File: changelog

package info (click to toggle)
snort 2.9.7.0-5
  • links: PTS, VCS
  • area: main
  • in suites: bullseye, buster, sid, stretch
  • size: 55,000 kB
  • ctags: 38,464
  • sloc: ansic: 266,667; sh: 12,508; makefile: 2,908; yacc: 497; perl: 496; lex: 261; sed: 14
file content (2656 lines) | stat: -rw-r--r-- 116,898 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
2257
2258
2259
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
2287
2288
2289
2290
2291
2292
2293
2294
2295
2296
2297
2298
2299
2300
2301
2302
2303
2304
2305
2306
2307
2308
2309
2310
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345
2346
2347
2348
2349
2350
2351
2352
2353
2354
2355
2356
2357
2358
2359
2360
2361
2362
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
2380
2381
2382
2383
2384
2385
2386
2387
2388
2389
2390
2391
2392
2393
2394
2395
2396
2397
2398
2399
2400
2401
2402
2403
2404
2405
2406
2407
2408
2409
2410
2411
2412
2413
2414
2415
2416
2417
2418
2419
2420
2421
2422
2423
2424
2425
2426
2427
2428
2429
2430
2431
2432
2433
2434
2435
2436
2437
2438
2439
2440
2441
2442
2443
2444
2445
2446
2447
2448
2449
2450
2451
2452
2453
2454
2455
2456
2457
2458
2459
2460
2461
2462
2463
2464
2465
2466
2467
2468
2469
2470
2471
2472
2473
2474
2475
2476
2477
2478
2479
2480
2481
2482
2483
2484
2485
2486
2487
2488
2489
2490
2491
2492
2493
2494
2495
2496
2497
2498
2499
2500
2501
2502
2503
2504
2505
2506
2507
2508
2509
2510
2511
2512
2513
2514
2515
2516
2517
2518
2519
2520
2521
2522
2523
2524
2525
2526
2527
2528
2529
2530
2531
2532
2533
2534
2535
2536
2537
2538
2539
2540
2541
2542
2543
2544
2545
2546
2547
2548
2549
2550
2551
2552
2553
2554
2555
2556
2557
2558
2559
2560
2561
2562
2563
2564
2565
2566
2567
2568
2569
2570
2571
2572
2573
2574
2575
2576
2577
2578
2579
2580
2581
2582
2583
2584
2585
2586
2587
2588
2589
2590
2591
2592
2593
2594
2595
2596
2597
2598
2599
2600
2601
2602
2603
2604
2605
2606
2607
2608
2609
2610
2611
2612
2613
2614
2615
2616
2617
2618
2619
2620
2621
2622
2623
2624
2625
2626
2627
2628
2629
2630
2631
2632
2633
2634
2635
2636
2637
2638
2639
2640
2641
2642
2643
2644
2645
2646
2647
2648
2649
2650
2651
2652
2653
2654
2655
2656
snort (2.9.7.0-5) unstable; urgency=medium

  * debian/control: Depend on perl, not perl-modules (Closes: #779126)

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Tue, 30 Jun 2015 00:54:42 +0200

snort (2.9.7.0-4) unstable; urgency=low

  * debian/control: Updated deprecated VCs URL to
    git://anonscm.debian.org/pkg-snort/pkg-snort.git
  * Include Snort tools u2boat and u2spewfoo to parse Unified2 log format
    files (Closes: #770882):
     - debian/snort.install: Install the files in the Snort package
     - debian/{u2boat,u2spewfoo}.1 create new manpages for the tools
     - debian/snort.manpages: add the new manpages to the package
     - debian/snort.dirs: create usr/bin/ for the new tools
  * debian/rules: 
     - Use dh_prep instead of dh_clean -k
  * debian/snort.manpages: Add the manpage for snort-stat, which was not
    included in the snort package (but the script was)
  * Rebuild with the latest daq library upstream (libdaq2). Libdaq0 is
    deprecated/obsolete and not maintained upstrea

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Tue, 09 Dec 2014 20:37:03 +0100

snort (2.9.7.0-3) unstable; urgency=high

  * debian/control: 
     - Add pkg-config in Build-Depends, it provides the PKG_CHECK_MODULES
       macro used in configure.in. This fixes a FTBFS observed in the
       buildds
     - Add libzma-dev dependency in Build-Depends as it is used in
       configure.in if available

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Fri, 24 Oct 2014 23:04:34 +0200

snort (2.9.7.0-2) unstable; urgency=high

  * The new upstream release, as seen with the previous upload, fixes the Out
    of Memory errors found in buildds when building (Closes: #765637)
  * debian/control: Add zlib1g-dev dependency in Build-Depends to fix FTFBFS

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Fri, 24 Oct 2014 16:14:20 +0200

snort (2.9.7.0-1) unstable; urgency=high

  * Upgrade to latest upstream version. Rules updates have been dropped
    by Snort upstream for older releases.  Snort 2.9.5.3 is not supported for
    rule updates since December 2013 (Closes: #753915)
    For more information see: https://www.snort.org/eol
  * debian/patches/{config,config_disabled_rules,fix_upstream_typos}: Refresh
    to apply to the newest source
  * debian/rules: 
      + Use dpkg-buildflags to setup the defult compiler and link flags.
      + Enable hardening options when building
  * debian/control: Build-Depend on (dpkg-dev >= 1.16.1~) due to above change
  * debian/patches/configure_werror: New patch to fix configure.in so
     that it can work properly when setting the hardening flags
  * debian/patches/hardening_werror: New patch to fix issues found
     when building with -Werror 
  * Debconf updated Translations:
    - Updated Dutch translation, contributed by Frans Spiesschaert (Closes:
      #764319)

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Fri, 24 Oct 2014 02:04:35 +0200

snort (2.9.5.3-4) unstable; urgency=medium

  * debian/control: Drop libgnutls-dev, as it is not longer required and it is scheduled
    for removal in sid, and (apparently) uninstallable. (Closes: #764108)
  * debian/control, debian/rules: Run dh-autoreconf when building to update
    config.{sub, guess} and {libtool, aclocal}.m4 (Closes:  #748713)
  * debian/snort.init.d: Change the permissions of the snort PIDFILE once
    snort is started in order to prevent the following error messages when
    snort is *re*started:

    snort[xxxx]: Could not remove pid file /var/run//snort_eth0.pid: Permission denied

    (Closes: #753914)
  * debian/snort-stat.8: Fix filename of the alert log file and point to the
    correct location. (Closes: #709246)
  * Debconf updated Translations:
    - Updated Russian translation, contributed by Yuri Kozlov 
      (Closes: 729710, #721483)

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Mon, 06 Oct 2014 20:11:15 +0200

snort (2.9.5.3-3) unstable; urgency=low

  * debian/control: Add texlive-binaries and texlive-font-utils to
     Build-Depends-Indep to make sure that buildds have the binaries
     required to build the documentation as suggested by Hideki Yamane.
     Kept the texlive metapackage however in debian/control just int case.
     (Closes: 713254) 
  * Debconf updated Translations:
    - Updated Russian translation, contributed by Yuri Kozlov (Closes: 722987)

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Mon, 21 Oct 2013 19:39:20 +0200

snort (2.9.5.3-2) unstable; urgency=low

  * Debconf templates and debian/control reviewed by the debian-l10n-english
    team as part of the Smith review project. (Closes: 720061)
  * Debconf updated Translations:
    - Update Spanish translation, contributed by Javier Fernandez-Sanguino
    - Updated Russian translation, contributed by Yuri Kozlov (Closes: 722987)
    - Updated German translation, contributed by Chris Leick (Closes: 723769)
    - Updated Portuguese translation, contributed by Miguel Figueiredo
      (Closes: 723779)
    - Add Simplified Chinese debconf, contributed by Yi Mingjing 
      (Closes: 723818)
    - Updated Czech translation, contributed by Michal Šimůnek 
      (Closes: 724289)
    - Updated French translation, contributed by JP Guillonneau 
      (Closes: 724300)
    - Updated Janapese translation (Closes: 724706)
    - Updated Italian translation provided by Daniele Forsi (Closes: 724707)
    - Updated Danish translation provided by  Joe Hansen (Closes: 724932)
    - Updated Swedish translation provided by Martin Bagge (Closes: 725104)

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Tue, 24 Sep 2013 03:39:00 +0200

snort (2.9.5.3-1) unstable; urgency=low

  * New upstream release.
    - Remove faq from the build since it is no longer provided upstream
  * Lintian fix typo in debian/snort-rules-default.README.Debian
  * debian/patches: Refresh all patches with new upstream
     - config_disabled_rules: Disable more .rules files which are not
       provided in the upstream sources (but might be in the VRT
       Sourcefire)
  * debian/control: Add latex2html to Build-Depends-Indep as the html.sty
    file is required for building the documentation

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Fri, 16 Aug 2013 20:51:02 +0200

snort (2.9.3.1-1) experimental; urgency=low

  * New upstream release, target towards experimental due to the current freeze.
  * The most relevant change in this release is that support by Snort to
    output directly in a database has been dropped, which means that the
    snort-pgsql and snort-mysql packages are no longer possible. This 
    is documented in the NEWS file. Also relevant is that support for
    Prelude is no longer available.
  * Since this release does not include the snort database packages any
    longer, bugs associated with them are no longer relevant
    (Closes: #526511, #567495, #292699, #276565, #527113, #388963, #388962,
    #321046, #369951)
  * debian/rules: Update the configuration options to adjust to those used
    in the snort.conf script provided upstream
  * debian/patches/fix_upstream_typos: Do typo fixes to more source files
  * debian/patches/config: Add more comments in the default configuration
    file, enable at least one output plugin (unified2) and set some
    configurations values as recommended in Jason Weir's "Building a
    Debian\Snort based IDS" available in http://www.snort.org/docs
    (Closes: #193544)
  * debian/patches/*: Refresh the patches to apply to the new upstream release
  * debian/po/*: Refresh all templates since the previous templates for
    database configuration have gone along with the snort database 'flavor'
    packages.
  * debian/snort-common.preinst: Remove the /etc/snort/database.conf on
    upgrades
  * debian/snort.preinst: Control output of usermod
  * debian/snort-common.{config,templates}: 
      - Add code to detect old configuration files with content (which might
        happen on upgrades to 2.9.3 coming from the snort-mysql or snort-pgsql
        packages) and warn the user if they exist.
      - Update the list of valid preprocessors for this release

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Wed, 08 Aug 2012 22:12:35 +0200

snort (2.9.2.2-3) unstable; urgency=medium

  [ Upload target towards Wheezy fixing some important bugs
    and substantially improving the information provided on the
    packages to clarify user expectations ]
  * Acknowledge previous NMU
  * debian/patches/config: Update the patch to: 
     - use absolute paths instead of relative paths to point to
       the white list and black list used by the reputation
       pre-processor.
     - disable the reputation as we do not ship any white/black lists
       by default (which causes it to fail at startup) and also
       because this preprocessor is experimental.

       Both changes fix the bug that prevented the package from being
       configured due to errors when starting up Snort with the 
       default configuration (Closes: #677810)

      - Add a comment to /etc/snort/snort.conf documenting for users
        reading the file that preinstalled rules are surely out of date.

  * debian/patches/config_disabled_rules: Comment out shellcode rules as these
    have a huge impact in performance unless properly tuned.
  * debian/patches/rules: Fix the definition of many SIP rules (defined
    as 'alert ip any any'. These were generating a lot of false positives
    in environment were enabled. Regardless of the change comment out SIP
    rules since they are outdate can generate many false alarms unless
    properly defined.  (Closes: #626596, #680303).
  * debian/control: Adjust description of snort-rules-default to indicate
    users that the ruleset provided should not be considered up-to-date.
    Encourage users to obtain additional/upgraded rules elsewhere.
  * debian/snort-rules-default.README.Debian: Include more information to
    potential users on the issues related to the default ruleset provided
    (and why it is out of date) as well as pointers as to where obtain
    additional rulesets. Some of this information is also in the NEWS file
    but is easy to miss to new users.

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Tue, 07 Aug 2012 23:53:24 +0200

snort (2.9.2.2-2.1) unstable; urgency=low

  [ gregor herrmann ]
  * Non-maintainer upload.
  * Drop quilt framework, the package uses source format "3.0 (quilt)".
  * Fix FBTFS when called with build-arch:
    - don't remove configure-stamp in debian/clean_sources.sh; otherwise
      build-basic gets called again
    - update target dependencies in debian/rules

 -- Nicholas Bamber <nicholas@periapt.co.uk>  Fri, 22 Jun 2012 10:49:16 +0100

snort (2.9.2.2-2) unstable; urgency=low

  * Fix "FTBFS with multiarch libmysqlclient-dev" using the
    patch supplied by Gregor Herrmann :
    + apply patch from Ubuntu / Jean-Louis Dupond:
      - debian/rules: use mysql_config to find libraries to fix FTBFS 
        with multiarch libmysqlclient.
    + debian/control: Build-Depends: drop virtual libmysqlclient15-dev,
      make libmysqlclient-dev versioned to get mysql_config's --variable= 
      switch.
    (Closes: #650060)

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Sun, 02 Jun 2012 17:56:00 +0200

snort (2.9.2.2-1) unstable; urgency=low

  * New upstream version (bug fix release) (Closes: #666125)
     - Provides portvar $FILE_DATA_PORTS in etc/snort.conf (Closes: #661944)
  * Acknowledge NMU (Closes: #669524)
  * debian/check-snort-conf.sh: New script to check the validity
     of the etc/snort.conf file provided
  * debian/patches/series, debian/patches/config_disabled_rules,
    debian/patches/config: Create independent patch to comment
    the rules files which are not provided in the Debian package.

