snort (2.9.7.0-5) unstable; urgency=medium

  * debian/control: Depend on perl, not perl-modules (Closes: #779126)

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Tue, 30 Jun 2015 00:54:42 +0200

snort (2.9.7.0-4) unstable; urgency=low

  * debian/control: Updated deprecated VCs URL to
    git://anonscm.debian.org/pkg-snort/pkg-snort.git
  * Include Snort tools u2boat and u2spewfoo to parse Unified2 log format
    files (Closes: #770882):
     - debian/snort.install: Install the files in the Snort package
     - debian/{u2boat,u2spewfoo}.1 create new manpages for the tools
     - debian/snort.manpages: add the new manpages to the package
     - debian/snort.dirs: create usr/bin/ for the new tools
  * debian/rules: 
     - Use dh_prep instead of dh_clean -k
  * debian/snort.manpages: Add the manpage for snort-stat, which was not
    included in the snort package (but the script was)
  * Rebuild with the latest daq library upstream (libdaq2). Libdaq0 is
    deprecated/obsolete and not maintained upstrea

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Tue, 09 Dec 2014 20:37:03 +0100

snort (2.9.7.0-3) unstable; urgency=high

  * debian/control: 
     - Add pkg-config in Build-Depends, it provides the PKG_CHECK_MODULES
       macro used in configure.in. This fixes a FTBFS observed in the
       buildds
     - Add libzma-dev dependency in Build-Depends as it is used in
       configure.in if available

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Fri, 24 Oct 2014 23:04:34 +0200

snort (2.9.7.0-2) unstable; urgency=high

  * The new upstream release, as seen with the previous upload, fixes the Out
    of Memory errors found in buildds when building (Closes: #765637)
  * debian/control: Add zlib1g-dev dependency in Build-Depends to fix FTFBFS

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Fri, 24 Oct 2014 16:14:20 +0200

snort (2.9.7.0-1) unstable; urgency=high

  * Upgrade to latest upstream version. Rules updates have been dropped
    by Snort upstream for older releases.  Snort 2.9.5.3 is not supported for
    rule updates since December 2013 (Closes: #753915)
    For more information see: https://www.snort.org/eol
  * debian/patches/{config,config_disabled_rules,fix_upstream_typos}: Refresh
    to apply to the newest source
  * debian/rules: 
      + Use dpkg-buildflags to setup the defult compiler and link flags.
      + Enable hardening options when building
  * debian/control: Build-Depend on (dpkg-dev >= 1.16.1~) due to above change
  * debian/patches/configure_werror: New patch to fix configure.in so
     that it can work properly when setting the hardening flags
  * debian/patches/hardening_werror: New patch to fix issues found
     when building with -Werror 
  * Debconf updated Translations:
    - Updated Dutch translation, contributed by Frans Spiesschaert (Closes:
      #764319)

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Fri, 24 Oct 2014 02:04:35 +0200

snort (2.9.5.3-4) unstable; urgency=medium

  * debian/control: Drop libgnutls-dev, as it is not longer required and it is scheduled
    for removal in sid, and (apparently) uninstallable. (Closes: #764108)
  * debian/control, debian/rules: Run dh-autoreconf when building to update
    config.{sub, guess} and {libtool, aclocal}.m4 (Closes:  #748713)
  * debian/snort.init.d: Change the permissions of the snort PIDFILE once
    snort is started in order to prevent the following error messages when
    snort is *re*started:

    snort[xxxx]: Could not remove pid file /var/run//snort_eth0.pid: Permission denied

    (Closes: #753914)
  * debian/snort-stat.8: Fix filename of the alert log file and point to the
    correct location. (Closes: #709246)
  * Debconf updated Translations:
    - Updated Russian translation, contributed by Yuri Kozlov 
      (Closes: 729710, #721483)

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Mon, 06 Oct 2014 20:11:15 +0200

snort (2.9.5.3-3) unstable; urgency=low

  * debian/control: Add texlive-binaries and texlive-font-utils to
     Build-Depends-Indep to make sure that buildds have the binaries
     required to build the documentation as suggested by Hideki Yamane.
     Kept the texlive metapackage however in debian/control just int case.
     (Closes: 713254) 
  * Debconf updated Translations:
    - Updated Russian translation, contributed by Yuri Kozlov (Closes: 722987)

