Bug#959150: [Pkg-clamav-devel] Bug#959150: Add support for Prelude
On 2021-03-06 11:44:35 [+0100], Thomas Andrejak wrote: > Hello Sebastian, Hi, > The new libprelude is in debian testing as you can see here : > https://tracker.debian.org/pkg/libprelude > > Is it possible to re-work on this issue ? So yes I am still alive but somehow didn't deal with this, sorry. I intend to look at it post Bullseye. My only concern was the licensing issue and libprelude is LGPLv2 or did something change here? > Thanks > > Regards > > Thomas Sebastian
Bug#959150: Add support for Prelude
Hello Sebastian, The new libprelude is in debian testing as you can see here : https://tracker.debian.org/pkg/libprelude Is it possible to re-work on this issue ? Thanks Regards Thomas Le ven. 17 juil. 2020 à 00:06, Sebastian Andrzej Siewior a écrit : > On 2020-07-12 15:12:12 [+0200], Thomas Andrejak wrote: > > Yes, the 5.1 version is under GPLv2 but next version that will be release > > shortly is under LGPLv2 > > > https://www.prelude-siem.org/projects/libprelude/repository/revisions/55f478f4ae5aa8b30372e7a0e3cf20ebe52df889 > > > > So if I well understand, it will be OK with this new version ? > > > > Is that the only issue that block the packaging for you ? > > I don't know if the OpenSSL license is compatible with LGPLv2, I will > have to double check once it gets to it. I ping would be nice once the > library in Debian. > From browsing over the issue, libircclient is LGPLv2 and not linked > against OpenSSL. > > Aside from that I don't see any other issue. > > > Regards > > Sebastian >
Bug#959150: Add support for Prelude
On 2020-07-12 15:12:12 [+0200], Thomas Andrejak wrote: > Yes, the 5.1 version is under GPLv2 but next version that will be release > shortly is under LGPLv2 > https://www.prelude-siem.org/projects/libprelude/repository/revisions/55f478f4ae5aa8b30372e7a0e3cf20ebe52df889 > > So if I well understand, it will be OK with this new version ? > > Is that the only issue that block the packaging for you ? I don't know if the OpenSSL license is compatible with LGPLv2, I will have to double check once it gets to it. I ping would be nice once the library in Debian. >From browsing over the issue, libircclient is LGPLv2 and not linked against OpenSSL. Aside from that I don't see any other issue. > Regards Sebastian
Bug#959150: Add support for Prelude
Hello Thanks for the reply. Yes, the 5.1 version is under GPLv2 but next version that will be release shortly is under LGPLv2 https://www.prelude-siem.org/projects/libprelude/repository/revisions/55f478f4ae5aa8b30372e7a0e3cf20ebe52df889 So if I well understand, it will be OK with this new version ? Is that the only issue that block the packaging for you ? Regards Le sam. 11 juil. 2020 à 12:32, Sebastian Andrzej Siewior a écrit : > On 2020-07-07 00:24:18 [+0200], To Thomas Andrejak wrote: > > On 2020-07-06 11:19:21 [+0200], Thomas Andrejak wrote: > > > How can I help you to go forward on this ? > > > > > > Enabling prelude support should be easy > > > > Let me try look at this this week. > > So enabling prelude at build time will pull in the libprelude package. > Runtime wise it does nothing unless enabled in the config file. Doesn't > look too bad. > The libprelude seems to be under GPLv2 (there parts of the library under > LGPLv2+ but my understanding is that there are parts of the library under > GPL). There is no OpenSSL license exception and my understanding is that > we need this even for dependencies. See also #924937 where this > currently discussed for other packages. I don't see that I can enable it > at this time. > There is an upcoming OpenSSL 3.0 is under the Apache-2 license which > still doesn't work unless the license is v2 or later. The alternative > would be an OpenSSL license exception. Upstream seem to have moved from > OpenSSL to GnuTLS due to license issues instead of granting an excpetion > and be done with it. See > https://www.prelude-siem.org/issues/19 > > > > Regards > > > > > > Thomas > > Sebastian >
Bug#959150: Add support for Prelude
