snort version 2.0.4 was released on september 17, 2003. latest gentoo release is 2.0.2. Can we have an update, please? Reproducible: Always Steps to Reproduce: 1. 2. 3.
novemeber 6, it should be (I jus copied a previous "alert" and forgot to change date)
You can use the ebuild of version 2.0.2 by simply copying it to /usr/portage/net-analyzer/snort/snort-2.0.4.ebuild Same hast to be done with the libnet patch if you want to use snort with flexresp. Or change the patch name in the ebuild. Maybe someone could add it to the portage-tree? Cheers, Ben (zerb@elxsi.de)
changes they announce on their web (not reading changelogs), highligts include: .3: (..) some alerts not firing (..) .4: (..) core dump (..) --- Snort 2.0.4 is available. We recommend that everyone upgrade at their soonest opportunity. Fixes: # Fixed a core dump introduced with 2.0.3 when dealing with negated patterns -- Snort 2.0.3 is available. We recommend that everyone upgrade at their soonest opportunity. # doe_ptr handling in byte_test/byte_jump slightly modified to work better with the pcre patch # content processing is now recursive to make distance/within processing better ( thanks to Shai Rubin for patch! ) # fixed a bug in the mwm.c pattern matcher that resulted in some alerts not firing in a particular configuration of rules # Thanks to Raul Siles & David Perez for a reproducible test case!
Snort 2.0.5 commited.