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Mon, 21 Oct 2013 19:39:20 +0200

snort (2.9.5.3-2) unstable; urgency=low

  * Debconf templates and debian/control reviewed by the debian-l10n-english
    team as part of the Smith review project. (Closes: 720061)
  * Debconf updated Translations:
    - Update Spanish translation, contributed by Javier Fernandez-Sanguino
    - Updated Russian translation, contributed by Yuri Kozlov (Closes: 722987)
    - Updated German translation, contributed by Chris Leick (Closes: 723769)
    - Updated Portuguese translation, contributed by Miguel Figueiredo
      (Closes: 723779)
    - Add Simplified Chinese debconf, contributed by Yi Mingjing 
      (Closes: 723818)
    - Updated Czech translation, contributed by Michal Šimůnek 
      (Closes: 724289)
    - Updated French translation, contributed by JP Guillonneau 
      (Closes: 724300)
    - Updated Janapese translation (Closes: 724706)
    - Updated Italian translation provided by Daniele Forsi (Closes: 724707)
    - Updated Danish translation provided by  Joe Hansen (Closes: 724932)
    - Updated Swedish translation provided by Martin Bagge (Closes: 725104)

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Tue, 24 Sep 2013 03:39:00 +0200

snort (2.9.5.3-1) unstable; urgency=low

  * New upstream release.
    - Remove faq from the build since it is no longer provided upstream
  * Lintian fix typo in debian/snort-rules-default.README.Debian
  * debian/patches: Refresh all patches with new upstream
     - config_disabled_rules: Disable more .rules files which are not
       provided in the upstream sources (but might be in the VRT
       Sourcefire)
  * debian/control: Add latex2html to Build-Depends-Indep as the html.sty
    file is required for building the documentation

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Fri, 16 Aug 2013 20:51:02 +0200

snort (2.9.3.1-1) experimental; urgency=low

  * New upstream release, target towards experimental due to the current freeze.
  * The most relevant change in this release is that support by Snort to
    output directly in a database has been dropped, which means that the
    snort-pgsql and snort-mysql packages are no longer possible. This 
    is documented in the NEWS file. Also relevant is that support for
    Prelude is no longer available.
  * Since this release does not include the snort database packages any
    longer, bugs associated with them are no longer relevant
    (Closes: #526511, #567495, #292699, #276565, #527113, #388963, #388962,
    #321046, #369951)
  * debian/rules: Update the configuration options to adjust to those used
    in the snort.conf script provided upstream
  * debian/patches/fix_upstream_typos: Do typo fixes to more source files
  * debian/patches/config: Add more comments in the default configuration
    file, enable at least one output plugin (unified2) and set some
    configurations values as recommended in Jason Weir's "Building a
    Debian\Snort based IDS" available in http://www.snort.org/docs
    (Closes: #193544)
  * debian/patches/*: Refresh the patches to apply to the new upstream release
  * debian/po/*: Refresh all templates since the previous templates for
    database configuration have gone along with the snort database 'flavor'
    packages.
  * debian/snort-common.preinst: Remove the /etc/snort/database.conf on
    upgrades
  * debian/snort.preinst: Control output of usermod
  * debian/snort-common.{config,templates}: 
      - Add code to detect old configuration files with content (which might
        happen on upgrades to 2.9.3 coming from the snort-mysql or snort-pgsql
        packages) and warn the user if they exist.
      - Update the list of valid preprocessors for this release

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Wed, 08 Aug 2012 22:12:35 +0200

snort (2.9.2.2-3) unstable; urgency=medium

  [ Upload target towards Wheezy fixing some important bugs
    and substantially improving the information provided on the
    packages to clarify user expectations ]
  * Acknowledge previous NMU
  * debian/patches/config: Update the patch to: 
     - use absolute paths instead of relative paths to point to
       the white list and black list used by the reputation
       pre-processor.
     - disable the reputation as we do not ship any white/black lists
       by default (which causes it to fail at startup) and also
       because this preprocessor is experimental.

       Both changes fix the bug that prevented the package from being
       configured due to errors when starting up Snort with the 
       default configuration (Closes: #677810)

      - Add a comment to /etc/snort/snort.conf documenting for users
        reading the file that preinstalled rules are surely out of date.

  * debian/patches/config_disabled_rules: Comment out shellcode rules as these
    have a huge impact in performance unless properly tuned.
  * debian/patches/rules: Fix the definition of many SIP rules (defined
    as 'alert ip any any'. These were generating a lot of false positives
    in environment were enabled. Regardless of the change comment out SIP
    rules since they are outdate can generate many false alarms unless
    properly defined.  (Closes: #626596, #680303).
  * debian/control: Adjust description of snort-rules-default to indicate
    users that the ruleset provided should not be considered up-to-date.
    Encourage users to obtain additional/upgraded rules elsewhere.
  * debian/snort-rules-default.README.Debian: Include more information to
    potential users on the issues related to the default ruleset provided
    (and why it is out of date) as well as pointers as to where obtain
    additional rulesets. Some of this information is also in the NEWS file
    but is easy to miss to new users.

