Package: libnids Version: 1.23 Severity: important Tags: patch A new version of libnids has been released, v1.24. This fixes a security issue, reported in bug 576281. This was fixed but only in unstable.
A patch against the current libnids is available at http://edeca.net/temp/libnids_1.24-1.diff.gz - this applies cleanly to the current source which is available from http://sourceforge.net/projects/libnids/files/libnids/1.24/libnids-1.24.tar.gz/download I have signed the changelog as "A. N. Other" as I am not a Debian maintainer. All previous Debian changes that are not obsoleted by v1.24 are included. I have reduced optimization from -O2 to -O1 as testing using Debian lenny in a VM shows that -O2 breaks tests on AMD64 (fine on 32-bit). Tests included dsniff, programs from the samples/ directory in the original build and the Perl module Net::LibNIDS (which I maintain). Apart from this, the package works fine on AMD64 and x86. I feel it is important that the security issue is fixed in lenny also. The newer version also incorporates a number of fixes for bugs which cause the package to segfault in normal use. My testing with the packages I have created seem to suggest they are all fixed by v1.24. You will see from bug 574042 that I have tried to contact the maintainer and been unsuccessful. -- System Information: Debian Release: 5.0.5 APT prefers stable APT policy: (700, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.32.15-kvm-i386-20100622 (SMP w/1 CPU core) Locale: LANG=en_GB, LC_CTYPE=en_GB (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
