[Snort-users] EOL for Snort 2.8.5.3 and Snort 2.8.6.0 rules reminder

Randal T. Rioux randy at ...13561...
Mon Oct 4 21:40:43 EDT 2010


On 10/04/2010 09:17 PM, Nigel Houghton wrote:
> On Mon, 04 Oct 2010 18:07:14 -0400, Mike Lococo wrote:
>>> Support for Snort 2.8.5.3 rules will cease on October 22nd.
>>>
>>> With the release of Snort 2.9, support for Snort 2.8.6.0 rules will end 
>>> 90 days from today, that is Jan 2nd 2011.
>>
>> Really?  A 90-day upgrade window?  According to the VRT rules EOL
>> policy, the current and prior major releases will be supported [1]:
>>
>>> Major Release: Change in the first or second decimal of the version
>>> number. Examples: Version 2.0 to 3.0, Version 2.8 to 2.9
>>> ...
>>> Prior Version: The *major* release previous to the current
>>> production release with the highest minor and patch releases
>>
>> While the emphasis on the word "major" is mine, the document is specific
>> about what that means.  Based on that language, I would expect that
>> 2.8.final would be supported until 3.0 or 2.10 are released.  Of course,
>> the February "current" examples aren't actually consistent with the
>> statement, listing a "previous" version instead of a "prior" version,
>> which is one *minor* revision behind, instead of one major revision behind.
>>
>> I see the policy was updated in Feb, but don't know what it looked like
>> prior.  Are these recent changes, policies which weren't enforced until
>> recently, or long-standing policies that I've simply never noticed?
>>
>> Regards,
>> Mike Lococo
>>
>> [1] http://www.snort.org/vrt/rules/eol_policy
> 
> Which says:
> 
> "Prior Version: The major release previous to the current production 
> release with the highest minor and patch releases"
> 
> We provide rule sets for the current version and prior version of Snort.
> 
> So, as of now, the current production release is 2.9.0 and the prior 
> version would be 2.8.6.1.
> 
> We are giving the 90 day notice as a courtesy, should be plenty of time 
> to upgrade installations. As I seem to have to keep saying, keeping 
> your security software up to date is a really good idea.

Normally, I find Nigel to be just a provocateur, but I have to agree on
this one.

Most organizations that need a more stable and rigorous release schedule
have the commercial versions, and as such get that warm fuzzy with
PowerPoint detailed road maps.

Security is just one big race condition. The fastest runner wins :-)

Randy





More information about the Snort-users mailing list