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Tue, 07 Aug 2012 23:53:24 +0200

snort (2.9.2.2-2.1) unstable; urgency=low

  [ gregor herrmann ]
  * Non-maintainer upload.
  * Drop quilt framework, the package uses source format "3.0 (quilt)".
  * Fix FBTFS when called with build-arch:
    - don't remove configure-stamp in debian/clean_sources.sh; otherwise
      build-basic gets called again
    - update target dependencies in debian/rules

 -- Nicholas Bamber <nicholas@periapt.co.uk>  Fri, 22 Jun 2012 10:49:16 +0100

snort (2.9.2.2-2) unstable; urgency=low

  * Fix "FTBFS with multiarch libmysqlclient-dev" using the
    patch supplied by Gregor Herrmann :
    + apply patch from Ubuntu / Jean-Louis Dupond:
      - debian/rules: use mysql_config to find libraries to fix FTBFS 
        with multiarch libmysqlclient.
    + debian/control: Build-Depends: drop virtual libmysqlclient15-dev,
      make libmysqlclient-dev versioned to get mysql_config's --variable= 
      switch.
    (Closes: #650060)

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Sun, 02 Jun 2012 17:56:00 +0200

snort (2.9.2.2-1) unstable; urgency=low

  * New upstream version (bug fix release) (Closes: #666125)
     - Provides portvar $FILE_DATA_PORTS in etc/snort.conf (Closes: #661944)
  * Acknowledge NMU (Closes: #669524)
  * debian/check-snort-conf.sh: New script to check the validity
     of the etc/snort.conf file provided
  * debian/patches/series, debian/patches/config_disabled_rules,
    debian/patches/config: Create independent patch to comment
    the rules files which are not provided in the Debian package.

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Sun, 06 May 2012 01:01:30 +0200

snort (2.9.2-3.1) unstable; urgency=low

  * Non-maintainer upload.
  * Correct tex .sty path (Closes: #669524)

 -- Emfox Zhou <emfox@debian.org>  Mon, 30 Apr 2012 15:57:48 +0800

snort (2.9.2-4) unstable; urgency=low

  * Fix typo (appropiate --> apppropriate) in all the Snort templates. Also
    update translations and manually unfuzzy them

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Tue, 14 Feb 2012 00:38:01 +0100

snort (2.9.2-3) unstable; urgency=low

  * Restore code from the 2.8.5.2-5 package onwards which was lost when
    the version of experimental was moved to the archive. 
     - Now /var/lib/snort is created through package configuration, as
       it should have been
     - Remove md5sum files when purging (Closes: #657038)
  * debian/rules: 
      - Enable IPv6 support which was optional in version 2.8 for the Snort
        binary package. This is not enabled for the database binary packages
        (snort-pgsql and snort-mysql) as the database schemas do not support
        IPv6.  (Closes: #633064) (LP: #703707)
      - Include the quilt makefile and add dependencies in -stamp and 
        clean targets
  * debian/snort.init.d: 
      - Do not abort if the package is not configured to use a database but
        the db-pending-config semaphore is found.  Remove it instead and
        continue. This can happen if a database-related package was installed,
        removed and then 'snort' is installed afterwards. 
        (LP: #316878, #639755, #722488, #754230, #798608, #876615, #816634)
        (LP: #891904, #918250)
  * debian/snort-{mysql,pgsql}.postrm:
      - Remove the db-pending-config semaphore file when removing the package.
        This prevents errors with the snort.init.d logic if a database package
        is left unconfigured and then replaced with the snort (non-database)
        package.
  * debian/README-database.Debian: Indicate that database support will be
    deprecated in 2.9 and document that IPv6 is not supported either
  * debian/control:
     - Add Build-Depends on quilt
     - Add VCS entries
     - Put the complete maintainer's name in UTF-8
     - Change Uploaders, add Andrew Pollock and remove Pascal Hakim
     - Update Standards Version

 -- Javier Fernández-Sanguino Peña <jfs@debian.org>  Wed, 25 Jan 2012 22:24:30 +0100

snort (2.9.2-2) unstable; urgency=low

  * debian/control:  Add net-tools to Depends: of snort, snort-mysql and
    snort-pgsql since 'ifconfig' is required for the configuration script
    to work. (Closes: #656445)
  * debian/snort{,-mysql,-psql}.postinst: Create the checksum directory if it
    does not exist right at the beginning since it might not be created.
    (Closes: #656445)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Thu, 19 Jan 2012 20:34:02 +0100

snort (2.9.2-1) unstable; urgency=low

  [ Andrew Pollock ]
  * New upstream release, upload to unstable
     - Fixes CVE-2009-3641: DoS while printing specially-crafted IPv6 packet
       using the -v option (Closes: 553584)
     - The package no longer build-depends on iptables-dev and the negated list
       of architectures is no longer used (Closes: 634660)
     - debian/patches/config: Patch the configuration file to remove include
       files not currently available (Closes: #619446)
     - This version is fully supported rule-wise (LP: #872582)
  * Switch to dpkg-source 3.0 (quilt) format
  * Port across all changes from Snort 2.8.5.2-5 and later in unstable
  * debian/snort.postinst: create the directory that the checksum for
    snort.debian.conf will be created in if it doesn't already exist
  * debian/rules: tell dh_makeshlibs to not call ldconfig in the
    preinst/postinst of snort-common-libraries
  * debian/rules: don't install README.WIN32 into snort-doc