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Sun, 06 May 2012 01:01:30 +0200

snort (2.9.2-3.1) unstable; urgency=low

  * Non-maintainer upload.
  * Correct tex .sty path (Closes: #669524)

 -- Emfox Zhou <emfox@debian.org>  Mon, 30 Apr 2012 15:57:48 +0800

snort (2.9.2-4) unstable; urgency=low

  * Fix typo (appropiate --> apppropriate) in all the Snort templates. Also
    update translations and manually unfuzzy them

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Tue, 14 Feb 2012 00:38:01 +0100

snort (2.9.2-3) unstable; urgency=low

  * Restore code from the 2.8.5.2-5 package onwards which was lost when
    the version of experimental was moved to the archive. 
     - Now /var/lib/snort is created through package configuration, as
       it should have been
     - Remove md5sum files when purging (Closes: #657038)
  * debian/rules: 
      - Enable IPv6 support which was optional in version 2.8 for the Snort
        binary package. This is not enabled for the database binary packages
        (snort-pgsql and snort-mysql) as the database schemas do not support
        IPv6.  (Closes: #633064) (LP: #703707)
      - Include the quilt makefile and add dependencies in -stamp and 
        clean targets
  * debian/snort.init.d: 
      - Do not abort if the package is not configured to use a database but
        the db-pending-config semaphore is found.  Remove it instead and
        continue. This can happen if a database-related package was installed,
        removed and then 'snort' is installed afterwards. 
        (LP: #316878, #639755, #722488, #754230, #798608, #876615, #816634)
        (LP: #891904, #918250)
  * debian/snort-{mysql,pgsql}.postrm:
      - Remove the db-pending-config semaphore file when removing the package.
        This prevents errors with the snort.init.d logic if a database package
        is left unconfigured and then replaced with the snort (non-database)
        package.
  * debian/README-database.Debian: Indicate that database support will be
    deprecated in 2.9 and document that IPv6 is not supported either
  * debian/control:
     - Add Build-Depends on quilt
     - Add VCS entries
     - Put the complete maintainer's name in UTF-8
     - Change Uploaders, add Andrew Pollock and remove Pascal Hakim
     - Update Standards Version

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Wed, 25 Jan 2012 22:24:30 +0100

snort (2.9.2-2) unstable; urgency=low

  * debian/control:  Add net-tools to Depends: of snort, snort-mysql and
    snort-pgsql since 'ifconfig' is required for the configuration script
    to work. (Closes: #656445)
  * debian/snort{,-mysql,-psql}.postinst: Create the checksum directory if it
    does not exist right at the beginning since it might not be created.
    (Closes: #656445)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Thu, 19 Jan 2012 20:34:02 +0100

snort (2.9.2-1) unstable; urgency=low

  [ Andrew Pollock ]
  * New upstream release, upload to unstable
     - Fixes CVE-2009-3641: DoS while printing specially-crafted IPv6 packet
       using the -v option (Closes: 553584)
     - The package no longer build-depends on iptables-dev and the negated list
       of architectures is no longer used (Closes: 634660)
     - debian/patches/config: Patch the configuration file to remove include
       files not currently available (Closes: #619446)
     - This version is fully supported rule-wise (LP: #872582)
  * Switch to dpkg-source 3.0 (quilt) format
  * Port across all changes from Snort 2.8.5.2-5 and later in unstable
  * debian/snort.postinst: create the directory that the checksum for
    snort.debian.conf will be created in if it doesn't already exist
  * debian/rules: tell dh_makeshlibs to not call ldconfig in the
    preinst/postinst of snort-common-libraries
  * debian/rules: don't install README.WIN32 into snort-doc

  [ Javier Fernandez-Sanguino Peña ]
  * debian/rules:
     - Set enable-zlib when configuring all packages to force it to be 
       enabled as this is required by the http_inspect preprocessor which
       is enabled by default (Closes: #631854)
     - Included (commented) the patch provided by Clint Byrum and included in
       Ubuntu to prevent snort from FTFS with libmysqlclient-dev which will be
       multiarch in the future. The patch uses mysql_config to find libraries
       to fix FTBFS with multiarch libmysqlclient. Not enabled since the
       version of libmysqlclient in unstable currently does not support the
       --variable=pkglibdir option
  * debian/snort{,-inline}.config: Use LC_ALL=C when calling ifconfig to make 
    the postinst work when ifconfig's output is internationalised (Closes: 577033)
  * debian/control: Fix link in the rules package, point to 
    http://www.snort.org/snort-rules/ (Closes: 646547)
  * debian/my/snort-stat: Modify so that alerts with Priority but without classification
    are analysed when parsing syslog information. Also set the class to 'Undefined'
    instead of leaving it empty. (Closes: 590061)
  * po-debconf translation updates:
    - Danish, provided by Joe Dalton (Closes: 638678)
    - Dutch, provided by Jeroen Schot (Closes: 654239)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Fri, 13 Jan 2012 21:54:25 +0100

snort (2.8.5.2-9.1) unstable; urgency=low

  * Non-maintainer upload.
  * Empty dependency_libs in libtool la file(s).
    http://wiki.debian.org/ReleaseGoals/LAFileRemoval Closes: #621859

 -- Andreas Metzler <ametzler@debian.org>  Sat, 18 Jun 2011 14:08:33 +0200

snort (2.8.5.2-9) unstable; urgency=low

  * debian/rules: Change gs-common Build-Depends-Indep to ghostscript fo fix
    FTBFS, thanks to Andreas Metzler for the solution.  (Closes: 618197)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sun, 10 Apr 2011 10:57:55 +0200

snort (2.8.5.2-8) unstable; urgency=low

  * debian/snort{,-mysql,-pgsql}.config: Remove the '-o' from
    DEBIAN_SNORT_OPTIONS that was prepended by the postinst script in
    version 2.8.5.2-2 on upgrades.
  * debian/snort{,-mysql,-pgsql}.prerm: Change /usr/sbin/nessus to /usr/sbin/snort

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Thu, 22 Jan 2011 12:18:03 +0100

snort (2.8.5.2-7) unstable; urgency=low

  * debian/snort{,-mysql,-pgsql}.config: Remove the '-p' from
    DEBIAN_SNORT_OPTIONS that is prepended by the postinst script (if disable
    promiscuous is set) before adding it to the debconf value to prevent this
    option from being readded again and again on reinstall.  (Closes:  #608635)
  * debian/snort{,-mysql,-pgsql}.postinst: Remove the temporary file used to
    test if the configuration files has not been modified when upgrading to
    a new version.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sun, 02 Jan 2011 20:47:26 +0100

snort (2.8.5.2-6) unstable; urgency=high

  * debian/snort{,-mysql,-pgsql}.postinst: Introduce code to be able to manage
     the situation in which a local admin has introduced changes in the
     /etc/snort/snort.debian.conf configuration file manually. Keep the
     local changes and leave the file untouched on upgrades. (Closes: #608590)
  * debian/snort-{mysql,-pgsql}.postinst:
       - Introduce code to be able to manage the situation in which a local
         admin has introduced changes in /etc/snort/database.conf and has not
         used dpkg-reconfigure. Keep the local changes and do not touch the
         file on upgrades.
       - Generate the database.conf regardless of the status of the
         db-pending-config file as we need the configuration file in any case.
  * debian/snort{,-mysql,-pgsql}.config: Read the values of the configuration
     file /etc/snort/snort.debian.conf and use them to set to preseed all the
     debconf values. This ensures that local changes are reloaded into debconf
     if any changes are made in the file and makes it possible to regenerate
     the file with dpkg-reconfigure.
  * debian/snort{,-mysql,-inline,-pgsq}.config: Make it possible to debug the
    scripts through the use of the  DEBIAN_SCRIPT_DEBUG environment variable
  * debian/snort-{mysql,pgsql}.config: Fix error in call of template which
    belongs to the snort package. Use the proper template now.
  * debian/README-database.Debian: Fix syntax error in MySQL example calls and
     reword the text a bit to clarify that the provided information are just
     examples on how to setup the databases.
  * debian/po/: Use debconf-updatepo to remove obsolete translations from PO
    files.
  * debian/NEWS: Remove the indication that database.conf should not be
    manually edited.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sat, 01 Jan 2011 23:40:30 +0100

snort (2.8.5.2-5) unstable; urgency=high

  * Final RC bug fix:
  * snort-common: Create the database.conf file on package's configuration not
    on the preinstallation script (Closes: #607801)
  * Lintian fixes:
     * debian/control: Upgrade standards version, no changes required
     * debian/snort.init.d: add $remote_fs to Required-Start and Required-Stop
     * debian/snort.templates: Move the config_error template over to
        debian/snort-common.templates as it is used there
     * debian/snort-{mysql,pgsql}.templates: remove the config_error template
        there as it is not used
     * debian/control: Upgrade the Build-Depends on debhelper
     * src/parser.c: Typo fix argu*e*ment -> argument
     * src/preprocessors/spp_perfmonitor.c,
       src/dynamic-preprocessors/dns/spp_dns.c:
         Typo fix: sep*e*rated --> separated
  * rules/web-misc.rules: Limit the depth when searching for an HTTP version
    to prevent false positives from apt-get User-Agent string (LP: #258155)
  * debian/snort.init.d: Separate warning message from main messages.
  * debian/TODO: review contents and update

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sun, 26 Dec 2010 13:20:25 +0100

snort (2.9.0.1-2) experimental; urgency=low

  * [ The Merry Xmas for experimental users Release ! ]
  * Forward port the changes introduced in the unstable package
    to experimental tool to make for smoother upgrades to the
    upstream release.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Fri, 24 Dec 2010 19:52:48 +0100

snort (2.8.5.2-4) unstable; urgency=high

  * [ The Merry Xmas and Merry RC bug fixing Release! ]
  * debian/snort-common.preinst:
      - Fix how the files are generated and use Perl instead of bash's echo
        as the latter will interpret content in the configuration file
        and will botch it
      - Fix typo in the configuration file which moved the configuration
        file to database.conf instead of just the database configuration.
      - Only generate content in database.conf if the default configuration
        file contains the DBSTART line from previous versions.
      - Be cautious, if an empty configuration file is generated then
        abort.
    (Closes: 607951)
  * debian/snort.preinst: Do not output information from usermod as this is
    not needed
  * Disable an error in rules/comunity-smtp.rules  that prevents snort from
    loading due to the use of !any (Closes: 607751)
  * debian/snort-{pgsql,mysql}.postinst: Fix syntax error in postinst scripts
    (Closes: 607678)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Fri, 24 Dec 2010 19:39:51 +0100


snort (2.8.5.2-3) unstable; urgency=low

  * Move the database configuration code for the -mysql and -pgsql packages
    into an independent file (/etc/snort/database.conf). This prevents the
    debconf script from modifying /etc/snort/snort.conf, which is a conffile.
    And, consequentely, prevents upgrade prompts for users as well as some
    other issues when upgrading (Closes: #603428, #566308)
    * Adding snort-common-preinst to split off exiting config or touch the
      new database config file on new installations to ensure it exists.
    * Modify etc/snort.conf to include the new database configuration file.
    * Modify snort-{mysql,pgsql}.postinst to use new configuration file.
    * Modify snort-{mysql,pgsql,common}.postrm to purge new configuration file if
      it exists.
    Thanks to Alexander Reichle-Schmehl for the initial patch used to fix this issue
  * debian/NEWS: describe the new change on database handling
  * debian/snort{,-inline,-mysql,-pgsql}.prerm: Move the code in charge of killing
    snort astray children over to the proper location and also ignore errors 
    if there are (process might appear spurously in the process table due to
    race conditions) (Closes: 557729)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Mon, 20 Dec 2010 15:25:49 +0100

snort (2.9.0.1-1) experimental; urgency=low

  * New upstream release. 
  * Change configure.in to use 'dumbnet' instead of 'dnet' since the library
    is renamed in Debian
  * debian/control: 
       - Make it Build-Depend on libdumbnet-dev since this release now requires
         it (it was previously optional)
       - Remove iptables-dev (no longer required) (Closes: 634660)
  * debian/rules: 
        - Do not use --enable-smbalerts (no longer available) when configuring
  * Remove the following documentation from the installation as it is no longer
    available: doc/README.FLEXRESP, doc/README.FLEXRESP2

  * Upload to experimental until I get wider testing.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Thu, 11 Nov 2010 00:32:49 +0100

snort (2.8.5.2-2) unstable; urgency=low

  * Remove the reverse_order debconf option since Snort no longer supports the
    -o option. The default now in Snort is to have Pass|Alert|Log 
    (Closes: 565567)
  * Change error message in the init.d script to point to /var/log/daemon.log
    for Snort log messages.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Fri, 22 Jan 2010 00:12:52 +0100

snort (2.8.5.2-1) unstable; urgency=low

  * New upstream release 
     - Fixes CVE-2009-3641: possible DoS due to crafted IPv6 packet when
       then -v option is enabled
  * Fix src/snort.c since it is not buildable, it seems that the distributed
    source code has a bug.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Mon, 11 Jan 2010 23:53:05 +0100

snort (2.8.4.1-6) unstable; urgency=low

  * Package rebuild to fix libmysql depedency (Closes: #548831)
  * Remove use_static_footprint_sizes option from the stream5_tcp disassembler
    in etc/snort.conf as the use in production systems is actually discouraged
    [ see http://sourceforge.net/mailarchive/message.php?msg_name=d3a3e6ac0912080843i17a0302te36548e032b4b013%40mail.gmail.com ]
  * Lintian fixes:
     - Remove dh_undocumented from debian/rules
     - Add ${misc:Depends} to all binary packages
     - Use updated debhelper version (5)
     - Update Standards-Version (3.8.3)


 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Wed, 09 Dec 2009 02:05:57 +0100

snort (2.8.4.1-5) unstable; urgency=low

  * Fix snort-stat so that it can generate proper emails even if Classification
    is missing from the alert log, use fix suggested by Pavel Mateja.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sun, 01 Nov 2009 00:43:02 +0100

snort (2.8.4.1-4) unstable; urgency=low

  * Fix init.d so that if 'restart' is executed when no instance is
    running (no pidfile) it will try to start all of instances, just
    if 'start' was executed. (Closes: #540450)
  * Add information on how the init.d script works (Closes: #512810)
  * Fix name of file in README-database.Debian, remove the database
    information from the main README.Debian file. (LP: #302218)
  * Fix bug in debian/clean-sources.sh script (Closes: #547316)
  * Use a patch provided by Dave Walker <DaveWalker_AT_ubuntu.com>
    to prevent starting snort-mysql|pgsql if the database is not configured 
    yet. This bug cannot be really fixed until we use dbconfig-common
    here to ask for all the database information to the user
    through Debconf. (LP: #222091) (Closes: #545082)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Wed, 23 Sep 2009 01:35:05 +0200

snort (2.8.4.1-3) unstable; urgency=low

  * Change the log message in debian/snort.init.d so people are not led to
    believe they need a /etc/snort/snort.$iface.conf configuration file,
    /etc/snort/snort.conf is usually just fine.
  * Lintian fixes:
   - Fix long lines in changelog
   - Fix debconf priority in configuration scripts (error -> high)
   - Do not install README.WIN32 in snort-doc's documentation
   - Do not ignore errors on snort-rules-default.{postrm, preinst}

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sun, 02 Aug 2009 18:27:04 +0200

snort (2.8.4.1-2) unstable; urgency=low

  * Rebuild and upload to unstable. (Closes: 528496)
  * As acknowledged by upstream and confirmed by users, this release fixes a
    segfault in snort-mysql (Closes: 536144)
  * Updated Russian po-debconf translation provided by Yuri Kozlov 
    (Closes: 528677)
  * Change syslogd dependency in snort, snort-pgsql and snort-mysql to rsyslog 
    since that is the default syslog daemon now. (Closes: 526916)
  * Remove the syslog dependency from snort-common and snort-rules-default

