Package: libnids
Version: 1.23
Severity: important
Tags: patch

A new version of libnids has been released, v1.24.  This fixes a security 
issue, reported in bug 576281.  This was fixed but only in unstable.

A patch against the current libnids is available at 
http://edeca.net/temp/libnids_1.24-1.diff.gz - this applies cleanly to the 
current source which 
is available from 
http://sourceforge.net/projects/libnids/files/libnids/1.24/libnids-1.24.tar.gz/download

I have signed the changelog as "A. N. Other" as I am not a Debian maintainer.  
All previous Debian changes that are not obsoleted by v1.24 are 
included.

I have reduced optimization from -O2 to -O1 as testing using Debian lenny in a 
VM shows that -O2 breaks tests on AMD64 (fine on 32-bit).  Tests 
included dsniff, programs from the samples/ directory in the original build and 
the Perl module Net::LibNIDS (which I maintain).  Apart from this, 
the package works fine on AMD64 and x86.

I feel it is important that the security issue is fixed in lenny also.  The 
newer version also incorporates a number of fixes for bugs which cause 
the package to segfault in normal use.  My testing with the packages I have 
created seem to suggest they are all fixed by v1.24.

You will see from bug 574042 that I have tried to contact the maintainer and 
been unsuccessful.

-- System Information:
Debian Release: 5.0.5
  APT prefers stable
  APT policy: (700, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32.15-kvm-i386-20100622 (SMP w/1 CPU core)
Locale: LANG=en_GB, LC_CTYPE=en_GB (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to