  [ Javier Fernandez-Sanguino Peña ]
  * debian/rules:
     - Set enable-zlib when configuring all packages to force it to be 
       enabled as this is required by the http_inspect preprocessor which
       is enabled by default (Closes: #631854)
     - Included (commented) the patch provided by Clint Byrum and included in
       Ubuntu to prevent snort from FTFS with libmysqlclient-dev which will be
       multiarch in the future. The patch uses mysql_config to find libraries
       to fix FTBFS with multiarch libmysqlclient. Not enabled since the
       version of libmysqlclient in unstable currently does not support the
       --variable=pkglibdir option
  * debian/snort{,-inline}.config: Use LC_ALL=C when calling ifconfig to make 
    the postinst work when ifconfig's output is internationalised (Closes: 577033)
  * debian/control: Fix link in the rules package, point to 
    http://www.snort.org/snort-rules/ (Closes: 646547)
  * debian/my/snort-stat: Modify so that alerts with Priority but without classification
    are analysed when parsing syslog information. Also set the class to 'Undefined'
    instead of leaving it empty. (Closes: 590061)
  * po-debconf translation updates:
    - Danish, provided by Joe Dalton (Closes: 638678)
    - Dutch, provided by Jeroen Schot (Closes: 654239)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Fri, 13 Jan 2012 21:54:25 +0100

snort (2.8.5.2-9.1) unstable; urgency=low

  * Non-maintainer upload.
  * Empty dependency_libs in libtool la file(s).
    http://wiki.debian.org/ReleaseGoals/LAFileRemoval Closes: #621859

 -- Andreas Metzler <ametzler@debian.org>  Sat, 18 Jun 2011 14:08:33 +0200

snort (2.8.5.2-9) unstable; urgency=low

  * debian/rules: Change gs-common Build-Depends-Indep to ghostscript fo fix
    FTBFS, thanks to Andreas Metzler for the solution.  (Closes: 618197)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sun, 10 Apr 2011 10:57:55 +0200

snort (2.8.5.2-8) unstable; urgency=low

  * debian/snort{,-mysql,-pgsql}.config: Remove the '-o' from
    DEBIAN_SNORT_OPTIONS that was prepended by the postinst script in
    version 2.8.5.2-2 on upgrades.
  * debian/snort{,-mysql,-pgsql}.prerm: Change /usr/sbin/nessus to /usr/sbin/snort

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Thu, 22 Jan 2011 12:18:03 +0100

snort (2.8.5.2-7) unstable; urgency=low

  * debian/snort{,-mysql,-pgsql}.config: Remove the '-p' from
    DEBIAN_SNORT_OPTIONS that is prepended by the postinst script (if disable
    promiscuous is set) before adding it to the debconf value to prevent this
    option from being readded again and again on reinstall.  (Closes:  #608635)
  * debian/snort{,-mysql,-pgsql}.postinst: Remove the temporary file used to
    test if the configuration files has not been modified when upgrading to
    a new version.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sun, 02 Jan 2011 20:47:26 +0100

snort (2.8.5.2-6) unstable; urgency=high

  * debian/snort{,-mysql,-pgsql}.postinst: Introduce code to be able to manage
     the situation in which a local admin has introduced changes in the
     /etc/snort/snort.debian.conf configuration file manually. Keep the
     local changes and leave the file untouched on upgrades. (Closes: #608590)
  * debian/snort-{mysql,-pgsql}.postinst:
       - Introduce code to be able to manage the situation in which a local
         admin has introduced changes in /etc/snort/database.conf and has not
         used dpkg-reconfigure. Keep the local changes and do not touch the
         file on upgrades.
       - Generate the database.conf regardless of the status of the
         db-pending-config file as we need the configuration file in any case.
  * debian/snort{,-mysql,-pgsql}.config: Read the values of the configuration
     file /etc/snort/snort.debian.conf and use them to set to preseed all the
     debconf values. This ensures that local changes are reloaded into debconf
     if any changes are made in the file and makes it possible to regenerate
     the file with dpkg-reconfigure.
  * debian/snort{,-mysql,-inline,-pgsq}.config: Make it possible to debug the
    scripts through the use of the  DEBIAN_SCRIPT_DEBUG environment variable
  * debian/snort-{mysql,pgsql}.config: Fix error in call of template which
    belongs to the snort package. Use the proper template now.
  * debian/README-database.Debian: Fix syntax error in MySQL example calls and
     reword the text a bit to clarify that the provided information are just
     examples on how to setup the databases.
  * debian/po/: Use debconf-updatepo to remove obsolete translations from PO
    files.
  * debian/NEWS: Remove the indication that database.conf should not be
    manually edited.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sat, 01 Jan 2011 23:40:30 +0100