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sat, 01 Aug 2009 17:50:30 +0200

snort (2.8.4.1-1) experimental; urgency=low

  * New upstream release. 
  * Only provided the latest release notes at debian/snort-common.docs, move
    older RELEASE notes to docs/
  * Update the doc list at debian/snort-doc.docs with the contents from
    doc/ (new READMEs). Add also the old RELEASE notes for reference.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Tue, 09 Jun 2009 02:33:43 +0200

snort (2.7.0-26) unstable; urgency=low

  * Fix bug in snort-pgsql and snort-mysql's configuration script introduced in
    the previous upload. They were using the wrong debconf keys which made
    maintainer scripts fail. (Closes: #526915)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Tue, 05 May 2009 01:29:37 +0200

snort (2.7.0-25) unstable; urgency=low

  * Use src/output-plugins/spo_database.c from the 2.8.4.1 release. This
    version includes the necessary code to configure the mysql connection so
    that it reconnects to the database in case the connection gets lost. This
    might happen if too few events are logged in Snort and the database
    connection timeouts. (Closes: #449568) 
  * Copy over src/ipv6_port.h from 2.8.4.1 and include it in
    src/output-plugins/spo_database.c
  * Update Japanese translation for the templates, thanks to Hideki Yamane
    (Closes: 510704)
  * Move the code that detects if interfaces are down over to snort-pgsql and
    snort-mysql.  This way, if the interface defined is not available it will
    prompt again, raising the debconf priority (Closes: #502084) 
    (LP: #477590, #655116)
  * Change all the config_parameters debconf input from 'medium' to 'error'
  * Change all the needs_db_config debconf questions from 'medium' to 'high'
    since users that do not see this note will end up with a non-functioning
    package.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sun, 03 May 2009 23:40:26 +0200

snort (2.7.0-24) unstable; urgency=low

  * Remove the LogMessage associated with fragmented traffic since it shows up
    even in systems that do not have ttl_limit set.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sat, 28 Feb 2009 13:03:22 +0100

snort (2.7.0-23) unstable; urgency=high

  * Fix error in call to LogMessage (missing parameters) which caused a segfault
    when fragmented packages were received and ttl_limit was set.  This bug was
    introduced in the patch to fix CVE-2008-1804. Urgency set to 'high' as in
    some circunstances it makes Snort fail to start on startup or die after
    working for only a few minutes. Also, this could be used as a DoS attack
    against an IDS sensor rendering it useless.(Closes: 503992)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sat, 21 Feb 2009 12:11:33 +0100

snort (2.7.0-22) unstable; urgency=low

  * Include patch from dato to make the package binNMU-safe
  * Remove debian/CVS and debian/my/CVS
  * Fix bug in snort-stat that made it miss alerts generated by preprocessors (they only contain
    Priority) as well as fix the setting of $alert->{PRIORITY} for alerts
    generated by rules. Thanks for Gabor Gombas for the patch. (Closes: #500215)
  * Lintian fixes:
    - Use Standards Version 3.8.0, no changes needed.
    - Make snort-rules-default.postrm run with 'set +e' and append '|| true' to
      rmdir calls so that the script does not abort if the directories are not
      empty.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Wed, 05 Nov 2008 00:15:40 +0100

snort (2.7.0-21) unstable; urgency=low

  * Reupload to unstable, build with proper libraries. Fix mess introduced
    by previous upload.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Wed, 29 Oct 2008 00:01:54 +0100

snort (2.7.0-20.3) testing-proposed-updates; urgency=low

  * Reupload to testing to *really* depend on newer libpcre.
  * Include patch from dato to make the package binNMU-safe
  * Remove debian/CVS and debian/my/CVS

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Tue, 04 Nov 2008 22:35:26 +0100

snort (2.7.0-20.2) testing-proposed-updates; urgency=high

  * Upload to testing-proposed-updates to fix security bug CVE-2008-1804 (see
    below). This package cannot go through sid since the sid build uses a
    newer libpcre version not available in lenny. (Closes: #483160)
          
 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Tue, 28 Oct 2008 21:32:48 +0100
           
snort (2.7.0-20) unstable; urgency=high

  [ CVE-2008-1804 ]
  * Fix error in preprocessors/spp_frag3.c that prevented Snort from properly
    identifying packet fragments that had dissimilar TTL values, which allowed
    remote attackers to bypass detection rules by using a different TTL for
    each fragment. Also update src/generators.h to include the new FRAG3_MIN_TTL
    defines (Closes: #483160)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Wed, 22 Oct 2008 01:33:34 +0200

snort (2.7.0-19) unstable; urgency=low

  * Make the snort_rules_update example script use bash instead of sh.
    (Closes: #489662)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sat, 09 Aug 2008 22:31:47 +0200

snort (2.7.0-18) unstable; urgency=low

  * Romain debconf translation provided by Eddy Petrior (Closes: 486137)
  * Swedish debconf translation provided by Martin Bagge (Closes: 491785)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Mon, 28 Jul 2008 22:39:37 +0200

snort (2.7.0-17) unstable; urgency=low

  * Include the README-database-upgrade.Debian in the documentation of the
    database packages, I forgot to do this in -15

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Fri, 02 May 2008 11:52:12 +0200

snort (2.7.0-16) unstable; urgency=low

  * Lintian fixes:
    - NEWS file now says unstable instead of experimental
    - copyright file is now UTF-8
    - wrap around files in the changelog
    - remove empty /usr/src directory from snort-common-libraries
    - fix spelling error in NEWS file
    - fix manpage error in snort.8
    - change doc-base sections to Network/Monitoring

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Fri, 02 May 2008 10:28:21 +0200

snort (2.7.0-15) unstable; urgency=low

  * Update to Standards-Version 3.7.3:
    - Have the logrotate script call invoke-rc.d if available to do the 
    'right thing' if the admin has configured Snort to not run by default.
  * Copyright review:
     - Add copyright statements to the debian/copyright
     - Note that the Snort source code is distributed as GPL 2 only (not
     version 3)
     - Create a copyright_review.sh shell script to review the contents of
     the sources and find new copyright statements
     - Point in debian/copyright to the GPL-2 file, not to GPL (which is v3)
  * Expand brace-expanded content in debian/rules to prevent bashism 
    (Closes: #478627)
  * Modify the provided snort_rules_update to use oinkcodes, note
    in the script that the use of 'oinkmaster' should be preferred
    (Closes: 314483)
  * Remove Homepage: from binaries package when redundant with the
    source package.
  * Handle in the init.d script the case of interfaces being available
    but not up, thanks to Drew Parsons for an exhaustive analysis and
    patch (Closes: #471462)
  * Remove header files from the snort-common-libraries package. If users
    request it back I will create a snort-common-libraries-dev package
    providing these headers (Closes: 440842)
  * Database upgrade:
      - Added README-database-upgrade.Debian to describe the steps that
      need to be done to upgrade the Database, also update upstream's
      (cursory) documentation to describe the v107 changes (Closes: 445334)
      - [src/output-plugins/spo_database.c] Modify the text messages to 
      point users to the proper location of documentation in Debian
      systems as well as to the (Debian-specific) documentation 
      related to databases.
      - Tell users (through NEWS.Debian) that the schema changed from
      2.6 to 2.7 and they will need to upgrade their database.
  * Include the RELEASE NOTES for older releases and provide all of them
    (for the 2.3, 2.4, and 2.6 releases) as users might find them useful
    for upgrade purposes (Changelog might be too detailed)
  * Debconf templates and debian/control reviewed by the debian-l10n-
    english team as part of the Smith review project. Thanks to
    Christian Perrier for his hard work getting this done (Closes: #469803)
  * [Debconf translation updates]
    - Italian translation, updated by Gianluca Cotr (Closes: #477056)
    - Galician translation, updated by Jacobo Tarrio (Closes: #474622)
    - Portuguese translation, updated by Traduz (Closes: #475086)
    - German translation, updated by Erik Schanze (Closes: #477082)
    - Vietnamese translation, updated by Clytie Siddall 
      (Closes: #477324, #478223)
    - French translation, updated by Christian Perrier  
      (Closes: #478229, #478230)
    - Czech translation, updated by Jan Outrata (Closes: #478246)
    - Russian translation, updated by Yuri Kozlov (Closes: 478303)
    - Dutch translation, updated by Peter Vandenabeele
    - Spanish translation, updated by myself
  * [New Debconf translations]
    - Basque translation, provided by Piarres Beobide (Closes: #475457)
    - Finnish translation, provided by Esko Esko Arajärvi 
      (Closes: #475648, #478211)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sun, 27 Apr 2008 21:58:37 +0200

snort (2.7.0-14) unstable; urgency=high

  * Move installation of the snort.default file from the install-indep rule to
    the install rule. This error was preventing /etc/snort/default from being
    created in the Snort binary packages and, consequently, the init.d would
    fail to start properly and the package would not install (Closes: #471895,
    #473282)
  * Add libgnutls-dev Build-Depend (Closes: #476651)
  * Fix typo in the name of the community rules in snort.conf, thanks to
    David Gil for providing a patch (Closes: #470881)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sun, 20 Apr 2008 21:39:47 +0200

snort (2.7.0-13) unstable; urgency=low

  * Make the build: target be an empty one, instead of having it depend on
    both build-arch and build-indep
  * Remove texlive-latex-recommended from Build-Depends-Indep as suggested by
    James Vega

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sun, 16 Mar 2008 00:16:47 +0100

snort (2.7.0-12) unstable; urgency=low

  * Add texlive-latex-recommended to Build-Depends-Indep since refcount.sty
    and kvoptions.sty are used 
  * Have the binary-{arch,indep} depend on install-{arch,indep} instead
    of in the install target.
      - Move install calls related to snort-common to the install-indep target
  * Add some sty files to the build-indep checks in debian/rules so that the
    documentation is not compiled unless all are available. Yes, buildds are
    stupid enough to pre-install latex, make the previous checks insufficient
    and *still* call the build (not build-arch) target! (Closes: #445113)
  * Unindent comments in debian/rules so that they do not show up.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sat, 15 Mar 2008 20:13:34 +0100

snort (2.7.0-11) unstable; urgency=low

  * Make the init.d script not depend on the availability of iproute.
    (Closes: #463020, #466674) 
  * Added a Recommends on iproute, as it can be used to improve the
    behaviour of the initd script.
  * Modify the init.d script to remove also the lockfiles for PIDFILEs
  * Move snort-doc to Suggests in the snort package and add it to snort-pgsl
    and snort-mysql too.
  * Fix FTBFS on GNU/kFreeBSD (due to unsatisfied Build-Depends on
    iptables-dev), thanks to Petr Salinger for the fix (Closes: #466073)
  * Modify src/snort.c to prevent it from showing a message when it tries to
    remove the PIDFILE. This fails in Debian since Snort is not running 
    as the root user and the daemon cannot modify /var/run. The code is 
    changed so that the error message related to not being able to remove the
    PIDFILE is only presented if running as root or writing the PIDFILE to a
    directory that is not /var/run. (Closes: #462423)
  * Po-debconf translation updates:
      - Fix error in Italian translation (Closes: #462865)
      - Japanese translation update, provided by Hideki Yamane (Closes: #463650)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sun, 24 Feb 2008 22:21:09 +0100

snort (2.7.0-10) unstable; urgency=low

  * Add a new ALLOW_UNAVAILABLE definition in /etc/default/snort which
    makes the init.d not complain if a configured interface is not available.
    Also make the init.d script not break if no instances are configured
    through debconf (to make it possible to use snort using just if-up.d
    by providing a given interface instance as a 'start' parameter)
    (Closes: #458823)
  * Fix typo in templates, unfuzzy translations I can "understand" and
    which seem to have fixed the typo themselves.
  * Po-debconf updates:
    - Update German translation provided by Erik Schanze (Closes: #462674)
    - Updated Italian translation provided by Gianluca Cotr (Closes: #462865)
    - Romanian translation provided by Eddy Petrisor (Closes: #460344)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sun, 27 Jan 2008 11:12:05 +0100

snort (2.7.0-9) unstable; urgency=low

  * Modify debian/rules to prevent autobuilders from building 
    the binary-independent components: (Closes: #445113)
    (Thanks dato for the tip)
     * Create a new Build-Depends-Indep with all the TeX components used
       to build documentation
     * Since autobuilders call build, which in turns calls build-indep, hack
       the debian rules file so that the documentation is only built
       if ps2pdf, dvips and pslatex are available. 
  * Enable prelude support in all variants (Closes: #458790)
  * Debconf translation updates:
     - Dutch, provided by Peter Vandenabeele
     - Vietnamese, provided by Clytie Siddall (Closes: #458161)
     - Portuguese, provided by Miguel Figueiredo (Closes: #458214)
     - Galician, provided by Jacobo Tarrio (Closes: #458533)
     - French, provided by Christian Perrier (Closes: #458621)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Mon, 31 Dec 2007 00:31:13 +0100

snort (2.7.0-8) unstable; urgency=low

  * Rewrite debian/rules:
      - the documentation does not get build on the binary-arch target,
      (Closes: #445113) 
      - there is now a install-dep and install-arch
      - install-* dependencies do not depend on build
      - create a 'clean-sources' target, used only by the 'clean' target
      - create a clean_sources.sh script to clean the sources properly before
        each run
      - call 'clean_sources.sh' before a binary (pgsql, mysql...) is built to
        prevent the binary-* rule from calling 'distclean' at the end of each
        run (and thus making issues more difficult to debug)
      - generate a configure target and use it when building both -arch
        and -indep (needed to generate doc/Makefile)
      - copy, instead of moving, the binaries, so the 'install' target 
        is more idempotent (still have to use dh_install more to make it so)
  * Change Maintainer's email address
  * Create a mechanism to generate all the templates using a "template of
    templates" since all the questions where the same with small differences
    per package.
      - Also fixed snort-inline templates, which were not correct (pointed
        to the wrong configuration file)
      - Update Spanish translation myself
  * Change the init.d script so it behaves like LSB demands:
      - Do not exit with error if there are no running instances and we
        try to stop
      - With 'status', exit with a 1/3 error based on the existence (or not
        of the pidfiles)
      - Dot not exit with error when trying to start an instance that is
        already started (use running() for that)
      - Check if the user is root before attempting to star/stop/restart
      - Adjust to LSB exit values (instead of just using always '1', use
        3-6 to indicate several different errors)
  * Lintian cleanup:
      - Move Homepage: from the description to a pseudo-header in
      debian/control
      - do not ignore distclean errors
      - remove call to dh_suidregister, we did not use it
      - add DEBHELPER token to snort-common.postinst
      - update config.guess and config.sub with automake's 1.7 versions
        (this is not done automatically in the package, however)
      - replace ${Source-Version} substvar with ${binary:version}
      - Move the configuration check of snort-common over to the config
        script and leave the postinst only to check the status of the
        init.d script. Also, modify the snort-common.postinst so it only
        does the configuration check if invoke-rc.d (if installed)
      - Fix 'malformed-title-in-templates' in all templates by removing
        the ending dot
      - Fix the 'malformed-prompt-in-templates' by adjusting the contents
        of all the titles affected
      - Shorten the length of the 'interface' template
      - Fix syntax on debian/NEWS
      - Remove empty dirs

