| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
Buildlink files: RECOMMENDED version changed to current version.
|
|
Changes:
2.1.0:
======
- A new connection tracking module, Flow (replaces conversation)
- A new portscan detector based off of Flow, Flow-Portscan (replaces
portscan2)
- A new http preprocessor, HttpInspect (replaces http_decode)
- Alert Thresholding and Suppression
- PCRE rule keyword (Perl Compat Regular Expressions)
- isdataat rule keyword (buffer length detection)
- A ton of new and updated rules.
2.0.6:
======
- 64-bit update for detection engine. (Thanks, Silio d'Angelo)
- Added better PPP decoding. (Thanks Jesper Peterson)
- Updated ip_proto optimization for high-speed detection engine.
- Fixed infinite loop problem that was introduced by the recursive pattern
matching patch. Reported by Lawrence Reed, thanks for testing out the
changes for us!
- Various changes to help respond (version 1) work a little better.
- spp_http_decode 64-bit patch from Dirk Mueller.
- Out-of-order ACK problem from Andrew Rucker. Also, updated stream4 to the
most recent version from HEAD.
- Minor fixes to tagging related to 'src' and 'dst' directives
- When counting one byte patterns in 'ningroup' added a check for
psLen==1 (wu-manber pattern matcher). Thanks Josh Sakofsky and Dennis
McGuire for helping us test this.
2.0.5:
======
- Stream4 fixes from Andrew Rucker Jones.
- Allow memcap to be configured for threshold features.
2.0.4:
======
- Fixed a core dump introduced with 2.0.3 when dealing with negated patterns
2.0.3:
======
- doe_ptr handling in byte_test/byte_jump slightly modified to work
better with the pcre patch
- content processing is now recursive to make distance/within processing
better ( thanks to Shai Rubin for patch! )
- fixed a bug in the mwm.c pattern matcher that resulted in some alerts
not firing in a particular configuration of rules
2.0.2:
======
- Added Thresholding and Suppression features (Marc Norton/Sourcefire)
- Fixed TCP RST processing bug found (Shai Rubin)
- Cleanup of spp_arpspoof (Jeff Nathan)
- Cleanup of win32 version including proper Event Log support (Chris Reid)
- Munged data fixes for stream4 (Chris Green)
|
|
|
|
before but apparently i did not :/)
|
|
|
|
This version fixes the buffer overflow issue noted in:
http://www.kb.cert.org/vuls/id/916785
Changes:
- follow PKG_SYSCONFDIR
- added rc.d script
- create own user and group
- added MESSAGE with post-install instructions
- removed DEINSTALL
- minor cleanups (this package was really half-baked..)
1.9.1:
======
- src/preprocessors/spp_rpc_decode.c (PreprocRpcDecode):
- alignment errors on non-x86 platforms
- added new space delimited options
alert_fragments
no_alert_multiple_requests
no_alert_large_fragments
no_alert_incomplete
- corrected buffer overflow in fragment normalization
- src/snort.c
- Win32 '-s' parameter wasn't configured to accept an optarg,
but code expected one, causing null-pointer violation.
- Backport of 2.0 fixes for stream4 ( off by one errors on reassembly )
|
|
|
|
version 7.2.3 and 7.3.1 of databases/postgresql-lib.
|
|
|
|
Add a missing CONFLICT on the new snort-mysql package.
|
|
|
|
|
|
uses a PostgreSQL backend.
|
