[Snort-devel] Patch for snort-1.9.1: CORE-2003-0307: StreamReassembly Integer Overflow (fwd)

Dave Greenstein dave at ...1918...
Wed Apr 16 07:30:12 EDT 2003


Hi Chris,

I think a lot of people have not or can not upgrade to snort 2.0
immediately, so, can you make an official 1.9.1 patch? I noticed the
main 1.9.1 source link has been removed from snort.org. Others might
need it to patch their own 1.9.1 versions if they can't upgrade to 2.0.
I've submitted the changes I think are necessary to 1.9.1. These changes
correct the memory overflow and use the SafeMemcpy as in snort 2.0.

Thanks,

Dave

-----Original Message-----
From: Chris Green [mailto:cmg at ...402...] 
Sent: Wednesday, April 16, 2003 7:54 AM
To: rmkml
Cc: snort-devel at lists.sourceforge.net
Subject: Re: [Snort-devel] Patch for snort-1.9.1: CORE-2003-0307:
StreamReassembly Integer Overflow (fwd)


rmkml <rmkml at ...1042...> writes:

> Snort.org out new version (1.9.2) with fix officialy stream4 pb ?
>

1.9 is dead. Long live 2.0.

Several incorrect behaviors have been corrected with this release as
well as the introduction of several functions that are much more
paranoid about how we treat data.

All maintenance level bug fixes will be against the 2.0.x code line.
-- 
Chris Green <cmg at ...402...>
Fame may be fleeting but obscurity is forever.


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf _______________________________________________
Snort-devel mailing list
Snort-devel at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-devel




More information about the Snort-devel mailing list