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Thu, 27 Dec 2007 09:14:00 +0100

snort (2.7.0-7) unstable; urgency=low

  * Remove empty comment line in lsb headers

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Mon, 01 Oct 2007 03:01:26 +0200

snort (2.7.0-6) unstable; urgency=low

  * Create a separate snort-libraries package and move all the libraries that
    were previously (wrongly) included in the snort-common package there
    (Closes: #439642)
  * Add proper LSB headers, license and copyright to the init.d file
  * Also add proper messages to the init script and proper checks to generate
    the correct errors when non-root users try to run the script. Exit status
    of the script should now reflect better the problems found.
  * Removed dependencies on essential packages (coreutils)
  * Recode Debian changelog to UTF-8

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Mon, 01 Oct 2007 01:24:32 +0200

snort (2.7.0-5) unstable; urgency=low

  * Initialise variables in preinst to prevent collisions with predefined
    environment variables (Closes: #443481)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Fri, 21 Sep 2007 22:49:25 +0200

snort (2.7.0-4) unstable; urgency=low

  * Fix phrase in the NEWS file

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Wed, 29 Aug 2007 18:26:45 +0200

snort (2.7.0-3) unstable; urgency=low

  * Move over the package to unstable.
  * Fix FBTFS at Ubuntu due to snort_manual.tex still using latex2html's
    html.sty. Thanks Michael Bienia for spotting this and point at the
    issue with a patch (Closes: 436244)
  * Fixed a typo in the French translation (Closes: 432840)
  * Fix documentation errors in debian/README-database.debian. (Closes: 416400)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Mon, 06 Aug 2007 23:28:02 +0200

snort (2.7.0-2) experimental; urgency=low

  * Fix generation of the common snort binary, which was distributed without
    prelude support.
  * Fix location of dynamic engines in snort.conf
  * Change signatures 1443 and 1444 since there was an error in their
    definition ( Cannot use 'rawbytes' and 'http_uri' as modifiers for the
    same "content" nor use 'rawbytes' with "uricontent". )

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Wed, 01 Aug 2007 02:49:50 +0200

snort (2.7.0-1) experimental; urgency=low

  * New upstream release (Closes: #435417, #404991, #320920, #323985)
     - Fixes DOS attack: CVE-2006-6931 - "Backtracking Algorithmic Complexity"
       DoS against IDS engine (Closes: #407421)
  * Introduce all the rules available from the 2.4 release which are GPL and
    are non-VRT certified, that is, all rules which are outside of the range
    [3,465-1,000,000]. This amounts to a total of 3935 rules (820 of which are
    Community released).
  * In order to handle rulesets with mixed GPL and non-GPL rules two scripts
    have been made available in the source rules/ subdirectory:
        - remove-non-gpl.pl - Given a rules file removes all rules outside
          the above range
        - purge-non-gpl.sh - Given a directory dumps on the local directory
          only rules outside this range.
    In order to limit maintainer overhead the header for modified rulesets has
    not been changed.
  * Include the VRT license file. This file is kept for reference under the
    rules/ dir, although *no* rule in this package is under that non-free license.
  * Include a NEWS.Debian item describing the license change and the rules
    distributed within this package.
    not in the database packages (Closes: #320920)
  * As a consequence of the above Build-Depend on libprelude-dev, iptables-dev
  * Provide support for Prelude in both snort and snort-inline packages but
  * The examples are now included in the -common package instead of having
    them  in all the binary packages

  This package provides support to make an experimental separate binary
  package for inline support: snort-inline, which most of the configuration is
  shared with the snort binary package but the PPP related options have been
  removed. However, snort-inline does not support libnet 1.1 so we cannot
  provide it yet. This has been changed in Snort's code but it's far from
  complete:
       - Make the configure script work with libnet 1.1. 
       - Port parts of the API (some declarations) to 1.1

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Tue, 31 Jul 2007 23:35:06 +0200

snort (2.3.3-15) unstable; urgency=low

  * Include all the community signatures available as of today into the
    snort-signatures package. This means 820 new signatures go in.
  * Sync mappings:
    * Updated the gen-msg.map under rules/ with the maps under etc/ 
    * Updated the sid-msg.map under etc/ with the maps under rules/ 

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Tue, 31 Jul 2007 21:57:46 +0200

snort (2.3.3-14) unstable; urgency=low

  * Use the patch provided by Matt Kraai to fix the FTBFS due to the
    tetex -> Texlive transition. Also make the package Build-Depend 
    on texlive and texlive-latex-base instead of tetex-bin and tetex-extra
    (Closes: 419454)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Sun, 22 Apr 2007 16:41:50 +0200

snort (2.3.3-13) unstable; urgency=low

  * Translations added:
    - Tamil translation, provided by Tirumurti Vasudevan (Closes: #413830)
    - Russian translation, provided by Yuriy Talakan' (Closes: #411822)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Tue, 13 Mar 2007 16:30:52 +0100

snort (2.3.3-12) unstable; urgency=low

  * Translations updated:
    - Czech (Closes: #408619)
    - Swedish
  * New translations
    - Galician, provided by Jacobo Tarrio (Closes: #409651)
    - Italian, provided by Gianluca Cotrino. Slightly edited to fix header. (Closes: #411270)
    - Romanian, provided by Eddy Petrisor (Closes: #409505)
    - Portuguese, provided by Miguel Figueiredo

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Sun, 18 Feb 2007 12:25:45 +0100

snort (2.3.3-11) unstable; urgency=low

  * Restore German translation (somehow removed in previous upload), courtesy
    of Erik Schanze (Closes: #397017)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Tue,  2 Jan 2007 17:26:10 +0100

snort (2.3.3-10) unstable; urgency=low

  * Fix snort-mysql template to prevent translators from duplicating work
    (two templates were nearly identical except for a double space)
  [ Translations update ]
  * Updated Spanish translation
  * Updated Japanese translation, courtesy of Hideki Yamane (Closes: #391894)
  * Updated German translation, courtesy of Erik Schanze (Closes: #397017)
  * Updated Dutch translation, courtesy of Peter Vandenabeele.
  * Updated Vietnamese translation, courtesy of Clytie Siddall
  * Fix error in Catalan translation (which made msgstat fail)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Thu, 21 Dec 2006 19:52:38 +0100

snort (2.3.3-9) unstable; urgency=low

  * Do not try to remove /etc/snort in postrm if it does not exist anymore
    when purging (Closes: #389766)
  * Simplify coreutils dependencies (Closes: #381836)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Sun,  1 Oct 2006 23:29:20 +0200

snort (2.3.3-8) unstable; urgency=medium

  * Fix security issue CVE-2006-2769, potential evasion in URI content
    buffers. This evasion only applies to Apache protected servers since
    that server supports some characters. The patch used is from 2.4.5
    and is *not* the one provided by Demarc (which is not fully
    comprehensive and is much more intrusive).
    Since this is an evasion issue and not a real security issue 
    thus the 'medium' urgency even though it fixes security bug (Closes:
    #381726)

    From upstream (snort.org webpage, News item "Possible Evasion in
    http_inspect"): 

     «The Apache web server supports special characters in HTTP requests that
     do not affect the processing of the particular request. The current
     target-based profiles for Apache in the http_inspect preprocessor do not
     properly handle these requests, resulting in the possibility that an
     attacker can bypass detection of rules that use the "uricontent" keyword
     by embedding special characters in a HTTP request.»

     «It is important to note that this is an evasion and not a vulnerability.
     This means that while it is possible for an attacker to bypass detection,
     Snort sensors and the networks they protect are not at a heightened risk
     of other attacks.»

  * Backport fix of another (different) potential evasion in Stream4 (also in
    the Snort 2.4.5 release, no CVE name)
  * Relocate Czech translation, it was not under debian/po
  * Add a warning in /etc/default/snort that the SNORT_USER will be 
    modified (with usermod) every time you reinstall the package
    (don't change it to 'root'!)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Thu, 10 Aug 2006 00:44:36 +0200

snort (2.3.3-7) unstable; urgency=low

  * *Really* recompile to use latest libmysqlclient libraries (Closes:
    #366748)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Sat,  3 Jun 2006 15:20:57 +0200

snort (2.3.3-6) unstable; urgency=medium

  * Recompile to use latest libmysqlclient libraries (Closes: #366748)
  * Remove the following unused dependencies as suggested by  Stefan Huehner:
    libsnmp4.2-dev and libssl-dev (and their --with calls in debian/rules) . I'm
    still keeping the coreutils | fileutils dependency since I still want to
    compile this package in woody.(Closes: #365874)
  * Also remove DH_COMPAT from debian/rules as suggested by  Stefan Huehner in
    #365874
  * Move 'debian/my/lisapaper.txt' to snort-doc.docs and remove from snort,
    snort-pgsql and snort-mysql doc files (Closes: #340091)
  * Have faq.tex use hyperref.sty instead of latex2html's html.sty and comment
    the \latexonly definitions. This makes latex2html unnecessary to
    build the package (Closes: #365872)
  * doc-base files now point to the compressed PDF documents (lintian fix)
  * Updated debconf translations:
    - French translation provided by Christian Perrier (Closes: #359285)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Mon, 29 May 2006 20:05:29 +0200

snort (2.3.3-5) unstable; urgency=low

  * Updated Build-Dependencies to use libmysqlclient15-dev instead of the 
    old libmysqlclient10 library (Closes: #356706)
  * Add a 'DEBIAN_SNORT_SEND_STATS' option (controlled by debconf) to allow
    users to define if snort should send daily stats. Users that want to
    change the frequency should manually move over the cron.daily script
    to other cron.XXX locations (Closes: #353035)
  * Updated debconf translations:
    - Dutch translation with patch provided by Peter Vandenabeele
    - Spanish Debconf translation ('send_stats' template)
  * Do not indent '@' in the e-mail of users that receive the stats (Closes: #335803)
  * Preliminary code (only in snort.config) to detect if the default interface
    is up when configuring Snort, the Debconf question priority is raised if
    the interface is not up or it does not exist and the user is pestered
    if he still provides an invalid answer (unless he doesn't see the
    question, which is the case if running with debconf priority set to
    'high', in this case, we bail out)
    Note: will introduce this in the DB packages after it gets some testing
    out there.
  * Change the Debconf priority of the note that warns that  the configuration
    is not working to 'critical' (was 'high')
  * Acknowledge NMU made by Margarita:
    * Drop automake1.6 dependency in Build-Depends (Closes: #335143)
    * Updated config.guess and config.sub with the latest versions available
      to prevent FTBFS on GNU/k*BSD (Closes: #342446)
    * Updated german debconf translation with patch provided by Erik Schanze 
      (Closes: #345855)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Wed, 22 Mar 2006 02:09:01 +0100

snort (2.3.3-4) unstable; urgency=low

  * Build-Depend on newer automake version: 1.7 (Closes: #335143)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Tue, 17 Jan 2006 02:10:41 +0100

snort (2.3.3-3) unstable; urgency=low

  * Properly remove the snort user on purge.

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Thu, 20 Oct 2005 01:13:47 +0200

snort (2.3.3-2.1) unstable; urgency=low

  * NMU to drop automake1.6 dependency (Closes: #335143)
  * Updated config.guess and config.sub (Closes: #342446)
  * Updated german debconf translation (Closes: #345855)

 -- Margarita Manterola <marga@debian.org>  Sun, 22 Jan 2006 21:54:43 -0300

snort (2.3.3-2) unstable; urgency=high

  * Backport the following changes introduced in 2.4.1. Upstream changelog:
      * src/log.c:
        Fix problem in sniffer mode when incomplete TCP option data is received.
        Thanks A Hernandez for the find.
    (Closes: #328134)
    Note: This is a "security" bug but no CVE is assigned, it is actually
    something that can happen only if a Snort user willingly shoots himself
    on the foot (uses ASCII logging mode) or if he uses the fast output
    mode with some non-default options.
    For a detailed view see:
    Martin Roesch's mail "Snort DoS Fallacies" to snort-users and bugtraq:
    http://marc.theaimsgroup.com/?l=bugtraq&m=112665341207363&w=2
    http://marc.theaimsgroup.com/?l=snort-users&m=112657845119746&w=2
    http://marc.theaimsgroup.com/?l=snort-users&m=112667020331513&w=2
    http://marc.theaimsgroup.com/?l=snort-devel&m=112672013010948&w=2
    and also
    http://www.snort.org/pub-bin/snortnews.cgi#58
    To summarise: The only recommended alert methods in a production sensor
    are unified, syslog or database. And unified is The Right Way to run
    a sensor (others have important performance issues under high load )
    NOTE to Debian Security teams: I don't believe this bug merits a DSA 
    (or a DTSA for that matter)
    (Closes: #328134)
  * Backport the following changes introduced in 2.4.2. Upstream changelog:
      * src/output-plugins/spo_log_database.c:
      * schemas/create_mysql:
        Fixes to address schema being a keyword in MySQL 5.0.  Thanks Wes Young,
        Adolfo Gomez, and Aleem Mawji for the updates.
    (Closes: #327791)
  * Added Swedish translation provided by Daniel Nylander (Closes: #330834)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Fri, 30 Sep 2005 21:21:43 +0200

snort (2.3.3-1) unstable; urgency=low

  * New upstream release.
  * Use upstream's FAQ in PDF format instead of debian/my/FAQ.txt, also
    have the FAQ available only in the snort-doc package (after fixing 
    the Makefile so that the faq.tex file does not get removed on distclean)
  * Fix typo in snort.8 manpage (Closes: #326538)
  * Fixed address of the FSF in debian/copyright
  * Updated debconf translations:
    - Vietnamese provided by Clytie Siddall

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Wed, 31 Aug 2005 19:47:16 +0200

snort (2.3.2-8) unstable; urgency=low

  * _Really_ use debhelper compat version 4 now
  * Remove debian/*conffiles since debhelper now marks them as config files