snort (2.8.5.2-5) unstable; urgency=high

  * Final RC bug fix:
  * snort-common: Create the database.conf file on package's configuration not
    on the preinstallation script (Closes: #607801)
  * Lintian fixes:
     * debian/control: Upgrade standards version, no changes required
     * debian/snort.init.d: add $remote_fs to Required-Start and Required-Stop
     * debian/snort.templates: Move the config_error template over to
        debian/snort-common.templates as it is used there
     * debian/snort-{mysql,pgsql}.templates: remove the config_error template
        there as it is not used
     * debian/control: Upgrade the Build-Depends on debhelper
     * src/parser.c: Typo fix argu*e*ment -> argument
     * src/preprocessors/spp_perfmonitor.c,
       src/dynamic-preprocessors/dns/spp_dns.c:
         Typo fix: sep*e*rated --> separated
  * rules/web-misc.rules: Limit the depth when searching for an HTTP version
    to prevent false positives from apt-get User-Agent string (LP: #258155)
  * debian/snort.init.d: Separate warning message from main messages.
  * debian/TODO: review contents and update

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sun, 26 Dec 2010 13:20:25 +0100

snort (2.9.0.1-2) experimental; urgency=low

  * [ The Merry Xmas for experimental users Release ! ]
  * Forward port the changes introduced in the unstable package
    to experimental tool to make for smoother upgrades to the
    upstream release.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Fri, 24 Dec 2010 19:52:48 +0100

snort (2.8.5.2-4) unstable; urgency=high

  * [ The Merry Xmas and Merry RC bug fixing Release! ]
  * debian/snort-common.preinst:
      - Fix how the files are generated and use Perl instead of bash's echo
        as the latter will interpret content in the configuration file
        and will botch it
      - Fix typo in the configuration file which moved the configuration
        file to database.conf instead of just the database configuration.
      - Only generate content in database.conf if the default configuration
        file contains the DBSTART line from previous versions.
      - Be cautious, if an empty configuration file is generated then
        abort.
    (Closes: 607951)
  * debian/snort.preinst: Do not output information from usermod as this is
    not needed
  * Disable an error in rules/comunity-smtp.rules  that prevents snort from
    loading due to the use of !any (Closes: 607751)
  * debian/snort-{pgsql,mysql}.postinst: Fix syntax error in postinst scripts
    (Closes: 607678)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Fri, 24 Dec 2010 19:39:51 +0100


snort (2.8.5.2-3) unstable; urgency=low

  * Move the database configuration code for the -mysql and -pgsql packages
    into an independent file (/etc/snort/database.conf). This prevents the
    debconf script from modifying /etc/snort/snort.conf, which is a conffile.
    And, consequentely, prevents upgrade prompts for users as well as some
    other issues when upgrading (Closes: #603428, #566308)
    * Adding snort-common-preinst to split off exiting config or touch the
      new database config file on new installations to ensure it exists.
    * Modify etc/snort.conf to include the new database configuration file.
    * Modify snort-{mysql,pgsql}.postinst to use new configuration file.
    * Modify snort-{mysql,pgsql,common}.postrm to purge new configuration file if
      it exists.
    Thanks to Alexander Reichle-Schmehl for the initial patch used to fix this issue
  * debian/NEWS: describe the new change on database handling
  * debian/snort{,-inline,-mysql,-pgsql}.prerm: Move the code in charge of killing
    snort astray children over to the proper location and also ignore errors 
    if there are (process might appear spurously in the process table due to
    race conditions) (Closes: 557729)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Mon, 20 Dec 2010 15:25:49 +0100

snort (2.9.0.1-1) experimental; urgency=low

  * New upstream release. 
  * Change configure.in to use 'dumbnet' instead of 'dnet' since the library
    is renamed in Debian
  * debian/control: 
       - Make it Build-Depend on libdumbnet-dev since this release now requires
         it (it was previously optional)
       - Remove iptables-dev (no longer required) (Closes: 634660)
  * debian/rules: 
        - Do not use --enable-smbalerts (no longer available) when configuring
  * Remove the following documentation from the installation as it is no longer
    available: doc/README.FLEXRESP, doc/README.FLEXRESP2

  * Upload to experimental until I get wider testing.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Thu, 11 Nov 2010 00:32:49 +0100

snort (2.8.5.2-2) unstable; urgency=low

  * Remove the reverse_order debconf option since Snort no longer supports the
    -o option. The default now in Snort is to have Pass|Alert|Log 
    (Closes: 565567)
  * Change error message in the init.d script to point to /var/log/daemon.log
    for Snort log messages.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Fri, 22 Jan 2010 00:12:52 +0100

snort (2.8.5.2-1) unstable; urgency=low

  * New upstream release 
     - Fixes CVE-2009-3641: possible DoS due to crafted IPv6 packet when
       then -v option is enabled
  * Fix src/snort.c since it is not buildable, it seems that the distributed
    source code has a bug.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Mon, 11 Jan 2010 23:53:05 +0100

snort (2.8.4.1-6) unstable; urgency=low

  * Package rebuild to fix libmysql depedency (Closes: #548831)
  * Remove use_static_footprint_sizes option from the stream5_tcp disassembler
    in etc/snort.conf as the use in production systems is actually discouraged
    [ see http://sourceforge.net/mailarchive/message.php?msg_name=d3a3e6ac0912080843i17a0302te36548e032b4b013%40mail.gmail.com ]
  * Lintian fixes:
     - Remove dh_undocumented from debian/rules
     - Add ${misc:Depends} to all binary packages
     - Use updated debhelper version (5)
     - Update Standards-Version (3.8.3)


 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Wed, 09 Dec 2009 02:05:57 +0100

snort (2.8.4.1-5) unstable; urgency=low

  * Fix snort-stat so that it can generate proper emails even if Classification
    is missing from the alert log, use fix suggested by Pavel Mateja.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sun, 01 Nov 2009 00:43:02 +0100

snort (2.8.4.1-4) unstable; urgency=low

  * Fix init.d so that if 'restart' is executed when no instance is
    running (no pidfile) it will try to start all of instances, just
    if 'start' was executed. (Closes: #540450)
  * Add information on how the init.d script works (Closes: #512810)
  * Fix name of file in README-database.Debian, remove the database
    information from the main README.Debian file. (LP: #302218)
  * Fix bug in debian/clean-sources.sh script (Closes: #547316)
  * Use a patch provided by Dave Walker <DaveWalker_AT_ubuntu.com>
    to prevent starting snort-mysql|pgsql if the database is not configured 
    yet. This bug cannot be really fixed until we use dbconfig-common
    here to ask for all the database information to the user
    through Debconf. (LP: #222091) (Closes: #545082)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Wed, 23 Sep 2009 01:35:05 +0200

snort (2.8.4.1-3) unstable; urgency=low

  * Change the log message in debian/snort.init.d so people are not led to
    believe they need a /etc/snort/snort.$iface.conf configuration file,
    /etc/snort/snort.conf is usually just fine.
  * Lintian fixes:
   - Fix long lines in changelog
   - Fix debconf priority in configuration scripts (error -> high)
   - Do not install README.WIN32 in snort-doc's documentation
   - Do not ignore errors on snort-rules-default.{postrm, preinst}

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sun, 02 Aug 2009 18:27:04 +0200

snort (2.8.4.1-2) unstable; urgency=low

  * Rebuild and upload to unstable. (Closes: 528496)
  * As acknowledged by upstream and confirmed by users, this release fixes a
    segfault in snort-mysql (Closes: 536144)
  * Updated Russian po-debconf translation provided by Yuri Kozlov 
    (Closes: 528677)
  * Change syslogd dependency in snort, snort-pgsql and snort-mysql to rsyslog 
    since that is the default syslog daemon now. (Closes: 526916)
  * Remove the syslog dependency from snort-common and snort-rules-default

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sat, 01 Aug 2009 17:50:30 +0200

snort (2.8.4.1-1) experimental; urgency=low

  * New upstream release. 
  * Only provided the latest release notes at debian/snort-common.docs, move
    older RELEASE notes to docs/
  * Update the doc list at debian/snort-doc.docs with the contents from
    doc/ (new READMEs). Add also the old RELEASE notes for reference.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Tue, 09 Jun 2009 02:33:43 +0200

snort (2.7.0-26) unstable; urgency=low

  * Fix bug in snort-pgsql and snort-mysql's configuration script introduced in
    the previous upload. They were using the wrong debconf keys which made
    maintainer scripts fail. (Closes: #526915)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Tue, 05 May 2009 01:29:37 +0200

snort (2.7.0-25) unstable; urgency=low

  * Use src/output-plugins/spo_database.c from the 2.8.4.1 release. This
    version includes the necessary code to configure the mysql connection so
    that it reconnects to the database in case the connection gets lost. This
    might happen if too few events are logged in Snort and the database
    connection timeouts. (Closes: #449568) 
  * Copy over src/ipv6_port.h from 2.8.4.1 and include it in
    src/output-plugins/spo_database.c
  * Update Japanese translation for the templates, thanks to Hideki Yamane
    (Closes: 510704)
  * Move the code that detects if interfaces are down over to snort-pgsql and
    snort-mysql.  This way, if the interface defined is not available it will
    prompt again, raising the debconf priority (Closes: #502084) 
    (LP: #477590, #655116)
  * Change all the config_parameters debconf input from 'medium' to 'error'
  * Change all the needs_db_config debconf questions from 'medium' to 'high'
    since users that do not see this note will end up with a non-functioning
    package.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sun, 03 May 2009 23:40:26 +0200

