgency=low * Fixed 'Depends:' of 'snort' package to depend on new-style snort-common package. (Closes: #131730) * Marked some /etc/ files as conffiles (Closes: #132823) * Fixed build problems on some arches (Closes: #132912, #131741) * Fixed quoting error in virus.rules (Closes: #131947) * Fixed snort-common Replaces: line (Closes: #131701, #133106) * Removed snort.debian.conf from the package (Closes: #132517) * Fixed initscript to allow for multiple subnets (Closes: #125686) -- Robert van der Meulen Sun, 10 Feb 2002 16:11:55 +0100 snort (1.8.4beta1-1) unstable; urgency=low * New upstream release (Closes: #131517, #106093, #115955, #118270, #127564) * Moved config stuff to snort-common (Closes: #109862) * Fixed debconf instuctions for dialup (Closes: #113250) * Fixed snort-stat (Closes: #115873, #116964) * New upstream has icmp-info rules reordered (Closes: #111832) * Gave 'count' a bit more room in email reports (Closes: #102657) * Fixed snort cron script to not kill snort in dialup mode (Closes: #97950) * Fixed snort cron script to not send empty emails (Closes: #112100,#117079) * Fixed HOME_NET variable passing in init script (Closes: #117886) -- Robert van der Meulen Sun, 10 Feb 2002 15:41:40 +0100 snort (1.8p1-1) unstable; urgency=low * New upstream release * Depend on system-log-daemon|syslogd (Closes: #102511) * Fixed snort-stat empty log reports (Closes: #107515, #98944, #103542) * Fixed logfile pattern (Closes: #102787) -- Robert van der Meulen Tue, 14 Aug 2001 20:37:43 +0200 snort (1.7-9) unstable; urgency=low * Removed 'snort.debian.conf' from the 'conffiles' to avoid it being replaced. (Closes: #96950) * Fixed a lot of errors in the manpage. (Closes: #99873, #101868) * Removed '-s' option, and enabled logging to syslog in snort.conf. (Closes: #101873) * Fixed inconsequent ip-up.d and init.d behaviour (Closes: #101874) * Added pt_BR support (Closes: #93219) * Make snort stop before purging/removing. -- Robert van der Meulen Sun, 15 Jul 2001 14:04:35 +0200 snort (1.7-8) unstable; urgency=low * Have snort depend on system-log-daemon (Closes: #99203) * Changed package description (Closes: #99302) * Changed debconf 'extra options' question (Closes: #99303) -- Robert van der Meulen Sun, 17 Jun 2001 19:16:59 +0200 snort (1.7-7) unstable; urgency=low * Added a modified version of 'snort-stat', from Christian Hammers (Closes: #93739) * Changed '5snort' to do syslogd-listfiles --auth, to correctly list logfiles using the 'auth' facility. (Closes: #97467) * Modified crontab file to correctly keep /var/log/snort clean. (Closes: #97465, #97003) -- Robert van der Meulen Tue, 15 May 2001 20:40:03 +0200 snort (1.7-6) unstable; urgency=low * Added more paths in /etc/init.d/snort (Closes: #94651) * Removed non-US dependency on libssl096 (Closes: #92748) * Fixed old man-page synopsis bug (Closes: #90889) * Added 'please restart' notice for dialup users that upgrade(Closes: #90979). * Fixed 'snort.conf' indiscrepancy (comma-seperated versus whitespace-separated) (Closes: #93742) * Added '-d' option for startup (Closes: #78667) * Added snort FAQ (Closes: #91219) -- Robert van der Meulen Mon, 30 Apr 2001 01:34:25 +0200 snort (1.7-5) unstable; urgency=low * fixed no-pidfile bug when using dialup interfaces. (Closes: #89133) * forgot to close host-timeout bug (Closes: #87838) * Removed bashisms from cron script (Closes: #88596) * Fixed start-stop-daemon paths in init.d script (Closes: #88678) * Corrected multiple -i startup option typo (Closes: #89131) * Added mysql support (Closes: #89840) * Applied 'unaligned trap on alpha' patches from Paul Slootman (Closes: #85684, #81092) -- Robert van der Meulen Thu, 22 Mar 2001 22:40:51 +0100 snort (1.7-4) unstable; urgency=low * lets-fix-lots-of-bugs release * Fixed snort-stat: - output is now 79 chars wide. (Closes: #70649) - output written to tempfile first, to work around 'host' timing out sometimes. (Closes: #74937) * There is no 'WARNING' message on startup, anymore (Closes: #79289) * Fixed crontab script to reflect /var/log/portscan.log -> /var/log/snort/portscan.log change. (Closes: #85571) * Fixed syntax error in cron file (*shame*) (Closes: #85686) * added check for existence of /var/log/snort/portscan.log in cron file (Closes: #86596 ) * Fixed syslog dependency problem (syslogd|syslog-ng) (Closes: #85807) * Changed crontab file to allow for multiple auth.