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Sat, 27 Aug 2005 01:50:40 +0200

snort (2.3.2-7) unstable; urgency=low

  * Fix lintian warnings
  * Fix error in database config scripts (when not upgrading, the
    wait_for_db_config key does not exist) (Closes: #325223)
  * Updated debconf translations:
     - French provided by Christian Perrier

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Thu, 25 Aug 2005 21:52:19 +0200

snort (2.3.2-6) unstable; urgency=low

  * Add Dependency on "debconf | debconf-2.0" as requested by Joey Hess
  * Use Debhelper compatibility version 4
  * New mechanism for database packages:
    - Introduce a mechanism to create /etc/snort/db-pending-config on
      initial installation of the database packages.
    - Have the init.d script abort the start attempt if the 
      /etc/snort/db-pending-config file exists.
    - Describe how to setup the database support in README-database.Debian
      and install this document in the database packages.
      (Closes: #205683, #219696, #265735, #265878, #290104, #291616)
  * po-debconf changes:
    (still waiting a little bit before switching to dbconfig-common)
    - Sinchronise all the debconf templates of the different snort 
      variants.
    - Change the wait_for_db_config message, now called 'needs_db_config'
      and provides slightly different information.
    - Fixed typos in German debconf translation courtesy of Jens Seidel
      (Closes: #313906)
    - Added Japanese translation contributed by Hideki Yamane
      (Closes: #310096)
    - Added Vietnamese translation contributed by Clytie Siddall 
      (Closes: #318695)
    - Added Czech translation contributed by Jan Outrata (Closes: #321738)
    - Updated the Spanish translation.
    - Improve the debconf dialog with suggestions from Justin B Rye
      (Closes: #306269)
    - Fix the templates so that all the files use the same strings, that
      should reduce the workload of translating almost identical lines.
      (but also fuzzies more of the translations above)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Thu, 25 Aug 2005 14:59:29 +0200

snort (2.3.2-5) unstable; urgency=medium

  * Medium priority since it seems some buildds are not auto building
    snort ok and this changes fix it.
  * Use PostgreSQL 8.0 now as requested by Martin Pitt. Basicly just
    changed the build-depends and use 'pg_config --includedir' when
    setting the location of the PostgreSQL location. 
  * Changes to configure.in: (Closes: #313499)
    * Fixed configure.in so that it uses the --with dir directly first
      (intead of looking for $i/include and stuff like that). 
    * Fixed configure.in so that it outputs the PostgreSQL directories 
      it tested by fixing a typo.
    * Have all ERROR messages abort with an exit 1 so that the Makefile breaks
      and we will notice the error if doing an automatic build.


 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Tue, 14 Jun 2005 19:33:49 +0200

snort (2.3.2-4) unstable; urgency=low

  * Snort, snort-pgsql and snort-mysql now depend on either coreutils
    or earlier packages which provided 'stat'. This should prevent
    partial-upgrades of woody systems which prevent snort's init scripts
    from running (Closes: #311616)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Fri,  3 Jun 2005 16:24:50 +0200

snort (2.3.2-3) unstable; urgency=high

  * Pre-Depend on adduser since we use it on preinst
  * Changed debian/TODO
  * Snort-common now Replaces old snort versions (1.8.4beta1-1) since
    the configuration files where moved there from snort. 
    Save for the ppp configuration file which was moved from snort-common to
    snort. Snort now Replaces snort-common versions previous to 2.0.2-3, 
    that introduced the change, cannot conflict since we will end up with
    circular dependencies. (Closes: #311257)
  * Check MD5sums before rule files are moved from the old location to the
    new one in snort-rules-default's preinst when upgrading.
    If the files have not been changed from the ones provided
    by the woody version then remove them (Closes: #311263)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Wed,  1 Jun 2005 09:47:04 +0200

snort (2.3.2-2) unstable; urgency=low

  * Have snort-common Conflict on versions prior to the Source-Version to
    prevent users upgrading snort-common without upgrading snort.
    (Closes: #300785
  * Fixed homepage location of Snort (Closes: #300727)
  * Fixed snort-stat so it can be used when the -y option is used with Snort,
    thanks to the patch provided by Chirik (Closes: #200276)
  * Updated German translation courtesy of Erik Schanze 

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Tue, 22 Mar 2005 01:26:55 +0100

snort (2.3.2-1) unstable; urgency=low

  * New upstream release. 
    - Fixes some bugs in preprocessors
    - Rules updates
  * Fixed format of NEWS file, updated the version of the changelog entry so
    that everybody will read it on next upgrade (Closes: #299334) 
  * Added debconf french translation provided by Christian Perrier (Closes: #299016)
  * Updated debconf dutch translation provided by  Peter Vandenabeele (Closes: #296152)
  * The PPP script will now use the new /etc/default/snort mechanism 
    (Closes: 298003

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Mon, 14 Mar 2005 13:26:45 +0100

snort (2.3.0-7) unstable; urgency=low

  * Do not change the permissions of /var/log/snort/ and 
    /etc/snort/snort.conf if the administrator has setup an override
    using dpkg-statoverride (Closes: #296927)
  * Updated translation to Catalan with the one provided by Aleix Badia i
    Bosch

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Sat, 26 Feb 2005 13:09:14 +0100

snort (2.3.0-6) unstable; urgency=low

  * Added tetex-extra to Build-Depends (Closes: #296814)
  * Refer to the proper file in debconf template (Closes: #296809)
  * Updated the spanish debconf translation.

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Fri, 25 Feb 2005 00:43:19 +0100

snort (2.3.0-5) unstable; urgency=low

  * Upload of the experimental package to unstable
    Even though I don't get to fix #205683 and friends (and I would
    like to, before the release)
    This release Closes #283816, #241995, #289405, #247603
  * Do not rotate log files if empty (Closes: #193299)
  * Added dutch translation (Closes: #247603)
  * Added yet another TODO item

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Tue, 22 Feb 2005 21:36:40 +0100

snort (2.3.0-4) experimental; urgency=low

  * Call dh_installdocs with -i or -a depending on target, rename
    (Closes: #295228, #294755)
  *  NEWS.Debian file to NEWS 

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Tue, 15 Feb 2005 08:33:34 +0100

snort (2.3.0-3) experimental; urgency=low

  * Create manual in build-indep location (Closes: #294755) 
  * Fixed location of snort_manual and lisapaper in their respective
    doc-base files.
  * Added a reference to the FAQ through a new doc-base file.

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Sat, 12 Feb 2005 12:23:35 +0100

snort (2.3.0-2) experimental; urgency=low

  * Improved postrm purge action by removing also obsolete configuration
  (since it's no longer in the conffiles) and the group. Also, synced all
  postrm scripts (mysql did not included the rmdir /etc/snort code)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Wed,  9 Feb 2005 08:44:05 +0100

snort (2.3.0-1) experimental; urgency=low

  (First attempt at experimental, to avoid breaking installations running sid)
  * New upstream release 
  * This version now uses libnet1, changed Build-Depends (Closes: #241995)
  * Introduced /etc/default/snort and removed /etc/snort/common.parameters
    this makes it easier to check for common situations (parsing the parameter
    file is quite complicated). The old common.parameters file is moved
    over to /etc/default/snort automatically, but retained in case
    the parsing has not been done properly (and will not be used until
    the common.parameters file is removed). This is described in the
    NEWS.Debian file.
  * Fixed the postint call so that the passwd and group are checked before
    they are created. Also fix chown call (still used '.' instead of ':')
  * Introduce a check for the status of Snort's logdirectory, it checks if
    it belongs to Snort (Closes: #247603)
  * This release provides debconf support for snort sensors in 
    multiple interfaces (Closes: #283816)
  * Run update-debconf, seems I had not done this when I last made changes
    in the templates in 2.2.0-8
  * Included the documentation available, including signatures. Also
    added the LaTeX manual included as well as the additional Build-Depends
    on tetex-bin and gs-common
  * Updated the FAQ (was about time!) from http://www.snort.org/docs/FAQ.txt
  * Added a README.docs file (pointing people to more documents)
  * Updated translations:
    - German, provided by Erik Schanze (Closes: #289405)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Wed, 26 Jan 2005 09:18:53 +0100

snort (2.2.0-9) unstable; urgency=low

  * Removed old (obsolete) converstion of PPPENV in /var/tmp in postinst
    which actually might open up security holes when using dialup access
    and installing/upgrading the package.
  * Updated translations:
    - Japanese, provided by Hideki Yamane (closes: #283128)
    - French, provided by Christian Perrier (closes: #284559)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Mon, 20 Dec 2004 01:35:21 +0100

snort (2.2.0-8) unstable; urgency=low

  * Updated the README.Debian file with proper information on how to setup
    multiple interfaces and rewrote the Debconf question to specify that
    it can be used to define multiple interfaces (Closes: #283816) 
  * Added some additional TODO notes

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Wed,  1 Dec 2004 17:04:38 +0100

snort (2.2.0-7) unstable; urgency=low

  * Make snort-common Arch: all (Closes: #278987) 
  * The installation will now check if you are using a configuration that
    will not be able to work with the current Snort version and will forewarn
    you. The package installation will still fail (if Snort is started
    automatically) but the administrator will be pointed to where the
    error is (Closes: #165107)
  * Use dh_installman instead of dh_installmanpages and provide proper
    PACKAGE.manpages file since dh_installmanpages now fails to create the
    snort-common package properly.
  * Updated to the latest rules snapshot
  * Added an 'update-rules' target in debian/rules that downloads the 
    latest rules snapshot and installs it in the package.
  [ Translations ]
  * Dutch update, provided by cobaco (Closes: #278719)
  * Japanese update, provided by Hideki Yamane (Closes: #279028)
  * French update, provided by Christian Perrier (Closes: #279833)
  * German update, provided by Erik Schanze (Closes: #280964)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Sat, 30 Oct 2004 22:47:34 +0200

snort (2.2.0-6) unstable; urgency=low

  * Added a 'config-check' option in init.d to test the user's configuration
    file. This could be used to determine (in postinst) if snort should be
    restarted and warn the user (not yet done). This will help fix #165107,
    #165351 (since similar user mistakes would be detected), #276565 and
    #247665.
  * Added more information to the TODOs
  * Moved DEBIAN_TRESHOLD to DEBIAN_THRESHOLD (save for the debconf value
    in order to avoid reseting it) (Closes: #256581)
  * Removed double space in template (Closes: #275936)
  * The snort-rules package now Suggests: snort instead of depending on it
    (Closes: #249697)
  * Updated rules with the latest snapshot.

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Mon, 25 Oct 2004 23:47:45 +0200

snort (2.2.0-5) unstable; urgency=low

  * Rules update 

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Wed, 13 Oct 2004 12:11:21 +0200

snort (2.2.0-4) unstable; urgency=medium

  * Fix typo introduced in previous upload that prevents
    ppp init script from loading properly common.parameters (Closes: #275439)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Fri,  8 Oct 2004 09:50:06 +0200

snort (2.2.0-3) unstable; urgency=high

  * Added config-file discovery to ppp init.scripts so that Snort is
    started (-c) with the proper configuration file if available or 
    snort.conf if not. Setting high severity so that users running
    Snort with PPP don't end up with a full /var filesystem (Closes: #268707)
  * Fixed bashism in /etc/ppp/if-up.d/snort
  * Modified the init.d an if-up.d scripts so that
    /etc/snort/snort.common.parameters is only used if it exists.
  * Snort-rules-default now Recommends: oinkmaster 
    now that it is in the archive (accepted 01 Oct 2004), this does not
    close #191105 since IMHO a better signature update mechanism should 
    be introduced. Also updated the related TODO item.
  * Added a FAQ Q&A regarding rule updates in README.Debian
  * Added code to detect for deprecated preprocessors and warn the user,
    curretnly the code will not touch the configuration files himself and
    will not detect if you are using the standard package configuration file.
    It will prevent users from having configuration issues, however
    (Closes: #247665)
  * Modified the init.d file so you can use 'status' to determine if
    the Snort sensors are up or not.
  * Updated the 2.2 rule set with the snapshot provided at snort.org, new rules
    include detection of the recent JPEG exploit (Closes: #274244)
  * Fixed typo in templates (unfuzzied modified entries) and updated
    JA translation provided by Hideki Yamane (Closes: #273138)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Sat,  2 Oct 2004 12:41:50 +0200

snort (2.2.0-2) unstable; urgency=low

  * Taking over maintainership of this package (Closes: #265343)
  * Have  Snort{,-mysql,-pgsql} depend on the same versions of the
    common packages (was not done in the previous release)
  * Updated JA translation (Closes: #271755)
  * Added a list of todo items in debian/TODO

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Wed, 15 Sep 2004 10:42:43 +0200

snort (2.2.0-1) unstable; urgency=low

  + The 'Please Adopt Me!' release.

