-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2008-5045 2008-06-06 04:13:28 --------------------------------------------------------------------------------
Name : snort Product : Fedora 7 Version : 2.8.1 Release : 3.fc7 URL : http://www.snort.org Summary : Intrusion detection system Description : Snort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system. It features rules based logging and can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort has a real-time alerting capabilty, with alerts being sent to syslog, a separate "alert" file, or as a WinPopup message via Samba's smbclient Edit /etc/snort.conf to configure snort and use snort.d to start snort This rpm is different from previous rpms and while it will not clobber your current snortd file, you will need to modify it. There are 9 different packages available All of them require the base snort rpm. Additionally, you will need to chose a binary to install. /usr/sbin/snort should end up being a symlink to a binary in one of the following configurations: plain plain+flexresp mysql mysql+flexresp postgresql postgresql+flexresp snmp snmp+flexresp bloat mysql+postgresql+flexresp+snmp Please see the documentation in /usr/share/doc/snort-2.8.1 There are no rules in this package the license they are released under forbids us from repackaging them and redistributing them. -------------------------------------------------------------------------------- Update Information: Fix for CVE-2008-1804 -------------------------------------------------------------------------------- ChangeLog: * Thu May 15 2008 Dennis Gilmore <[EMAIL PROTECTED]> - 2.8.1-3 - make rules dir * Thu May 15 2008 Dennis Gilmore <[EMAIL PROTECTED]> - 2.8.1-2 - fix character encodings * Fri Apr 25 2008 Steve Grubb <[EMAIL PROTECTED]> - 2.8.1-1 - update to 2.8.1 * Mon Feb 18 2008 Fedora Release Engineering <[EMAIL PROTECTED]> - 2.7.0.1-6 - Autorebuild for GCC 4.3 * Sat Nov 17 2007 Dennis Gilmore <[EMAIL PROTECTED]> - 2.7.0.1-5 - fix install command for /etc/sysconfig/snort * Sat Nov 17 2007 Dennis Gilmore <[EMAIL PROTECTED]> - 2.7.0.1-4 - fix paths for alternatives binaries are in %{_sbindir} not %{_bindir} - move the interfaces definition out of the init script and into /etc/sysconfig/snort * Fri Aug 31 2007 Dennis Gilmore <[EMAIL PROTECTED]> - 2.7.0.1-3 - fix for glibc open * Fri Aug 31 2007 Dennis Gilmore <[EMAIL PROTECTED]> - 2.7.0.1-2 - fix detection of mysql and libnet10 * Mon Aug 27 2007 Dennis Gilmore <[EMAIL PROTECTED]> - 2.7.0.1-1 - update to 2.7.0.1 * Thu Jun 14 2007 Dennis Gilmore <[EMAIL PROTECTED]> - 2.6.1.4-2 - remove the release conditionals * Sun May 6 2007 Dennis Gilmore <[EMAIL PROTECTED]> - 2.6.1.4-1 - update to 2.6.1.4 - use alternatives -------------------------------------------------------------------------------- References: [ 1 ] Bug #447870 - CVE-2008-1804 snort: IP Fragment TTL Evasion Vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=447870 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update snort' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce