From owner-freebsd-security@FreeBSD.ORG  Thu Apr 17 14:49:45 2003
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3A88137B401
	for <security@freeBSD.org>; Thu, 17 Apr 2003 14:49:45 -0700 (PDT)
Received: from obsecurity.dyndns.org
	(adsl-63-207-60-150.dsl.lsan03.pacbell.net [63.207.60.150])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 54D4E43FBF
	for <security@freeBSD.org>; Thu, 17 Apr 2003 14:49:44 -0700 (PDT)
	(envelope-from kris@obsecurity.org)
Received: from rot13.obsecurity.org (rot13.obsecurity.org [10.0.0.5])
	by obsecurity.dyndns.org (Postfix) with ESMTP id 1FE7266CFA
	for <security@freeBSD.org>; Thu, 17 Apr 2003 14:49:44 -0700 (PDT)
Received: by rot13.obsecurity.org (Postfix, from userid 1000)
	id EC6DD1187; Thu, 17 Apr 2003 14:49:43 -0700 (PDT)
Date: Thu, 17 Apr 2003 14:49:43 -0700
From: Kris Kennaway <kris@freebsd.org>
To: security@freeBSD.org
Message-ID: <20030417214943.GA92499@rot13.obsecurity.org>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="Kj7319i9nmIyA2yE"
Content-Disposition: inline
User-Agent: Mutt/1.4i
Subject: [kris@FreeBSD.org: cvs commit: ports/security/snort Makefile
	distinfo pkg-plist ports/security/snort/files patch-snort.c]
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Apr 2003 21:49:45 -0000


--Kj7319i9nmIyA2yE
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

FYI

Kris

----- Forwarded message from Kris Kennaway <kris@FreeBSD.org> -----

X-Original-To: kkenn@localhost
Delivered-To: kkenn@localhost.obsecurity.org
Delivered-To: kris@freebsd.org
Delivered-To: ports-committers@freebsd.org
From: Kris Kennaway <kris@FreeBSD.org>
Date: Thu, 17 Apr 2003 14:45:03 -0700 (PDT)
To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org,
	cvs-all@FreeBSD.org
Subject: cvs commit: ports/security/snort Makefile distinfo pkg-plist
         ports/security/snort/files patch-snort.c
X-FreeBSD-CVS-Branch: HEAD
Precedence: bulk
X-Loop: FreeBSD.ORG
X-UIDL: 58a7d456fd799ddf67cd2a767f5369f1

kris        2003/04/17 14:45:03 PDT

  FreeBSD ports repository

  Modified files:
    security/snort       Makefile distinfo pkg-plist=20
    security/snort/files patch-snort.c=20
  Log:
  Update to snort 2.0.0.  This fixes a security vulnerability:
 =20
    The Sourcefire Vulnerability Research Team has learned of an integer
    overflow in the Snort stream4 preprocessor used by the Sourcefire
    Network Sensor product line. The Snort stream4 preprocessor
    (spp_stream4) incorrectly calculates segment size parameters during
    stream reassembly for certain sequence number ranges which can lead to
    an integer overflow that can be expanded to a heap overflow.
 =20
  PR:     51106
  Submitted by:   Sergey A. Osokin <osa@FreeBSD.org.ru>
 =20
  Revision  Changes    Path
  1.34      +2 -2      ports/security/snort/Makefile
http://cvsweb.FreeBSD.org/ports/security/snort/Makefile.diff?r1=3D1.33&r2=
=3D1.34
  1.19      +1 -1      ports/security/snort/distinfo
http://cvsweb.FreeBSD.org/ports/security/snort/distinfo.diff?r1=3D1.18&r2=
=3D1.19
  1.4       +7 -32     ports/security/snort/files/patch-snort.c
http://cvsweb.FreeBSD.org/ports/security/snort/files/patch-snort.c.diff?r1=
=3D1.3&r2=3D1.4
  1.10      +0 -2      ports/security/snort/pkg-plist
http://cvsweb.FreeBSD.org/ports/security/snort/pkg-plist.diff?r1=3D1.9&r2=
=3D1.10

----- End forwarded message -----

--Kj7319i9nmIyA2yE
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (FreeBSD)

iD8DBQE+nyF3Wry0BWjoQKURAhbBAJ49iJvBICar5Rv9e/i+5gZfkEQOfgCfWDa6
mDdm251aF1CT26LnOvGykMw=
=SwWe
-----END PGP SIGNATURE-----

--Kj7319i9nmIyA2yE--