  + Fixed build-depends on libpcap0.8-dev closes: #263923
  + Fixed failure to start on multiple interfaces, each interface
    now uses it's own configuration file. Closes: #248908
  + Snort{,-mysql,-pgsql} depend on the same versioned rules + common
    Closes: #257078
  + NL, DE, pt_BR, FR, JA translations added
    Closes: #265508, #264301, #246553, #246374, #239206
  + New upstream release closes: #262297
 
 -- Sander Smeenk <ssmeenk@debian.org>  Sun, 15 Aug 2004 15:24:39 +0200
  
snort (2.1.2-2) unstable; urgency=low

  ! Once again: Thanks Mario 'BitKoenig' Holbe for your great help:
    + Moved 'dialup' interface guessing from ppp/ip-up to postinst
  + Cleanup restart: only restart current running interfaces
    This also cleans up: 'dialup' logcheck failure, if no snort running
  + Prepare for multisensor support
  + Use start-stop-daemon --retry instead of sleep and kill -9
  + Use invoke-rc.d only, if it exists
    Closes: #191574
  + Correct please_restart to please_restart_manually
  + Re-Unified prerm and postinst scripts
  + Fix the backward-compatible just-kill-them-all in prerm;
    do we really need it? It definitely didn't work before and
    since the old-package prerm is called anyways, we shouldn't.
  + Simplify snort.debian.conf creation

  + snort-doc/examples now has a snort-rules auto-update script!
    Closes: #242521, thanks Marcel!
  + Updated fr.po by Christian Perrier
    Closes: #244048, thanks Christian!
  + Recent changes to init / ip-{up,down} scripts fixed this bug:
    Closes: #226236
  + Fixed database schema's in {pg,my}sql packages. This does not fix
    the 'schema is not installed when debconf prompts for it'-problem.
    Closes: #244017
  + Problem with snort-pgsql.template fixed.
    Closes: #244175

 -- Sander Smeenk <ssmeenk@debian.org>  Sun, 18 Apr 2004 14:39:19 +0200

snort (2.1.2-1) unstable; urgency=low

  + New upstream release
  + Templates corrected (reflect same text at shared options, typos)
  
  + -b switch removed from snort startup, log_tcpdump changed to snort.log
    Closes: #241425, #171190
  + French debconf translation by Christian Perrier
    Closes: #241991
  + Added checks on purge of snort-rules-default. Fixed breakage
    Closes: #239542
  + Firewall interaction is explained in the FAQ
    Closes: #217174
  + Snort now has snort.common.options, and no -b anymore.
    Closes: #217244
  + Changed helptext in snort.debian.conf to be more generic.
    Closes: #196694
  + Improved dialup suppport. MANY Thanks to Mario 'BitKoenig' Holbe for
    his great work on this subject and the changes to the init script!
    Closes: #226236

 -- Sander Smeenk <ssmeenk@debian.org>  Sun,  4 Apr 2004 15:12:27 +0100

snort (2.1.1-1) unstable; urgency=low

  + New upstream release
    Closes: #238427
  + Added catalan debconf templates (debian/po/ca.po)
    Closes: #236644
  + Fixed packaging bugs.
  + Applied following changes by Javier Fernández-Sanguino Peña. Thanks!!
      * Snort group is now created using --system in all packages
        Closes: #231580
      * Both the cron.daily script and the postinst scripts set a default
        value for STATS_RCPT and STATS_TRESHOLD to avoid buggy behaviours
        if the user does not setup a proper value when interfacing with
        debconf. Still, these values should be checked in the config 
        scripts. (Closes: #173331)
      * Snort-stat now exists if there are no results which will avoid
        it from sending empty emails 
        (Closes: #217913, #174508, #192401, #172529)
      * Improved the explanations in several templates (Closes: #217173)
      * Updated Japanese translation (and fixed some po format errors,
        hopefully without damaging the po file) (Closes: #226680)
      * Included Catalan debconf translation (Closes: #236644)
      * Updated pt-BR debconf translation (Closes: #228244)
      * Re-Added (partial) spanish debconf translation (it seems that 
        the work I did back in december 2001 has not been moved to po-debconf!)

 -- Sander Smeenk <ssmeenk@debian.org>  Wed, 17 Mar 2004 18:46:28 +0100
 
snort (2.1.0-4) unstable; urgency=low

  + Fixed FTBFS with -B flag specified to dpkg-buildpackage
    Thanks Pascal Hakim.
  + Restart target in init.d script requires a sleep on slow systems.
    Thanks Marco Gaiarin.
  + Updated the ja.po templates 

 -- Sander Smeenk <ssmeenk@debian.org>  Wed, 1 Mar 2004 00:00:00 +0100
  
snort (2.1.0-3) unstable; urgency=low

  + Split binary-indep packages from binary-arch target
    Closes: #226072, #157708, #185806
  + ip-up.d script now correctly guesses the PPPENV settings
    Closes: #225956
  + Updated the fr.po templates
    Closes: #225906

 -- Sander Smeenk <ssmeenk@debian.org>  Sun, 04 Jan 2004 12:51:38 +0100

snort (2.1.0-2) unstable; urgency=low

  + Added example init.d script to manage multiple sensors.
  + No longer kills custom daemons at init.d stop
    Closes: #181637
  + Fixed build-dependency on libpcre3-dev
    Closes: #225707
  + Fixed manpage to reflect new SIGHUP handling
    Closes: #122689
  + Already implemented 'statesaving' dialup scripts
    Closes: #101725
  + Changed default flow-portscan configuration
    Closes: #225506

 -- Sander Smeenk <ssmeenk@debian.org>  Fri, 02 Jan 2004 13:01:54 +0100

snort (2.1.0-1) unstable; urgency=low

  + New upstream version
  + Depend on perl-modules for perlscripts
    Closes: #212805
  + Fixed breakage of upgrades when conffiles were removed by user
    Closes: #207970
  + Added japanese translation of templates
    Closes: #224191

 -- Sander Smeenk <ssmeenk@debian.org>  Sun, 21 Dec 2003 15:48:55 +0100

snort (2.0.2-3) unstable; urgency=low

  * ip-up.d/snort and init.d/snort now use the same startup arguments
    with an extra config file that holds the common parameters.
    Closes: #217244
  + ip-{up,down}.d/snort moved from snort-common to snort{,-mysql,-pgsql}
  * Clarified debconf questions. Fixed typos, corrected grammar.
    Closes: #217173
  * Updated what documenation files are included.
    Closes: #217174

 -- Sander Smeenk <ssmeenk@debian.org>  Fri, 24 Oct 2003 18:05:26 +0200

snort (2.0.2-2) unstable; urgency=low

  * Fixed 'native package' problem
  	Closes: #216326

  * Fixed syntaxerrors in init script
    Closes: #215142

 -- Sander Smeenk <ssmeenk@debian.org>  Sun, 19 Oct 2003 16:11:09 +0200

snort (2.0.2-1) unstable; urgency=low

  Pascal:
  * Make snort-rules-default depend on a recent version of snort
    Closes: #135603
  * Delete configuration files and log files on purge.
    Closes: #180043

  Sander:
  * Fixed the init.d script to not start snort in dialup mode at boot. 
    Closes: #207291, #208003

 -- Sander Smeenk <ssmeenk@debian.org>  Wed, 08 Oct 2003 21:09:34 +1000

snort (2.0.1-3) unstable; urgency=low

  + Fixed FTBFS: automake1.6 dependency (Closes: #207010)

 -- Sander Smeenk <ssmeenk@debian.org>  Mon, 25 Aug 2003 10:45:31 +0200

snort (2.0.1-2) unstable; urgency=low
  
  + Snort now co-maintained by Pascal Hakim
  
  + fr.po added, forgot the NMU by Christian Perrier
  + Untranslatable strings marked for translation fixed
    Closes: #206972, #192952
  + create_postgresql.gz has been updated and now uses 'TIMESTAMP'
    Closes: #206372
  + Changed the init.d's "start" section to support dialup mode
    Closes: #205873
  + SNMP support has been removed upstream, I forgot to remove the MIB
    message from snort-common
    Closes: #206668
  + Since the MIB note was removed, this also fixes inapropriate use of
    debconf, which Closes: #205085

 -- Sander Smeenk <ssmeenk@debian.org>  Sun, 24 Aug 2003 11:41:23 +0200

snort (2.0.1-1) unstable; urgency=low

  + New upstream source

 -- Sander Smeenk <ssmeenk@debian.org>  Tue, 19 Aug 2003 16:32:46 +0200

snort (2.0.0-3.1) unstable; urgency=low

  + Eeps! Forgot my versioned dependencies!

 -- Sander Smeenk <ssmeenk@debian.org>  Mon, 05 May 2003 21:02:13 +0200

snort (2.0.0-3) unstable; urgency=low

  + Added 'Provides: Snort' to snort-{pg,my}sql (Closes: #190064)
  + Moved parameter -b to snort.conf (Closes: #190748)
  + Seems fixed, according to submitter (Closes: #184596)
  + Fixed ppp/ip-up.d/snort, first source, then test (Closes: #190999, #191894)
  + Dependency on libpq3 isn't mandatory since postgresql-dev depends on it.
    (Closes: #191570)

 -- Sander Smeenk <ssmeenk@debian.org>  Mon, 05 May 2003 20:27:03 +0200

snort (2.0.0-2) unstable; urgency=low

  + Fixed PPP environment variables in ip-up.d. (Closes: #190107)
    I really don't know how to support multiple instances of snort here
  + Versioned depends on snort-rules-default (Closes: #190111)
  + Fixed wrong pid-finding init.d script (Closes: #190154)
  + cronjob 'snort' renamed to '5snort' again (Closes: #190303)

 -- Sander Smeenk <ssmeenk@debian.org>  Wed, 23 Apr 2003 21:00:23 +0200

snort (2.0.0-1) unstable; urgency=high

  + New Upstream version
  + SECURITY FIXES (Closes: #189267)
  - XML logging and SNMP notification seems to be removed upstream ?

  + The init.d script has added intelligence that will hopefully detect
    wether snort was running in manual mode / dialup mode when logrotate
    ran, and leave it in that state (Closes: #186060)
  + Tried to fix snort-stat by adding -a option (Closes: #186214)
  + Renamed cronjob 5snort to snort (Closes: #186380)
  + Rebuilt with new libsnmp-0.4.2 linking (Closes: #186415)
  + po-debconf patch applied, thanks (Closes: #186881)
  + Including sid-msg.map and gen-msg.map (Closes: #187291)

 -- Sander Smeenk <ssmeenk@debian.org>  Sat, 05 Apr 2003 13:32:18 +0200

snort (1.9.1-4) unstable; urgency=low

  + Added dependency on perl-modules to snort-common (Closes: #185180)
  + Attempt 1 at fixing snort-stat again (Closes: #184622)
  + init.d script tells how to start snort on dialup system (Closes: #181074)
  + snort-stat supports -a now (scan whole file) (Closes: #184282)

 -- Sander Smeenk <ssmeenk@debian.org>  Tue, 18 Mar 2003 21:37:47 +0100

snort (1.9.1-3) unstable; urgency=low

  + Fixed Override Disparities
  + Added section to snort-paper (Closes: #183988, #183388)

 -- Sander Smeenk <ssmeenk@debian.org>  Wed, 12 Mar 2003 09:04:30 +0100

snort (1.9.1-2) unstable; urgency=low

  + Fixed PostgreSQL CreateDB-scheme (Closes: #181733)
  + Fixed snort-doc (Closes: #183988, #183388)
  + A supposed fix for #181477 introduced a new bug which is now fixed
    (Closes: #184128, #184071)
  + Fixed -s commandline argument. It doesn't need an argument.
    (Closes: #183790)
  + Startup arguments for init.d invocation and pppd invocation are now
    'the same' (Closes: #183554)

 -- Sander Smeenk <ssmeenk@debian.org>  Mon, 10 Mar 2003 23:57:12 +0100

snort (1.9.1-1) unstable; urgency=high

  * SECURITY FIX
    ISS X-Force has discovered a remotely exploitable buffer overflow
    condition in Snort. A buffer overflow flaw exists in Snort RPC
    preprocessing code that is vulnerable to attack.

 -- Sander Smeenk <ssmeenk@debian.org>  Mon, 03 Mar 2003 21:15:27 +0100

snort (1.9.0rel-4) unstable; urgency=low

  + Changed logrotate (Closes: #176495)
  + Renamed 'portscan2' to 'portscan2.log' (Closes: #173978)
  + Recompile Fixed PostgreSQL dependency (Closes: #175977)
  + Applied patch against snort-stat (Closes: #175657)
  + Added 'portscan2-ignorehosts' example + enabled for $HOME_NET
    (Closes: #173985)
  + Marks old 'snort.rules.files' OBSOLETE (Closes: #173981)
  + Fixed snort-stat manpage to reflect alert.log (Closes: #175364)
  + Fixed snort-pgsql logging bug with last_cid (Closes: #166722)
  + Updated snort-rules-default to latest version
  + Recompile fixed libsnmp5 dependency (Closes: #183094, #182722)
  + Init scripts fixed (Closes: #181497)
  + Changed rights on /var/log/snort to snort.adm (Closes: #180216)
  + Fixed mkdir -p in snort-rules-default preinst (Closes: #180046)

 -- Sander Smeenk <ssmeenk@debian.org>  Sat, 25 Jan 2003 16:48:40 +0100
  
snort (1.9.0rel-3) unstable; urgency=low

  + Using invoke-rc.d instead of direct /etc/init.d calls (Closes: #165135)

 -- Sander Smeenk <ssmeenk@debian.org>  Thu, 17 Oct 2002 11:35:42 +0200

snort (1.9.0rel-2) unstable; urgency=low

  + Fixed Startup in Manual mode (Closes: #164644)
  + Fixed failing preinst in snort-rules-default (Closes: #164643)
  + No more useless cron messages (Closes: #158490)
  + Manually changed snort.c to fix -s cmdline problem (Closes: #164969)
  + DISABLED OLD PORTSCAN PREPROCESSOR, REPLACED BY PORTSCAN2 PREPROCESSOR

 -- Sander Smeenk <ssmeenk@debian.org>  Wed, 16 Oct 2002 19:58:29 +0200
  
snort (1.9.0rel-1) unstable; urgency=low

  + New Upstream Version
  + Moves old /etc/snort/*.rules to new rules/ directory 
    (Closes: #158447, #160888)
  + Closes: #158845, leftover bug fixed in previous upload.
  + Files *were* created with incorrect permissions (Closes: #162386)
  + Fixed Logrotate (Closes: #158042, #159456)

 -- Sander Smeenk <ssmeenk@debian.org>  Sat, 31 Aug 2002 15:59:16 +0200

snort (1.9.0beta4-5) unstable; urgency=low

  + ASN.1 Decoder turned OFF because of TOO MANY LOGENTRIES!
  * Fixed Bugs (Closes: #157443)
  + Commented out the 'Initializing Output Plugins!' message.
  
  
  + Changed to logrotate to rotate logfiles (Closes: #157706)
  * Unreproducable, but changed to new rotation system (Closes: #156896)
  
  
  + Specified 'portscan2.log' as portscan2 preprocessor logfile
  + Supports 'any' in the address range question to not trust
    any side of the network. Wishlist but no bug was filed for this.
  + Fixed faulty information in templates (Closes: #158708)
  + Added README.PHP in contrib/ for clearness (Closes: #158714)
  + snort-stat reported hostname with \n at the end, chomped off now.

 -- Sander Smeenk <ssmeenk@debian.org>  Fri, 23 Aug 2002 22:17:20 +0200

snort (1.9.0beta4-4) unstable; urgency=low

  + Severe postinst breakage when installing newer versions
    of Snort from scratch. Fixed.
  + Fixed world-writable logfiles problem (Closes: #155893)
  + Password-field must be filled in.
  + snort-mysql's postinst put postgresql config in snort.conf :(

 -- Sander Smeenk <ssmeenk@debian.org>  Tue, 20 Aug 2002 13:21:42 +0200

snort (1.9.0beta4-3) unstable; urgency=low

  + Fixed world-writable logfiles problem (Closes: #155893)
  + Password-field must be filled in.
  + snort-mysql's postinst put postgresql config in snort.conf :(

 -- Sander Smeenk <ssmeenk@debian.org>  Tue, 20 Aug 2002 11:11:35 +0200

snort (1.9.0beta4-2) unstable; urgency=low

  + Found nicer way of fixing #155893 (Closes: #155893)
  + Typo two typos in bugnumbers. 
    Previous #153221 should be (Closes: #153211)
    Previous #156119 should be (Closes: #156199)
    Sorry for the mixups. It was late :/
  + Fixed b0rking preinsts (Closes: #157085)
  
 -- Sander Smeenk <ssmeenk@debian.org>  Fri, 16 Aug 2002 00:03:41 +0200
  
snort (1.9.0beta4-1) unstable; urgency=low

  + Fixes world readable configuration file problem (Closes: #154977, #155484)
  + XML output should work in this release (Closes: #153845)
  + MIB's moved to /usr/share/snmp/mibs (Closes: #153221)
  + snort-stat now uses threshold (Closes: #147197)
  + SMTP rules have been disabled per default (Closes: #153817)
  + Fixed typo's in debconf screens (Closes: #154687)
  + 'Hacked around' the logfiles-not-group-readable problem (Closes: #155893)
  + Upload accepted (Closes: #156119)
  + Leftover bugs that have been fixed earlier (Closes: #134979)

  * Fixed but no-bugreports:
  + 'Initializing Plugins' log-message removed from src/plugbase.c
  + Rules have moved from /etc/snort to /etc/snort/rules/
  + snort-{pg,my}sql now update the snort.conf file properly
  + stream4 evasion-detection disabled
  + more...