snort (2.7.0-24) unstable; urgency=low

  * Remove the LogMessage associated with fragmented traffic since it shows up
    even in systems that do not have ttl_limit set.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sat, 28 Feb 2009 13:03:22 +0100

snort (2.7.0-23) unstable; urgency=high

  * Fix error in call to LogMessage (missing parameters) which caused a segfault
    when fragmented packages were received and ttl_limit was set.  This bug was
    introduced in the patch to fix CVE-2008-1804. Urgency set to 'high' as in
    some circunstances it makes Snort fail to start on startup or die after
    working for only a few minutes. Also, this could be used as a DoS attack
    against an IDS sensor rendering it useless.(Closes: 503992)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sat, 21 Feb 2009 12:11:33 +0100

snort (2.7.0-22) unstable; urgency=low

  * Include patch from dato to make the package binNMU-safe
  * Remove debian/CVS and debian/my/CVS
  * Fix bug in snort-stat that made it miss alerts generated by preprocessors (they only contain
    Priority) as well as fix the setting of $alert->{PRIORITY} for alerts
    generated by rules. Thanks for Gabor Gombas for the patch. (Closes: #500215)
  * Lintian fixes:
    - Use Standards Version 3.8.0, no changes needed.
    - Make snort-rules-default.postrm run with 'set +e' and append '|| true' to
      rmdir calls so that the script does not abort if the directories are not
      empty.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Wed, 05 Nov 2008 00:15:40 +0100

snort (2.7.0-21) unstable; urgency=low

  * Reupload to unstable, build with proper libraries. Fix mess introduced
    by previous upload.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Wed, 29 Oct 2008 00:01:54 +0100

snort (2.7.0-20.3) testing-proposed-updates; urgency=low

  * Reupload to testing to *really* depend on newer libpcre.
  * Include patch from dato to make the package binNMU-safe
  * Remove debian/CVS and debian/my/CVS

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Tue, 04 Nov 2008 22:35:26 +0100

snort (2.7.0-20.2) testing-proposed-updates; urgency=high

  * Upload to testing-proposed-updates to fix security bug CVE-2008-1804 (see
    below). This package cannot go through sid since the sid build uses a
    newer libpcre version not available in lenny. (Closes: #483160)
          
 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Tue, 28 Oct 2008 21:32:48 +0100
           
snort (2.7.0-20) unstable; urgency=high

  [ CVE-2008-1804 ]
  * Fix error in preprocessors/spp_frag3.c that prevented Snort from properly
    identifying packet fragments that had dissimilar TTL values, which allowed
    remote attackers to bypass detection rules by using a different TTL for
    each fragment. Also update src/generators.h to include the new FRAG3_MIN_TTL
    defines (Closes: #483160)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Wed, 22 Oct 2008 01:33:34 +0200

snort (2.7.0-19) unstable; urgency=low

  * Make the snort_rules_update example script use bash instead of sh.
    (Closes: #489662)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sat, 09 Aug 2008 22:31:47 +0200

snort (2.7.0-18) unstable; urgency=low

  * Romain debconf translation provided by Eddy Petrior (Closes: 486137)
  * Swedish debconf translation provided by Martin Bagge (Closes: 491785)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Mon, 28 Jul 2008 22:39:37 +0200

snort (2.7.0-17) unstable; urgency=low

  * Include the README-database-upgrade.Debian in the documentation of the
    database packages, I forgot to do this in -15

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Fri, 02 May 2008 11:52:12 +0200

snort (2.7.0-16) unstable; urgency=low

  * Lintian fixes:
    - NEWS file now says unstable instead of experimental
    - copyright file is now UTF-8
    - wrap around files in the changelog
    - remove empty /usr/src directory from snort-common-libraries
    - fix spelling error in NEWS file
    - fix manpage error in snort.8
    - change doc-base sections to Network/Monitoring

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Fri, 02 May 2008 10:28:21 +0200

snort (2.7.0-15) unstable; urgency=low

  * Update to Standards-Version 3.7.3:
    - Have the logrotate script call invoke-rc.d if available to do the 
    'right thing' if the admin has configured Snort to not run by default.
  * Copyright review:
     - Add copyright statements to the debian/copyright
     - Note that the Snort source code is distributed as GPL 2 only (not
     version 3)
     - Create a copyright_review.sh shell script to review the contents of
     the sources and find new copyright statements
     - Point in debian/copyright to the GPL-2 file, not to GPL (which is v3)
  * Expand brace-expanded content in debian/rules to prevent bashism 
    (Closes: #478627)
  * Modify the provided snort_rules_update to use oinkcodes, note
    in the script that the use of 'oinkmaster' should be preferred
    (Closes: 314483)
  * Remove Homepage: from binaries package when redundant with the
    source package.
  * Handle in the init.d script the case of interfaces being available
    but not up, thanks to Drew Parsons for an exhaustive analysis and
    patch (Closes: #471462)
  * Remove header files from the snort-common-libraries package. If users
    request it back I will create a snort-common-libraries-dev package
    providing these headers (Closes: 440842)
  * Database upgrade:
      - Added README-database-upgrade.Debian to describe the steps that
      need to be done to upgrade the Database, also update upstream's
      (cursory) documentation to describe the v107 changes (Closes: 445334)
      - [src/output-plugins/spo_database.c] Modify the text messages to 
      point users to the proper location of documentation in Debian
      systems as well as to the (Debian-specific) documentation 
      related to databases.
      - Tell users (through NEWS.Debian) that the schema changed from
      2.6 to 2.7 and they will need to upgrade their database.
  * Include the RELEASE NOTES for older releases and provide all of them
    (for the 2.3, 2.4, and 2.6 releases) as users might find them useful
    for upgrade purposes (Changelog might be too detailed)
  * Debconf templates and debian/control reviewed by the debian-l10n-
    english team as part of the Smith review project. Thanks to
    Christian Perrier for his hard work getting this done (Closes: #469803)
  * [Debconf translation updates]
    - Italian translation, updated by Gianluca Cotr (Closes: #477056)
    - Galician translation, updated by Jacobo Tarrio (Closes: #474622)
    - Portuguese translation, updated by Traduz (Closes: #475086)
    - German translation, updated by Erik Schanze (Closes: #477082)
    - Vietnamese translation, updated by Clytie Siddall 
      (Closes: #477324, #478223)
    - French translation, updated by Christian Perrier  
      (Closes: #478229, #478230)
    - Czech translation, updated by Jan Outrata (Closes: #478246)
    - Russian translation, updated by Yuri Kozlov (Closes: 478303)
    - Dutch translation, updated by Peter Vandenabeele
    - Spanish translation, updated by myself
  * [New Debconf translations]
    - Basque translation, provided by Piarres Beobide (Closes: #475457)
    - Finnish translation, provided by Esko Esko Arajärvi 
      (Closes: #475648, #478211)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sun, 27 Apr 2008 21:58:37 +0200

snort (2.7.0-14) unstable; urgency=high

  * Move installation of the snort.default file from the install-indep rule to
    the install rule. This error was preventing /etc/snort/default from being
    created in the Snort binary packages and, consequently, the init.d would
    fail to start properly and the package would not install (Closes: #471895,
    #473282)
  * Add libgnutls-dev Build-Depend (Closes: #476651)
  * Fix typo in the name of the community rules in snort.conf, thanks to
    David Gil for providing a patch (Closes: #470881)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sun, 20 Apr 2008 21:39:47 +0200

snort (2.7.0-13) unstable; urgency=low

  * Make the build: target be an empty one, instead of having it depend on
    both build-arch and build-indep
  * Remove texlive-latex-recommended from Build-Depends-Indep as suggested by
    James Vega

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sun, 16 Mar 2008 00:16:47 +0100

snort (2.7.0-12) unstable; urgency=low

  * Add texlive-latex-recommended to Build-Depends-Indep since refcount.sty
    and kvoptions.sty are used 
  * Have the binary-{arch,indep} depend on install-{arch,indep} instead
    of in the install target.
      - Move install calls related to snort-common to the install-indep target
  * Add some sty files to the build-indep checks in debian/rules so that the
    documentation is not compiled unless all are available. Yes, buildds are
    stupid enough to pre-install latex, make the previous checks insufficient
    and *still* call the build (not build-arch) target! (Closes: #445113)
  * Unindent comments in debian/rules so that they do not show up.

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sat, 15 Mar 2008 20:13:34 +0100

snort (2.7.0-11) unstable; urgency=low

  * Make the init.d script not depend on the availability of iproute.
    (Closes: #463020, #466674) 
  * Added a Recommends on iproute, as it can be used to improve the
    behaviour of the initd script.
  * Modify the init.d script to remove also the lockfiles for PIDFILEs
  * Move snort-doc to Suggests in the snort package and add it to snort-pgsl
    and snort-mysql too.
  * Fix FTBFS on GNU/kFreeBSD (due to unsatisfied Build-Depends on
    iptables-dev), thanks to Petr Salinger for the fix (Closes: #466073)
  * Modify src/snort.c to prevent it from showing a message when it tries to
    remove the PIDFILE. This fails in Debian since Snort is not running 
    as the root user and the daemon cannot modify /var/run. The code is 
    changed so that the error message related to not being able to remove the
    PIDFILE is only presented if running as root or writing the PIDFILE to a
    directory that is not /var/run. (Closes: #462423)
  * Po-debconf translation updates:
      - Fix error in Italian translation (Closes: #462865)
      - