Snort Advisory Date: 2006-09-27 Sourcefire is aware of an issue in Snort that can produce segmentation faults in certain circumstances. This issue occurs when Snort is handling a large number of sessions and the configuration item cache_clean_percent is set to anything other than 0. Open-source Snort users who have not manually modified the default configuration for stream4 are unaffected by this issue. Only users who have added the cache_clean_percent option to their stream4 configuration are affected. They should change their configuration to use the parameter cache_clean_sessions instead. The latest CVS source downloads for the Snort 2.6.1, 2.6.0, and 2.4 branches now contain a fix for this issue. The next version of Snort will contain this fix. Thanks to Eric Hines from Applied Watch for reporting the issue. _________________ http://www.osvdb.org/29280 http://cvs.snort.org/viewcvs.cgi/snort/ChangeLog.diff?r1=1.404.2.60&r2=1.404.2.61
netmon, pls provide an updated ebuild
non trivial. The 2.6 branch is package masked because it has real issues (for example i can't even get it to compile), i tried a simple rev bump but no go for compilation. The 2.4 branch is not continued afaict and I'm not overly keen to put a cvs tarball up instead. Is this something that we can just alert our uses to with an ewarn until there is either a new 2.4 branch out or we have unmasked a suitable patched / working 2.6?
oops, this got unnoticed it seems are there any news Benjamin? otherwise I would say put an ewarn into the ebuild for now What about extracting the needed patches from CVS?
any news?
strerror, any updates on this one?
looks like we forgot this bug I suppose this is fixed in the currently stable ebuilds? Can someone confirm?
glsa-200703-01 recommends to update to 2.6.1.3 and I can at least confirm that the fix appears in the changelog, cant be bothered to check the source. so it should be ok to close this one as fixed