 -- Sander Smeenk <ssmeenk@debian.org>  Wed, 14 Aug 2002 22:00:24 +0200

snort (1.8.7-4) unstable; urgency=low
  
  + Typo in snort-stat, fixed.

 -- Sander Smeenk <ssmeenk@debian.org>  Sat, 03 Aug 2002 11:21:49 +0200

snort (1.8.7-3) unstable; urgency=low

  + snort-stat now shows hostname from where it's reporting.
  + ruleset tuning (Closes: #155084)  
  + i see no rules with <- direction specifier, snort starts
    just the way it should with telnet.rules and backdoor.rules
    (Closes: #153400)
  + Specific major-version Build-Depends on libsnmp4.2-dev (Closes: #155163)

 -- Sander Smeenk <ssmeenk@debian.org>  Sat, 03 Aug 2002 01:34:49 +0200

snort (1.8.7-2) unstable; urgency=low

  + Fixed situations where snort got restarted by cronscript while
    being started in dialup-mode. Snort should support -HUP'ing.
  + Fixed typo in /etc/snort/snort.conf (Closes: #152840, #152671)
  + Fixed stupid snmpd.conf auto-addition, that was bad (Closes: #153074)
  + Each MTA supplies 'sendmail' and each system has 'MTA' (Closes: #151678)
  + Snort-pgsql has debconf 'help' on configuring a DB (Closes: #149661)
  + Fixed snort-mysql.config problem (Closes: #110952)
  + Multiple subnets problem fixed (Closes: #146861)
  * Maintainer Wipes Forehead.

 -- Sander Smeenk <ssmeenk@debian.org>  Thu, 11 Jul 2002 21:06:50 +0200

snort (1.8.7-1) unstable; urgency=low

  + NEW UPSTREAM!
  * No more local-{first,last} creation in preinst (Closes: #152184)
  * var EXTERNAL_NET !$HOME_NET in snort.conf (Closes: #152182)

 -- Sander Smeenk <ssmeenk@debian.org>  Mon,  8 Jul 2002 10:59:16 +0200

snort (1.8.6-6) unstable; urgency=low

  * Fixed serious log-rotation problem (Closes: #151922)
  * Fixed typo in rules file: --enable-snmp versus --with-snmp
    + Reported in private mail, no bugs to close.
  * New ruleset & config & classification (Closes: #152070)
  * Not a bug (Closes: #152068)

 -- Sander Smeenk <ssmeenk@debian.org>  Fri,  5 Jul 2002 23:23:09 +0200

snort (1.8.6-5) unstable; urgency=low

  * Fixed 5snort cronjob, thanks for the patches.
     + Closes: #151336, #151341, #151393, #151395
  * Can't check this problem, it looks fixed to me. 
     + Closes: #94709
  * Cronjob has been reworked so it uses /var/log/snort/alert, also
    snort.conf has been configured to log to syslog by default.
     + Closes: #146680
  * Debconf frontend now supports multiple addresses (ranges) in
    address_range question.
     + Closes: #66932
  * Bug-submitter thinks this bug is fixes now.
     + Closes: #104074
  * Weird unaligned traps on alpha are unconfirmed snort-related.
    Also, haven't heard anyone else about this.
     + Closes: #130675
  * Fixed the debconf script's perl-regexp to support multiple
    subnet-definition separated by commas
     + Closes: #146945
  * Once more fixed /etc/snort/snort.conf _NOT_ to log to syslog,
    since that would stop logging to /var/log/snort/alert, and that
    would break the snort-stat cronjob, and more.

 -- Sander Smeenk <ssmeenk@debian.org>  Sun, 30 Jun 2002 00:29:26 +0200

snort (1.8.6-4) unstable; urgency=low

  + Fixed POSIX shell incompatibility (Closes: #150409)
  + Fixed Suggests instead of Recommends on snort-doc. 
    (Closes: #150768, #150702)
  + Fixed RULE_PATH setting in snort.conf
  + Fixed syslog default log-type in snort.conf (Closes: #46680, #124169)  
  + The cronjob in this release _tries_ syslogd-listfiles, and if
    that is not available defaults to /var/log/auth.log. (Closes: #120991)
  + Added section in README.Debian about FLEXRESP rules and 
    snort-not-starting because of permission denied (Closes: #132577)
  + Fixed Subject: in body instead of headers (Closes: #132220, #145836)
  + Fixed 'misleading comments' in snort.conf (Closes: #145749)
  + The empty snort.conf problem was fixed in 1.8.6-1? (Closes: #144218)
  + This was fixed in an earlier release (Closes: #134792)
  + Applied patch against cronjob (Closes: #151229)
  + Package 'debianutils' is in base and required, so no dependancies
    are nescasary (Closes: #145837)
  + Subjectless email fixed (Closes: #145876)
  + Cronjob emails daily-alerts instead of weekly (Closes: #145901)
  + Looks fixed to me (Closes: #136220)
  + Thanks for the patches everyone!! Greatly appreciated! (Closes: #151257)

 -- Sander Smeenk <ssmeenk@debian.org>  Fri, 28 Jun 2002 11:22:13 +0200
  
snort (1.8.6-3) unstable; urgency=low

  * New Maintainer!  Sander Smeenk <ssmeenk@debian.org>
  + POSTGRESQL SUPPORT WHOO (Closes: #108348)

 -- Sander Smeenk <ssmeenk@debian.org>  Tue,  4 Jun 2002 21:28:15 +0200

snort (1.8.6-2) unstable; urgency=low

  * [debian/snort-rules-default.conffiles] Added missing entries.
  * [debian/rules] Honour DEB_BUILD_OPTIONS.
  * [debian/rules] Use a variable to hold configure options that are common
    to the variant packages.
  * [debian/rules] Use debhelper *.dirs .
  * [debian/*.doc-base] New.
  * Bumped Standards-Version.
  * Previous uploads fixed more bugs than noted.
    (Closes: #142508, #143294, #131948)
  * Enabled SNMP support.
  * Added Spanish translations to debconf templates. (Closes: #126725)
  * Changes above by JHM (thanks!)
  * Added a new snort_stat.pl (Closes: #143875, #131887, #143962)

 -- Robert van der Meulen <rvdm@debian.org>  Mon, 29 Apr 2002 13:03:24 +0200

snort (1.8.6-1) unstable; urgency=low

  * Sander Smeenk <ssmeenk@debian.org> fixed:
    + Closes: #111533, #131047
    * Changed snort.template and made a clear text about what HOME_NET
      is used for. I had to remove the de_DE and pt_BR translations though.
    + Closes: #134063
    * The postinst now creates /etc/snort/snort.debian.conf if it doesn't
      exist by echoing a basic content into the file. Kinda ugly, but it
      works.
    + Closes: #132220, #134898, #136848, #139143, #139423
    * These are all about snort-stat and empty daily emails.
      Reported against version 1.7-9, and it seems to be fixed now.
    + Closes: #109135, #117010
    * Typo. Fixed.
    + Closes: #104447
    * Ooooooh ns.somehost.tld is portscanning me!   Add the nameservers
      to the DNS_SERVER value in snort.conf. Although I think this was fixed
      in 1.8.4beta2
    + Closes: #116169
    * I added 1 or 2 lines of short descriptive text to each package's
      description. It should be more clear now.
    + Closes: #67176, #130242, #133591, #79095, #102320
    * These are left-over bugs. Fixed in earlier releases.
    + Closes: #128689, #131049
    * Fixed the init.d script so that it doesn't say "already started" on
      errors. Snort returns 0(good) or 1(bad), not 2.
    + Closes: #143268
    * The supplied patch didn't contain any valid patchable entries. The
      script has changed that much that I assume it has been fixed already.
  * Thanks, smeenk :)

 -- Robert van der Meulen <rvdm@debian.org>  Fri, 19 Apr 2002 16:21:35 +0200

snort (1.8.4beta1-2) unstable; urgency=low

  * Fixed 'Depends:' of 'snort' package to depend on new-style snort-common
    package. (Closes: #131730)
  * Marked some /etc/ files as conffiles (Closes: #132823)
  * Fixed build problems on some arches (Closes: #132912, #131741)
  * Fixed quoting error in virus.rules (Closes: #131947)
  * Fixed snort-common Replaces: line (Closes: #131701, #133106)
  * Removed snort.debian.conf from the package (Closes: #132517)
  * Fixed initscript to allow for multiple subnets (Closes: #125686) 

 -- Robert van der Meulen <rvdm@debian.org>  Sun, 10 Feb 2002 16:11:55 +0100

snort (1.8.4beta1-1) unstable; urgency=low

  * New upstream release (Closes: #131517, #106093, #115955, #118270, #127564)
  * Moved config stuff to snort-common (Closes: #109862)
  * Fixed debconf instuctions for dialup (Closes: #113250)
  * Fixed snort-stat (Closes: #115873, #116964)
  * New upstream has icmp-info rules reordered (Closes: #111832)
  * Gave 'count' a bit more room in email reports (Closes: #102657)
  * Fixed snort cron script to not kill snort in dialup mode (Closes: #97950)
  * Fixed snort cron script to not send empty emails (Closes: #112100,#117079)
  * Fixed HOME_NET variable passing in init script (Closes: #117886)

 -- Robert van der Meulen <rvdm@debian.org>  Sun, 10 Feb 2002 15:41:40 +0100

snort (1.8p1-1) unstable; urgency=low

  * New upstream release
  * Depend on system-log-daemon|syslogd (Closes: #102511)
  * Fixed snort-stat empty log reports (Closes: #107515, #98944, #103542)
  * Fixed logfile pattern (Closes: #102787)

 -- Robert van der Meulen <rvdm@debian.org>  Tue, 14 Aug 2001 20:37:43 +0200

snort (1.7-9) unstable; urgency=low

  * Removed 'snort.debian.conf' from the 'conffiles' to avoid it being
    replaced. (Closes: #96950)
  * Fixed a lot of errors in the manpage. (Closes: #99873, #101868)
  * Removed '-s' option, and enabled logging to syslog in snort.conf.
    (Closes: #101873)
  * Fixed inconsequent ip-up.d and init.d behaviour (Closes: #101874)
  * Added pt_BR support (Closes: #93219)
  * Make snort stop before purging/removing.

 -- Robert van der Meulen <rvdm@debian.org>  Sun, 15 Jul 2001 14:04:35 +0200

snort (1.7-8) unstable; urgency=low

  * Have snort depend on system-log-daemon (Closes: #99203)
  * Changed package description (Closes: #99302)
  * Changed debconf 'extra options' question (Closes: #99303)

 -- Robert van der Meulen <rvdm@debian.org>  Sun, 17 Jun 2001 19:16:59 +0200

snort (1.7-7) unstable; urgency=low

  * Added a modified version of 'snort-stat', from Christian Hammers
    (Closes: #93739)
  * Changed '5snort' to do syslogd-listfiles --auth, to correctly list
    logfiles using the 'auth' facility. (Closes: #97467)
  * Modified crontab file to correctly keep /var/log/snort clean.
    (Closes: #97465, #97003)

 -- Robert van der Meulen <rvdm@debian.org>  Tue, 15 May 2001 20:40:03 +0200

snort (1.7-6) unstable; urgency=low

  * Added more paths in /etc/init.d/snort (Closes: #94651)
  * Removed non-US dependency on libssl096 (Closes: #92748)
  * Fixed old man-page synopsis bug (Closes: #90889)
  * Added 'please restart' notice for dialup users that upgrade(Closes: #90979).
  * Fixed 'snort.conf' indiscrepancy (comma-separated versus
    whitespace-separated)  (Closes: #93742)
  * Added '-d' option for startup (Closes: #78667)
  * Added snort FAQ (Closes: #91219) 

 -- Robert van der Meulen <rvdm@debian.org>  Mon, 30 Apr 2001 01:34:25 +0200

snort (1.7-5) unstable; urgency=low

  * fixed no-pidfile bug when using dialup interfaces. (Closes: #89133)
  * forgot to close host-timeout bug (Closes: #87838)
  * Removed bashisms from cron script (Closes: #88596)
  * Fixed start-stop-daemon paths in init.d script (Closes: #88678)
  * Corrected multiple -i startup option typo (Closes: #89131)
  * Added mysql support (Closes: #89840)
  * Applied 'unaligned trap on alpha' patches from Paul Slootman
    (Closes: #85684, #81092)

 -- Robert van der Meulen <rvdm@debian.org>  Thu, 22 Mar 2001 22:40:51 +0100

snort (1.7-4) unstable; urgency=low

  * lets-fix-lots-of-bugs release
  * Fixed snort-stat:
    - output is now 79 chars wide. (Closes: #70649)
    - output written to tempfile first, to work around 'host' timing out
      sometimes. (Closes: #74937)
  * There is no 'WARNING' message on startup, anymore (Closes: #79289)
  * Fixed crontab script to reflect /var/log/portscan.log ->
    /var/log/snort/portscan.log change. (Closes: #85571)
  * Fixed syntax error in cron file (*shame*) (Closes: #85686)
  * added check for existence of /var/log/snort/portscan.log in
    cron file (Closes: #86596 )
  * Fixed syslog dependency problem (syslogd|syslog-ng) (Closes: #85807)
  * Changed crontab file to allow for multiple auth.* files (Closes: #84183)
  * Snort doesn't crash on empty logfiles. (Closes: #85284 )
  * Snort generates correct snort-stat messages on a dialup link now.
    (Closes: #82504)