On 2020-07-07 00:24:18 [+0200], To Thomas Andrejak wrote: > On 2020-07-06 11:19:21 [+0200], Thomas Andrejak wrote: > > How can I help you to go forward on this ? > > > > Enabling prelude support should be easy > > Let me try look at this this week. So enabling prelude at build time will pull in the libprelude package. Runtime wise it does nothing unless enabled in the config file. Doesn't look too bad. The libprelude seems to be under GPLv2 (there parts of the library under LGPLv2+ but my understanding is that there are parts of the library under GPL). There is no OpenSSL license exception and my understanding is that we need this even for dependencies. See also #924937 where this currently discussed for other packages. I don't see that I can enable it at this time. There is an upcoming OpenSSL 3.0 is under the Apache-2 license which still doesn't work unless the license is v2 or later. The alternative would be an OpenSSL license exception. Upstream seem to have moved from OpenSSL to GnuTLS due to license issues instead of granting an excpetion and be done with it. See https://www.prelude-siem.org/issues/19 > > Regards > > > > Thomas Sebastian
Bug#959150: [Pkg-clamav-devel] Bug#959150: Bug#959150: Add support for Prelude
On 2020-07-06 11:19:21 [+0200], Thomas Andrejak wrote: > How can I help you to go forward on this ? > > Enabling prelude support should be easy Let me try look at this this week. > Regards > > Thomas Sebastian
Bug#959150: [Pkg-clamav-devel] Bug#959150: Add support for Prelude
Hello How can I help you to go forward on this ? Enabling prelude support should be easy Regards Thomas Le jeu. 30 avr. 2020 à 09:09, Thomas Andrejak a écrit : > Hello > > Thanks for your reply. > > The performance you pointed out is about the database inserts, not the > libprelude used by ClamAV. So, for an security tool, there is no > performance issue. For a Prelude end user, if he gets too many alerts per > seconds, there are mechanisms to filter this and do not fall into > performance issues. > > For your information, Suricata already enable prelude support in it's > packages and there is no issue. > > Regards > > On Wed, 29 Apr 2020 23:31:34 + Scott Kitterman > wrote: > > According to the prelude web site: > > > > Prelude OSS is the open source edition of Prelude SIEM . Prelude OSS is > aimed for evaluation, research and test purpose on very small environments. > Please note that Prelude OSS performances are way lower than the Prelude > SIEM edition. > > > > > What testing have you done to determine the performance implications of > the proposed change? > > > > Scott K > > > > On April 29, 2020 11:15:43 PM UTC, Thomas Andrejak < > thomas.andre...@gmail.com> wrote: > > >Package: clamav > > > > > >Version: 0.102.2 > > > > > >Please enable Prelude support: > > > > > >* d/control: Add libprelude-dev Build-Depends > > > > > >* d/rule: Add --enable-prelude to the ./configure > > > > > >Thanks > > > > > >Regards > > > > > >Thomas > > > > >
Bug#959150: [Pkg-clamav-devel] Bug#959150: Add support for Prelude
Hello Thanks for your reply. The performance you pointed out is about the database inserts, not the libprelude used by ClamAV. So, for an security tool, there is no performance issue. For a Prelude end user, if he gets too many alerts per seconds, there are mechanisms to filter this and do not fall into performance issues. For your information, Suricata already enable prelude support in it's packages and there is no issue. Regards On Wed, 29 Apr 2020 23:31:34 + Scott Kitterman wrote: > According to the prelude web site: > > Prelude OSS is the open source edition of Prelude SIEM . Prelude OSS is aimed for evaluation, research and test purpose on very small environments. Please note that Prelude OSS performances are way lower than the Prelude SIEM edition. > > What testing have you done to determine the performance implications of the proposed change? > > Scott K > > On April 29, 2020 11:15:43 PM UTC, Thomas Andrejak < thomas.andre...@gmail.com> wrote: > >Package: clamav > > > >Version: 0.102.2 > > > >Please enable Prelude support: > > > >* d/control: Add libprelude-dev Build-Depends > > > >* d/rule: Add --enable-prelude to the ./configure > > > >Thanks > > > >Regards > > > >Thomas > >
Bug#959150: [Pkg-clamav-devel] Bug#959150: Add support for Prelude
According to the prelude web site: Prelude OSS is the open source edition of Prelude SIEM . Prelude OSS is aimed for evaluation, research and test purpose on very small environments. Please note that Prelude OSS performances are way lower than the Prelude SIEM edition. What testing have you done to determine the performance implications of the proposed change? Scott K On April 29, 2020 11:15:43 PM UTC, Thomas Andrejak wrote: >Package: clamav > >Version: 0.102.2 > >Please enable Prelude support: > >* d/control: Add libprelude-dev Build-Depends > >* d/rule: Add --enable-prelude to the ./configure > >Thanks > >Regards > >Thomas
Bug#959150: Add support for Prelude
Package: clamav Version: 0.102.2 Please enable Prelude support: * d/control: Add libprelude-dev Build-Depends * d/rule: Add --enable-prelude to the ./configure Thanks Regards Thomas