Date: Thu, 17 Apr 2003 14:45:03 -0700 (PDT) From: Kris Kennaway <kris@FreeBSD.org> To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/security/snort Makefile distinfo pkg-plist ports/security/snort/files patch-snort.c Message-ID: <200304172145.h3HLj3qt072670@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
kris 2003/04/17 14:45:03 PDT
FreeBSD ports repository
Modified files:
security/snort Makefile distinfo pkg-plist
security/snort/files patch-snort.c
Log:
Update to snort 2.0.0. This fixes a security vulnerability:
The Sourcefire Vulnerability Research Team has learned of an integer
overflow in the Snort stream4 preprocessor used by the Sourcefire
Network Sensor product line. The Snort stream4 preprocessor
(spp_stream4) incorrectly calculates segment size parameters during
stream reassembly for certain sequence number ranges which can lead to
an integer overflow that can be expanded to a heap overflow.
PR: 51106
Submitted by: Sergey A. Osokin <osa@FreeBSD.org.ru>
Revision Changes Path
1.34 +2 -2 ports/security/snort/Makefile
1.19 +1 -1 ports/security/snort/distinfo
1.4 +7 -32 ports/security/snort/files/patch-snort.c
1.10 +0 -2 ports/security/snort/pkg-plist
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200304172145.h3HLj3qt072670>