 -- Robert van der Meulen <rvdm@debian.org>  Fri,  2 Mar 2001 23:32:40 +0100

snort (1.7-3) unstable; urgency=low

  * Fixed a couple of bugs in the startup scripts for dialup. Closes: #85201
  * Made postinst modify /etc/snort/snort.debian.conf.  Closes: #85156
  * 'hardwired' /etc/ppp/ip-up.d/snort to use the PPP interface. Closes: #85218
  * Fixed problem with multiple 'auth' logfiles. Closes: #84316

 -- Robert van der Meulen <rvdm@debian.org>  Fri,  9 Feb 2001 23:47:19 +0100

snort (1.7-2) unstable; urgency=low

  * Fixed a small bug in the cron.daily script; snort.conf -> snort.debian.conf

 -- Robert van der Meulen <rvdm@debian.org>  Tue,  6 Feb 2001 23:47:31 +0100

snort (1.7-1) unstable; urgency=low

  * New upstream version.
  * New maintainer
  * Moved /etc/snort/snort-lib to /etc/snort/snort.conf
    /etc/snort/snort.conf was a script to set DEBIAN config variables,
    it now is the base rule file.
    /etc/snort/snort.debian.conf does the 'old' job.
  * modified startup parameters for 'new style'

 -- Robert van der Meulen <rvdm@debian.org>  Sun,  4 Feb 2001 23:31:02 +0100

snort (1.6.3a-5) unstable; urgency=low

  * Accidently typed "echo" instead of "kill" in init script. Closes: #84345

 -- Christian Hammers <ch@debian.org>  Thu,  1 Feb 2001 11:05:16 +0100

snort (1.6.3a-4) unstable; urgency=low

  * Enhanced init.d script. Fixes problems with cron rotations.
  * Now depends on debhelper. Closes: #75462
  * Added german translation for debconf menus. Closes: #83873
  * Is no longer accidently a "native Debian" package. Closes: #82097
  * Problem with libmysqlclient.so.9 fixed long ago. Closes: #74798, 74806
  * Debconf should be work fine now. Closes: #59726, #70711
  * Adopted new homepage URL. Closes: #69805 
  * Problem no longer reproducable. Closes: #67732, #67734
  * Added dependency to the virtual package "syslogd". Closes: #84183

 -- Christian Hammers <ch@debian.org>  Wed, 31 Jan 2001 00:38:22 +0100

snort (1.6.3a-3) unstable; urgency=low

  * Changed the "interface" debconf question to medium. Closes: #80996

 -- Christian Hammers <ch@debian.org>  Wed, 31 Jan 2001 00:10:01 +0100

snort (1.6.3a-2) testing unstable; urgency=low

  * Ok, forgot the ">/dev/null" after a savelog cron command... 

 -- Christian Hammers <ch@debian.org>  Sun, 31 Dec 2000 01:11:37 +0100

snort (1.6.3a-1) testing unstable; urgency=low

  * This is still 1.6.3!
    Somehow the .orig.tar.gz got renamed so I have to make a new
    -1 upload. 
  * Added rotation of /var/log/portscan.log. Closes: #80864 

 -- Christian Hammers <ch@debian.org>  Sat, 30 Dec 2000 17:52:58 +0100

snort (1.6.3-8) unstable; urgency=low

  * writed more good english in debconf template. Closes: #78367
  * Adjusted debconf question for email recipient to "medium".

 -- Christian Hammers <ch@debian.org>  Fri,  1 Dec 2000 20:01:38 +0100

snort (1.6.3-7) unstable; urgency=low

  * Recompiled against new kernel to handle pppeo.
    (requested by jeffml@pobox.com)

 -- Christian Hammers <ch@debian.org>  Sun, 26 Nov 2000 14:55:25 +0100

snort (1.6.3-6) unstable; urgency=low

  * Added debhelper to build depends. Closes #75462

 -- Christian Hammers <ch@debian.org>  Wed, 25 Oct 2000 10:51:23 +0200

snort (1.6.3-5) unstable; urgency=medium

  * Recompiled against libmysqlclient10. 

 -- Christian Hammers <ch@debian.org>  Tue, 17 Oct 2000 11:00:11 +0200

snort (1.6.3-4) unstable; urgency=low

  * Added dependencies to adduser >= 3.11. Closes: #69425

 -- Christian Hammers <ch@debian.org>  Sun, 20 Aug 2000 08:53:50 +0200

snort (1.6.3-3) unstable; urgency=low

  * Made postinst/preinst idempotent. Closes: 67732, 67734

 -- Christian Hammers <ch@debian.org>  Sun, 20 Aug 2000 08:53:37 +0200

snort (1.6.3-2) unstable; urgency=low

  * Disabled defrag-preprocessor due to upstream bugs. 

 -- Christian Hammers <ch@debian.org>  Mon, 24 Jul 2000 17:21:18 +0200

snort (1.6.3-1) unstable; urgency=low

  * New upstream release.
  * Now chrooted to /var/log/snort and running as snort:snort!
  * More scan detections added.
  * Applied fixed from Ian Zimmerman. Thanks. Closes: #66057

 -- Christian Hammers <ch@debian.org>  Sun, 23 Jul 2000 14:11:50 +0200

snort (1.6.2.2-1) unstable; urgency=low

  * New upstream release 1.6.2.2. Minor patches. 

 -- Christian Hammers <ch@debian.org>  Sun,  9 Jul 2000 23:21:16 +0200

snort (1.6.1-1) unstable; urgency=low

  * Many new scans for known vulnerabilities included!

 -- Christian Hammers <ch@debian.org>  Sat,  8 Jul 2000 17:06:47 +0200

snort (1.6-1) unstable; urgency=low

  * New upstream major release.

 -- Christian Hammers <ch@debian.org>  Tue,  4 Jul 2000 18:40:34 +0200

snort (1.5.1-12) unstable; urgency=low

  * Removed warning for port 53 source port traffic because old BINDs
    generated them. Closes: #65107

 -- Christian Hammers <ch@debian.org>  Tue,  6 Jun 2000 19:07:06 +0200

snort (1.5.1-11) frozen unstable; urgency=low

  * Package could not be build on powerpc because there were some
    obsolete AM_PROG_INSTALL (now AC_PROG_INSTALL) statements in
    aclocal.m4. Closes: #57916
  * Improved documentation about reading the tcpdump-style binary log 
    file. Closes: #57789

 -- Christian Hammers <ch@debian.org>  Sun, 13 Feb 2000 18:23:58 +0100

snort (1.5.1-10) frozen unstable; urgency=low

  * Make sure that snort's cron.daily script gets renamed to the new
    name in snort.preinst so that it won't be called twice.

 -- Christian Hammers <ch@debian.org>  Wed,  9 Feb 2000 12:37:53 +0100

snort (1.5.1-9) frozen unstable; urgency=low

  * Argh! Forgot to remove a malicious line in cron.daily. Closes: #57611 

 -- Christian Hammers <ch@debian.org>  Wed,  9 Feb 2000 11:10:53 +0100

snort (1.5.1-8) frozen unstable; urgency=low

  * Added "exit 0" to cron.daily script.

 -- Christian Hammers <ch@debian.org>  Sat,  5 Feb 2000 16:07:05 +0100

snort (1.5.1-7) frozen unstable; urgency=low

  * Applied upstream patch to get binary mode working.
    Now this is really 1.5.1 and not 1.5patch1, btw.
  * switched logging to tcpdump compatible binary mode so that
    snort is usable on 100MBit networks. Closes: #55949
  * fixed daily report of the weekly rotated auth.log. Closes: #56476
  * cron job restarts snort correctly. Closes: #56608
  * postinst should start snort only if $startup=="boot".
  * sanified snort.config (thank to Mario Holbe, again)
  * removed debconf-bug compatibility. Closes: #54990

 -- Christian Hammers <ch@debian.org>  Sat, 29 Jan 2000 17:57:34 +0100

snort (1.5.1-5) frozen unstable; urgency=low

  * User may only enter one interface and no comma separated list that
    confuses the postscript, too. Closes: #55567
  * Explained a debconf question. Closes: #55568
  * Fixed email address in copyright.
  * uncommented all backdoor-lib rules that do only whatch for a
    port >=1024, ignoring the content since they produce too much
    false-positives. (as requested by chirik@castlefur.com)
  * Added a note that this isn't actually 1.5.1 but 1.5patch1. 
  * Included "real" manpage that upstream author wrote.

 -- Christian Hammers <ch@debian.org>  Sat, 22 Jan 2000 15:30:32 +0100

snort (1.5.1-4) frozen unstable; urgency=low

  * Workaroung for debconf bug (#55317).
  * Do not ask user for IP range when using dialup-mode.
    (They normally wouldn't know!)
  * 

 -- Christian Hammers <ch@debian.org>  Sat, 22 Jan 2000 15:00:25 +0100

snort (1.5.1-3) frozen unstable; urgency=medium

  * Fixed cron script. Closes: #54553
  * The following was done by --- Mario Holbe --- thanks again!
  * Fixed quoting of metacharacters in postinst. Closes: #54984
  * replaced the snort.options thingy by a sh-based snort.conf                                                    
    - removed it from snort-lib                                                                                   
    - changed the README.Maintainer comment                                                                       
    - changed rule for it                                                                                         
    - created snort.conf with slightly beautified variables                                                       
  * modified ip-down.d to work with new snort.conf                                                                
  * modified ip-up.d to work with new snort.conf                                                                  
  * modified snort.init.d to work with new snort.conf Closes: #54553                                              
    - this closes some bugs in 1.5.1-2, which i've not submitted :-)                                              
  * modified snort-stat to work with new snort.conf Closes: #54555                                                
  * modified snort.cron.daily to work with new snort.conf/snort-stat                                              
  * added new snort/stats_treshold to snort.templates                                                             
  * modified snort.config to work with new config variable                                                        
  * modified snort.postinst to work with new snort.conf                                                           
  * modified snort.postrm to remove snort.conf if purge                                                           
  * all over all: did some beauifying :)                                                                          

 -- Christian Hammers <ch@debian.org>  Fri, 14 Jan 2000 21:09:42 +0100

snort (1.5.1-2) unstable; urgency=low

  * I was diligently and added five more debconf options :) Closing: #54227
    - receipient of the daily statistic mail
    - start at boot/ip-up/manual
    - interface
    - promiscuous mode
    - reverse order
  * Enhanced the snort-stat script with help from Mario Holbe. Closes: #54369

 -- Christian Hammers <ch@debian.org>  Fri, 14 Jan 2000 21:09:36 +0100

snort (1.5.1-1) unstable; urgency=low

  * Fixed cron script with the new logging method.
    Closes: #54226, #54275
  * Applied upstream patch1 and one from the mailing list.
    Closes: #54225, #54224
  * Added README.Debian with a small FAQ.
  * Changed configuration and added a /etc/snort/snort.options file.

 -- Christian Hammers <ch@debian.org>  Tue, 11 Jan 2000 22:56:33 +0100

snort (1.5-2) unstable; urgency=low

  * Fixed typo. Closes: #54269 

 -- Christian Hammers <ch@debian.org>  Sun,  9 Jan 2000 18:58:45 +0100

snort (1.5-1) unstable; urgency=low

  * New upstream release.
    Features speed burst and modularization of the rules file.
  * Now using syslog facility to log to /var/log/auth.log.
    (Details are still available in /var/log/snort/)
  * Daily generation of scan statistic via cron script.

 -- Christian Hammers <ch@debian.org>  Sun,  9 Jan 2000 18:58:39 +0100

snort (1.3.1-8) unstable; urgency=low

  * Sorry, future timestamps in package. Closes: #51848
    (too much Y2K testing, I guess)

 -- Christian Hammers <ch@debian.org>  Sun,  5 Dec 1999 16:49:56 +0100

snort (1.3.1-7) unstable; urgency=medium

  * Changed prio to high since it's an grave bug that was closed.
  * Closes: #51130 

 -- Christian Hammers <ch@debian.org>  Tue, 15 Feb 2000 00:34:59 +0100

snort (1.3.1-6) unstable; urgency=medium

  * Snort stalles after installation due to debconf misuse.
  * Closes: #51130

 -- Christian Hammers <ch@debian.org>  Wed, 24 Nov 1999 00:29:39 +0100

snort (1.3.1-5) unstable; urgency=low

  * Added debconf support to enter address range. 

 -- Christian Hammers <ch@debian.org>  Mon, 22 Nov 1999 20:13:41 +0100

snort (1.3.1-4) unstable; urgency=low

  * Extended archiving of log files. Closes: #50176 

 -- Christian Hammers <ch@debian.org>  Mon, 22 Nov 1999 00:56:38 +0100

snort (1.3.1-3) unstable; urgency=low

  * Registered cron script as config file. Closes: #48391

 -- Christian Hammers <ch@debian.org>  Wed, 27 Oct 1999 18:36:06 +0200

snort (1.3.1-2) unstable; urgency=low

  * Added the non-promiscuous flag (-p) to the man-page. 

 -- Christian Hammers <ch@debian.org>  Sun, 24 Oct 1999 18:52:20 +0200

snort (1.3.1-1) unstable; urgency=low

  * New upstream version. 
  * Many bugfixes.

 -- Christian Hammers <ch@debian.org>  Thu, 14 Oct 1999 00:20:35 +0200

snort (1.2.1-3) unstable; urgency=low

  * Included the LISA'99 Conference paper as documentation.
  * FHS compliant.
  * Improved /etc/cron.daily script. Fixes: #44568.

 -- Christian Hammers <ch@debian.org>  Fri, 10 Sep 1999 01:55:22 +0200

snort (1.2.1-2) unstable; urgency=low

  * Added a nice manpage (thanks to Peter T. Breuer). Closes #44127. 

 -- Christian Hammers <ch@debian.org>  Tue,  7 Sep 1999 17:15:51 +0200

snort (1.2.1-1) unstable; urgency=low

  * New upstream release with fixes and speed improvement. (fixes: #43049)

 -- Christian Hammers <ch@debian.org>  Mon, 30 Aug 1999 21:15:10 +0200

snort (1.2-2) unstable; urgency=low

  * Made cron.daily a bit quieter. (fixes: #43049) 

 -- Christian Hammers <ch@debian.org>  Mon, 16 Aug 1999 23:05:16 +0200

snort (1.2-1) unstable; urgency=low

  * New upstream version with great performance improve.

 -- Christian Hammers <ch@debian.org>  Mon,  2 Aug 1999 20:37:09 +0200

snort (1.1-2) unstable; urgency=low

  * Made better default IP in config file and fixed typo.

 -- Christian Hammers <ch@debian.org>  Tue, 13 Jul 1999 00:02:48 +0200

snort (1.1-1) unstable; urgency=low

  * Initial Release.

 -- Christian Hammers <ch@debian.org>  Mon, 12 Jul 1999 21:30:57 +0200