pkgsrc/net/snort/patches/patch-ad

$NetBSD: patch-ad,v 1.3 2003/04/16 15:51:24 salo Exp $

--- src/Makefile.in.orig	2003-04-09 18:01:40.000000000 +0200
+++ src/Makefile.in	2003-04-16 08:07:17.000000000 +0200
@@ -67,7 +67,7 @@
 PATH_SEPARATOR = @PATH_SEPARATOR@
 AMTAR = @AMTAR@
 AWK = @AWK@
-CC = @CC@
+CC = @CC@ -DPKG_SYSCONFDIR=\"@sysconfdir@\"
 DEPDIR = @DEPDIR@
 
 INCLUDES = @INCLUDES@
Bump PKGREVISION: honour PKG_SYSCONFDIR for real. (i thought i fixed this before but apparently i did not :/) 2003-04-16 17:51:22 +02:00			$NetBSD: patch-ad,v 1.3 2003/04/16 15:51:24 salo Exp $
Update snort to 1.9.0. Changes: Lots of new rules, extended analyzing of packages etc. Fixes PR 18637 by Adrian Portelli <adrianp@stindustries.net> 2002-10-13 06:42:12 +02:00
Updated to version 2.0.0. IMPORTANT: This version fixes remotely exploitable heap overflow in the stream4 preprocessor module. Advisory: http://www.coresecurity.com/common/showdoc.php?idx=313&idxseccion=10 Changes: 2.0.0: ====== - Enhanced high-performance detection engine - Stateful Pattern Matching - New detection keywords: byte_test & byte_jump - The Snort code base has undergone an external third party professional security audit funded by Sourcefire (http://www.sourcefire.com) - Many new and updated rules - snort.conf has been updated - Enhancements to self preservation mechanisms in stream4 and frag2 - State tracking fixes in stream4 - New HTTP flow analyzer - Enhanced protocol decoding (TCP options, 802.1q, etc) - Enhanced protocol anomaly detection (IP, TCP, UDP, ICMP, RPC, HTTP, etc) - Enhanced flexresp mode for real-time TCP session sniping - Better chroot()'ing - Tagging system updated - Several million bugs addressed.... - Updated FAQ (thanks to Erek Adams and Dragos Ruiu) Snort 2.0 can be downloaded at http://www.snort.org/dl/snort-2.0.0.tar.gz. Binary versions of the codebase will be built over the next several days and made available at here. 2.0.rc4: ======== - byte_jump/byte_test don't force relative content options - byte_jump/byte_test absolute offsets work - Better FIN handling in Stream4 2.0.rc3: ======== - A low memory usage detection method (enabled via "config detection: search-method lowmem") - Moved the default unix socket location to LOGDIR 2.0.rc2: ======== - syslog should work on win32 and unix - major tagging updates - new UDP decoding alerts - snort.conf updates 2.0.rc1: ======== - Higher performance (due to a new pattern matcher and rebuilt detection engine) - Better decoders - Enhanced stream reassembly and defragmentation - Tons of bug fixes - Updated rules - Updated snort.conf - New detection keywords (byte_test, byte_jump, distance, within) & stateful pattern matching - New HTTP flow analyzer - Enhanced anomaly detection (HTTP, RPC, TCP, IP, etc) - Better self preservation in stateful subsystems - Xrefs fixed - Flexresp works faster and more effectively - Better chroot()'ing - Fixed 802.1q decoding - Better async state handling - New alerting option: -A cmg!! 2003-04-16 08:37:19 +02:00			`--- src/Makefile.in.orig 2003-04-09 18:01:40.000000000 +0200`
			`+++ src/Makefile.in 2003-04-16 08:07:17.000000000 +0200`
			`@@ -67,7 +67,7 @@`
			`PATH_SEPARATOR = @PATH_SEPARATOR@`
			`AMTAR = @AMTAR@`
			`AWK = @AWK@`
Update snort to 1.9.0. Changes: Lots of new rules, extended analyzing of packages etc. Fixes PR 18637 by Adrian Portelli <adrianp@stindustries.net> 2002-10-13 06:42:12 +02:00			`-CC = @CC@`
Bump PKGREVISION: honour PKG_SYSCONFDIR for real. (i thought i fixed this before but apparently i did not :/) 2003-04-16 17:51:22 +02:00			`+CC = @CC@ -DPKG_SYSCONFDIR=\"@sysconfdir@\"`
Updated to version 2.0.0. IMPORTANT: This version fixes remotely exploitable heap overflow in the stream4 preprocessor module. Advisory: http://www.coresecurity.com/common/showdoc.php?idx=313&idxseccion=10 Changes: 2.0.0: ====== - Enhanced high-performance detection engine - Stateful Pattern Matching - New detection keywords: byte_test & byte_jump - The Snort code base has undergone an external third party professional security audit funded by Sourcefire (http://www.sourcefire.com) - Many new and updated rules - snort.conf has been updated - Enhancements to self preservation mechanisms in stream4 and frag2 - State tracking fixes in stream4 - New HTTP flow analyzer - Enhanced protocol decoding (TCP options, 802.1q, etc) - Enhanced protocol anomaly detection (IP, TCP, UDP, ICMP, RPC, HTTP, etc) - Enhanced flexresp mode for real-time TCP session sniping - Better chroot()'ing - Tagging system updated - Several million bugs addressed.... - Updated FAQ (thanks to Erek Adams and Dragos Ruiu) Snort 2.0 can be downloaded at http://www.snort.org/dl/snort-2.0.0.tar.gz. Binary versions of the codebase will be built over the next several days and made available at here. 2.0.rc4: ======== - byte_jump/byte_test don't force relative content options - byte_jump/byte_test absolute offsets work - Better FIN handling in Stream4 2.0.rc3: ======== - A low memory usage detection method (enabled via "config detection: search-method lowmem") - Moved the default unix socket location to LOGDIR 2.0.rc2: ======== - syslog should work on win32 and unix - major tagging updates - new UDP decoding alerts - snort.conf updates 2.0.rc1: ======== - Higher performance (due to a new pattern matcher and rebuilt detection engine) - Better decoders - Enhanced stream reassembly and defragmentation - Tons of bug fixes - Updated rules - Updated snort.conf - New detection keywords (byte_test, byte_jump, distance, within) & stateful pattern matching - New HTTP flow analyzer - Enhanced anomaly detection (HTTP, RPC, TCP, IP, etc) - Better self preservation in stateful subsystems - Xrefs fixed - Flexresp works faster and more effectively - Better chroot()'ing - Fixed 802.1q decoding - Better async state handling - New alerting option: -A cmg!! 2003-04-16 08:37:19 +02:00			`DEPDIR = @DEPDIR@`

			`INCLUDES = @INCLUDES@`