* files (Closes: #84183) * Snort doesn't crash on empty logfiles. (Closes: #85284 ) * Snort generates correct snort-stat messages on a dialup link now. (Closes: #82504) -- Robert van der Meulen Fri, 2 Mar 2001 23:32:40 +0100 snort (1.7-3) unstable; urgency=low * Fixed a couple of bugs in the startup scripts for dialup. Closes: #85201 * Made postinst modify /etc/snort/snort.debian.conf. Closes: #85156 * 'hardwired' /etc/ppp/ip-up.d/snort to use the PPP interface. Closes: #85218 * Fixed problem with multiple 'auth' logfiles. Closes: #84316 -- Robert van der Meulen Fri, 9 Feb 2001 23:47:19 +0100 snort (1.7-2) unstable; urgency=low * Fixed a small bug in the cron.daily script; snort.conf -> snort.debian.conf -- Robert van der Meulen Tue, 6 Feb 2001 23:47:31 +0100 snort (1.7-1) unstable; urgency=low * New upstream version. * New maintainer * Moved /etc/snort/snort-lib to /etc/snort/snort.conf /etc/snort/snort.conf was a script to set DEBIAN config variables, it now is the base rule file. /etc/snort/snort.debian.conf does the 'old' job. * modified startup parameters for 'new style' -- Robert van der Meulen Sun, 4 Feb 2001 23:31:02 +0100 snort (1.6.3a-5) unstable; urgency=low * Accidently typed "echo" instead of "kill" in init script. Closes: #84345 -- Christian Hammers Thu, 1 Feb 2001 11:05:16 +0100 snort (1.6.3a-4) unstable; urgency=low * Enhanced init.d script. Fixes problems with cron rotations. * Now depends on debhelper. Closes: #75462 * Added german translation for debconf menus. Closes: #83873 * Is no longer accidently a "native Debian" package. Closes: #82097 * Problem with libmysqlclient.so.9 fixed long ago. Closes: #74798, 74806 * Debconf should be work fine now. Closes: #59726, #70711 * Adopted new homepage URL. Closes: #69805 * Problem no longer reproducable. Closes: #67732, #67734 * Added dependency to the virtual package "syslogd". Closes: #84183 -- Christian Hammers Wed, 31 Jan 2001 00:38:22 +0100 snort (1.6.3a-3) unstable; urgency=low * Changed the "interface" debconf question to medium. Closes: #80996 -- Christian Hammers Wed, 31 Jan 2001 00:10:01 +0100 snort (1.6.3a-2) testing unstable; urgency=low * Ok, forgot the ">/dev/null" after a savelog cron command... -- Christian Hammers Sun, 31 Dec 2000 01:11:37 +0100 snort (1.6.3a-1) testing unstable; urgency=low * This is still 1.6.3! Somehow the .orig.tar.gz got renamed so I have to make a new -1 upload. * Added rotation of /var/log/portscan.log. Closes: #80864 -- Christian Hammers Sat, 30 Dec 2000 17:52:58 +0100 snort (1.6.3-8) unstable; urgency=low * writed more good english in debconf template. Closes: #78367 * Adjusted debconf question for email recipient to "medium". -- Christian Hammers Fri, 1 Dec 2000 20:01:38 +0100 snort (1.6.3-7) unstable; urgency=low * Recompiled against new kernel to handle pppeo. (requested by jeffml@pobox.com) -- Christian Hammers Sun, 26 Nov 2000 14:55:25 +0100 snort (1.6.3-6) unstable; urgency=low * Added debhelper to build depends. Closes #75462 -- Christian Hammers Wed, 25 Oct 2000 10:51:23 +0200 snort (1.6.3-5) unstable; urgency=medium * Recompiled against libmysqlclient10. -- Christian Hammers Tue, 17 Oct 2000 11:00:11 +0200 snort (1.6.3-4) unstable; urgency=low * Added dependencies to adduser >= 3.11. Closes: #69425 -- Christian Hammers Sun, 20 Aug 2000 08:53:50 +0200 snort (1.6.3-3) unstable; urgency=low * Made postinst/preinst idempotent. Closes: 67732, 67734 -- Christian Hammers Sun, 20 Aug 2000 08:53:37 +0200 snort (1.6.3-2) unstable; urgency=low * Disabled defrag-preprocessor due to upstream bugs. -- Christian Hammers Mon, 24 Jul 2000 17:21:18 +0200 snort (1.6.3-1) unstable; urgency=low * New upstream release. * Now chrooted to /var/log/snort and running as snort:snort! * More scan detections added. * Applied fixed from Ian Zimmerman. Thanks. Closes: #66057 -- Christian Hammers Sun, 23 Jul 2000 14:11:50 +0200 snort (1.6.2.2-1) unstable; urgency=low * New upstream release 1.6.2.2. Minor patches. -- Christian Hammers Sun, 9 Jul 2000 23:21:16 +0200 snort (1.6.1-1) unstable; urgency=low * Many new scans for known vulnerabilities included! -- Christian Hammers Sat, 8 Jul 2000 17:06:47 +0200 snort (1.6-1) unstable; urgency=low * New upstream major release. -- Christian Hammers Tue, 4 Jul 2000 18:40:34 +0200 snort (1.5.1-12) unstable; urgency=low * Removed warning for port 53 source port traffic because old BINDs generated them. Closes: #65107 -- Christian Hammers Tue, 6 Jun 2000 19:07:06 +0200 snort (1.5.1-11) frozen unstable; urgency=low * Package could not be build on powerpc because there were some obsolete AM_PROG_INSTALL (now AC_PROG_INSTALL) statements in aclocal.m4. Closes: #57916 * Improved documentation about reading the tcpdump-style binary log file. Closes: #57789 -- Christian Hammers Sun, 13 Feb 2000 18:23:58 +0100 snort (1.5.1-10) frozen unstable; urgency=low * Make sure that snort's cron.daily script gets renamed to the new name in snort.preinst so that it won't be called twice. -- Christian Hammers Wed, 9 Feb 2000 12:37:53 +0100 snort (1.5.1-9) frozen unstable; urgency=low * Argh! Forgot to remove a malicious line in cron.daily. Closes: #57611 -- Christian Hammers Wed, 9 Feb 2000 11:10:53 +0100 snort (1.5.1-8) frozen unstable; urgency=low * Added "exit 0" to cron.daily script. -- Christian Hammers Sat, 5 Feb 2000 16:07:05 +0100 snort (1.5.1-7) frozen unstable; urgency=low * Applied upstream patch to get binary mode working. Now this is really 1.5.1 and not 1.5patch1, btw. * switched logging to tcpdump compatible binary mode so that snort is usable on 100MBit networks. Closes: #55949 * fixed daily report of the weekly rotated auth.log. Closes: #56476 * cron job restarts snort correctly. Closes: #56608 * postinst should start snort only if $startup=="boot". * sanified snort.config (thank to Mario Holbe, again) * removed debconf-bug compatibility. Closes: #54990 -- Christian Hammers Sat, 29 Jan 2000 17:57:34 +0100 snort (1.5.1-5) frozen unstable; urgency=low * User may only enter one interface and no comma seperated list that confuses the postscript, too. Closes: #55567 * Explained a debconf question. Closes: #55568 * Fixed email address in copyright. * uncommented all backdoor-lib rules that do only whatch for a port >=1024, ignoring the content since they produce too much false-positives. (as requested by chirik@castlefur.com) * Added a note that this isn't actually 1.5.1 but 1.5patch1. * Included "real" manpage that upstream author wrote. -- Christian Hammers Sat, 22 Jan 2000 15:30:32 +0100 snort (1.5.1-4) frozen unstable; urgency=low * Workaroung for debconf bug (#55317). * Do not ask user for IP range when using dialup-mode. (They normally wouldn't know!) * -- Christian Hammers Sat, 22 Jan 2000 15:00:25 +0100 snort (1.5.1-3) frozen unstable; urgency=medium * Fixed cron script. Closes: #54553 * The following was done by --- Mario Holbe --- thanks again! * Fixed quoting of metacharacters in postinst. Closes: #54984 * replaced the snort.options thingy by a sh-based snort.conf - removed it from snort-lib - changed the README.Maintainer comment - changed rule for it - created snort.conf with slightly beautified variables * modified ip-down.d to work with new snort.conf * modified ip-up.d to work with new snort.conf * modified snort.init.d to work with new snort.conf Closes: #54553 - this closes some bugs in 1.5.1-2, which i've not submitted :-) * modified