Version bump, fixes, patches - the usual new version stuff. Security fix that was featured in Gentoo bugs already by Gentoo Security. This release covers two points, listed below: * Issues with suppressing sfPortscan Open Ports have been fixed. * Added a new mini-preprocessor to catch the X-Link2State vulnerability. This preprocessor can be configured to drop the offending connection when in Inline-mode. Please read snort.conf or the snort manual for more details. This preprocessor is enabled by default in snort.conf.
2.3.3 is in CVS. I have no earthly idea what a "X-Link2State vulnerability" is. Security peeps, please let me know if this is something that warrants a GLSA (I doubt it, but I'd rather ask you guys than ignore it).
Bah ok so I misunderstood. Sorry for the spam.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d6a9c7f40ffb7f393a707b6d0face1c2f39d3901 commit d6a9c7f40ffb7f393a707b6d0face1c2f39d3901 Author: Sam James <sam@gentoo.org> AuthorDate: 2023-11-22 19:12:13 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-11-22 19:15:00 +0000 profiles: mask buggy zfs-2.2.0 Further bugs with CoW via copy_file_range (bug #917224, https://github.com/openzfs/zfs/issues/15526). The issue is very similar to bug #815469. ZFS 2.2.1 has a workaround but if you haven't already upgraded your pool to use the new block cloning feature, consider using <zfs-2.2 for now. Bug: https://github.com/openzfs/zfs/issues/15526 Bug: https://bugs.gentoo.org/815469 Bug: https://bugs.gentoo.org/91722 Signed-off-by: Sam James <sam@gentoo.org> profiles/package.mask | 8 ++++++++ 1 file changed, 8 insertions(+)
