> > On Tue, Mar 11, 2003 at 06:53:48PM +0900, Hideki Yamane wrote:
> > >
> > > >This was added to the SANS Advisory on Sendmail last week.
> > > >I have not seen any news nor postings related to Snort with
> > > >Debian and was wondering about the status of Snort in stable
> > > >at this time.
> > >
> > > snort vulnerability was posted in BTS.
> > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=183719
> > >
> > > # but, yes, DSA have not been released yet.
> >
> Is Woody version stil Vulnerabile to this serious security bug ?
I believe so. I'm using the bug to track the issue. Currently it's tagged
sarge and woody. Snort.org said the default distribution is vulnerable,
and in the Debian diff I see no change to the affected sections (for both
woody and sarge).
I've informed the security team, but they're likely busy with other
issues. A comment from them on the bug would be nice.
Drew Daniels