snort-stat to work with new snort.conf Closes: #54555 * modified snort.cron.daily to work with new snort.conf/snort-stat * added new snort/stats_treshold to snort.templates * modified snort.config to work with new config variable * modified snort.postinst to work with new snort.conf * modified snort.postrm to remove snort.conf if purge * all over all: did some beauifying :) -- Christian Hammers Fri, 14 Jan 2000 21:09:42 +0100 snort (1.5.1-2) unstable; urgency=low * I was diligently and added five more debconf options :) Closing: #54227 - receipient of the daily statistic mail - start at boot/ip-up/manual - interface - promiscuous mode - reverse order * Enhanced the snort-stat script with help from Mario Holbe. Closes: #54369 -- Christian Hammers Fri, 14 Jan 2000 21:09:36 +0100 snort (1.5.1-1) unstable; urgency=low * Fixed cron script with the new logging method. Closes: #54226, #54275 * Applied upstream patch1 and one from the mailing list. Closes: #54225, #54224 * Added README.Debian with a small FAQ. * Changed configuration and added a /etc/snort/snort.options file. -- Christian Hammers Tue, 11 Jan 2000 22:56:33 +0100 snort (1.5-2) unstable; urgency=low * Fixed typo. Closes: #54269 -- Christian Hammers Sun, 9 Jan 2000 18:58:45 +0100 snort (1.5-1) unstable; urgency=low * New upstream release. Features speed burst and modularization of the rules file. * Now using syslog facility to log to /var/log/auth.log. (Details are still available in /var/log/snort/) * Daily generation of scan statistic via cron script. -- Christian Hammers Sun, 9 Jan 2000 18:58:39 +0100 snort (1.3.1-8) unstable; urgency=low * Sorry, future timestamps in package. Closes: #51848 (too much Y2K testing, I guess) -- Christian Hammers Sun, 5 Dec 1999 16:49:56 +0100 snort (1.3.1-7) unstable; urgency=medium * Changed prio to high since it's an grave bug that was closed. * Closes: #51130 -- Christian Hammers Tue, 15 Feb 2000 00:34:59 +0100 snort (1.3.1-6) unstable; urgency=medium * Snort stalles after installation due to debconf misuse. * Closes: #51130 -- Christian Hammers Wed, 24 Nov 1999 00:29:39 +0100 snort (1.3.1-5) unstable; urgency=low * Added debconf support to enter address range. -- Christian Hammers Mon, 22 Nov 1999 20:13:41 +0100 snort (1.3.1-4) unstable; urgency=low * Extended archiving of log files. Closes: #50176 -- Christian Hammers Mon, 22 Nov 1999 00:56:38 +0100 snort (1.3.1-3) unstable; urgency=low * Registered cron script as config file. Closes: #48391 -- Christian Hammers Wed, 27 Oct 1999 18:36:06 +0200 snort (1.3.1-2) unstable; urgency=low * Added the non-promiscuous flag (-p) to the man-page. -- Christian Hammers Sun, 24 Oct 1999 18:52:20 +0200 snort (1.3.1-1) unstable; urgency=low * New upstream version. * Many bugfixes. -- Christian Hammers Thu, 14 Oct 1999 00:20:35 +0200 snort (1.2.1-3) unstable; urgency=low * Included the LISA'99 Conference paper as documentation. * FHS compliant. * Improved /etc/cron.daily script. Fixes: #44568. -- Christian Hammers Fri, 10 Sep 1999 01:55:22 +0200 snort (1.2.1-2) unstable; urgency=low * Added a nice manpage (thanks to Peter T. Breuer). Closes #44127. -- Christian Hammers Tue, 7 Sep 1999 17:15:51 +0200 snort (1.2.1-1) unstable; urgency=low * New upstream release with fixes and speed improvement. (fixes: #43049) -- Christian Hammers Mon, 30 Aug 1999 21:15:10 +0200 snort (1.2-2) unstable; urgency=low * Made cron.daily a bit quieter. (fixes: #43049) -- Christian Hammers Mon, 16 Aug 1999 23:05:16 +0200 snort (1.2-1) unstable; urgency=low * New upstream version with great performance improve. -- Christian Hammers Mon, 2 Aug 1999 20:37:09 +0200 snort (1.1-2) unstable; urgency=low * Made better default IP in config file and fixed typo. -- Christian Hammers Tue, 13 Jul 1999 00:02:48 +0200 snort (1.1-1) unstable; urgency=low * Initial Release. -- Christian Hammers Mon, 12 Jul 1999 21:30:57 +0200 Local variables: mode: debian-changelog End: