Update to 2.7.0.1

Fixed header files to avoid conflicts with system files on BSD for
IPv6 data structures.
Added code to prevent URI-related alerts from firing when the
body is being normalized.
Make Stream5 the default stream engine.
Add alert for multiple GRE encapsulations.
Added ability for Snort to track fragmented ICMPv6 to check for the
remote BSD exploit (Bugtraq ID 22901, CVE-2007-1365).
Code cleanup, change malloc/calloc to SnortAlloc, use safer functions
SnortSnprintf, SnortStrncpy, etc.  Check pointers before use.
Additional updates for bounds checking.

And many more . . . check the ChangeLog for all the details

3 files changed, 18 insertions, 17 deletions

diff --git a/net/snort/Makefile b/net/snort/Makefile
index fba1d37bc97..74b120df007 100644
--- a/net/snort/Makefile
+++ b/net/snort/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.31 2007/07/04 20:54:52 jlam Exp $
+# $NetBSD: Makefile,v 1.32 2007/08/20 20:28:18 adrianp Exp $
 #
 
-DISTNAME=		snort-2.6.1.5
+DISTNAME=		snort-2.7.0.1
 CATEGORIES=		net security
 MASTER_SITES=		http://www.snort.org/dl/current/
 
diff --git a/net/snort/distinfo b/net/snort/distinfo
index 9c9d5bdba0d..830065101a4 100644
--- a/net/snort/distinfo
+++ b/net/snort/distinfo
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.39 2007/05/18 22:20:10 adrianp Exp $
+$NetBSD: distinfo,v 1.40 2007/08/20 20:28:18 adrianp Exp $
 
-SHA1 (snort-2.6.1.5.tar.gz) = 14e65990f70dab4e740e0b8116c671364d3ca8c4
-RMD160 (snort-2.6.1.5.tar.gz) = 2a21bf1dfef13e4e73c575d43f57eb57ec6b0120
-Size (snort-2.6.1.5.tar.gz) = 3725149 bytes
-SHA1 (patch-aa) = e5562b4f6e268afea81c19ba5d685d8cdfdc3405
+SHA1 (snort-2.7.0.1.tar.gz) = 9b751a73c611126c32e2dccd0a0e99aaff4e9653
+RMD160 (snort-2.7.0.1.tar.gz) = c88b71231bfa65e2c1eabd8931f4d6121e92a26a
+Size (snort-2.7.0.1.tar.gz) = 3905846 bytes
+SHA1 (patch-aa) = 978f49b2c297305330f0a1c8b9224dab702078bb
 SHA1 (patch-ab) = 0ea7deb91de5d3d68558a30e80dcbd8bd81f8a5e
 SHA1 (patch-ac) = 6cdf26fcaeb8dad9cd9562b77377bd56b49c9f38
 SHA1 (patch-ad) = d4bf1dee02af1f1730263a78a868bbdae5d8846d
diff --git a/net/snort/patches/patch-aa b/net/snort/patches/patch-aa
index e4d7136db1b..eaf713ae824 100644
--- a/net/snort/patches/patch-aa
+++ b/net/snort/patches/patch-aa
@@ -1,35 +1,36 @@
-$NetBSD: patch-aa,v 1.14 2007/05/18 22:20:10 adrianp Exp $
+$NetBSD: patch-aa,v 1.15 2007/08/20 20:28:18 adrianp Exp $
 
---- src/snort.c.orig	2007-03-15 18:58:28.000000000 +0000
+--- src/snort.c.orig	2007-07-26 21:07:18.000000000 +0100
 +++ src/snort.c
-@@ -148,7 +148,6 @@ extern OutputFuncNode *LogList;
+@@ -150,7 +150,6 @@ extern OutputFuncNode *LogList;
  long start_time;    /* tracks how many seconds snort actually ran */
  #endif
  
 -extern int errno;
- /*extern char *malloc_options;*/
  
  /* exported variables *********************************************************/
-@@ -2590,6 +2589,18 @@ int SetPktProcessor()
+ u_int8_t runMode = 0;   /* snort run mode */
+@@ -2656,7 +2655,18 @@ int SetPktProcessor(void)
+             grinder = DecodeSlipPkt;
  
              break;
- 
+-
 +#if defined(__NetBSD__)
 +#  if defined(__NetBSD_Version__)
 +#    if (__NetBSD_Version__ >= 105000000)
-+	case DLT_PPP_ETHER:          /* PPP over Ethernet */
++       case DLT_PPP_ETHER:          /* PPP over Ethernet */
 +
 +#    else
-+	/* no DLT_PPP_* on <1.5 */
++       /* no DLT_PPP_* on <1.5 */
 +#    endif /* >= NetBSD 1.5 */
 +#  else
-+	/* no __NetBSD_Version__ on <1.4 */
++       /* no __NetBSD_Version__ on <1.4 */
 +#  endif /* __NetBSD_Version__ */
 +#endif /* NetBSD */
          case DLT_PPP:                /* point-to-point protocol */
              if(!pv.readmode_flag)
              {
-@@ -3116,7 +3127,7 @@ static char *ConfigFileSearch()
+@@ -3210,7 +3220,7 @@ static char *ConfigFileSearch()
  {
      struct stat st;
      int i;