Fedora 11: snort Security Update

    Date24 Nov 2009
    CategoryFedora
    56
    Posted ByLinuxSecurity Advisories
    Update to 2.8.5.1 which includes a fix for CVE-2009-3641 DoS (crash) while printing specially-crafted IPv6 packet using the -v option
    --------------------------------------------------------------------------------
    Fedora Update Notification
    FEDORA-2009-10783
    2009-10-27 05:01:41
    --------------------------------------------------------------------------------
    
    Name        : snort
    Product     : Fedora 11
    Version     : 2.8.5.1
    Release     : 1.fc11
    URL         : http://www.snort.org
    Summary     : Intrusion detection system
    Description :
    Snort is a libpcap-based packet sniffer/logger which
    can be used as a lightweight network intrusion detection system.
    It features rules based logging and can perform protocol analysis,
    content searching/matching and can be used to detect a variety of
    attacks and probes, such as buffer overflows, stealth port scans,
    CGI attacks, SMB probes, OS fingerprinting attempts, and much more.
    Snort has a real-time alerting capabilty, with alerts being sent to syslog,
    a separate "alert" file, or as a WinPopup message via Samba's smbclient
    
    Edit /etc/snort.conf to configure snort and use snort.d to start snort
    
    This rpm is different from previous rpms and while it will not clobber
    your current snortd file, you will need to modify it.
    
    There are 9 different packages available
    
    All of them require the base snort rpm.  Additionally, you will need
    to chose a binary to install.
    
    /usr/sbin/snort should end up being a symlink to a binary in one of
    the following configurations:
    
    plain      plain+flexresp
    mysql      mysql+flexresp
    postgresql postgresql+flexresp
    snmp       snmp+flexresp
    bloat      mysql+postgresql+flexresp+snmp
    
    Please see the documentation in /usr/share/doc/snort-2.8.5.1
    
    There are no rules in this package  the license  they are released under forbids
    us from repackaging them  and redistributing them.
    
    --------------------------------------------------------------------------------
    Update Information:
    
    Update to 2.8.5.1 which includes a fix for CVE-2009-3641 DoS (crash) while
    printing specially-crafted IPv6 packet using the -v option
    --------------------------------------------------------------------------------
    ChangeLog:
    
    * Sun Oct 25 2009 Dennis Gilmore  - 2.8.5.1-1
    - update for CVE-2009-3641
    * Sun Jul 26 2009 Fedora Release Engineering  - 2.8.3.2-4
    - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
    * Sun Apr 19 2009 Robert Scheck  - 2.8.3.2-3
    - Build require package libnet10-devel rather libnet10
    --------------------------------------------------------------------------------
    References:
    
      [ 1 ] Bug #530863 - CVE-2009-3641 Snort: DoS (crash) while printing specially-crafted IPv6 packet using the -v option
            https://bugzilla.redhat.com/show_bug.cgi?id=530863
    --------------------------------------------------------------------------------
    
    This update can be installed with the "yum" update program.  Use 
    su -c 'yum update snort' at the command line.
    For more information, refer to "Managing Software with yum",
    available at http://docs.fedoraproject.org/yum/.
    
    All packages are signed with the Fedora Project GPG key.  More details on the
    GPG keys used by the Fedora Project can be found at
    http://fedoraproject.org/keys
    --------------------------------------------------------------------------------
    
    _______________________________________________
    Fedora-package-announce mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://www.redhat.com/mailman/listinfo/fedora-package-announce
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"5","type":"x","order":"1","pct":55.56,"resources":[]},{"id":"88","title":"Should be more technical","votes":"3","type":"x","order":"2","pct":33.33,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"1","type":"x","order":"3","pct":11.11,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.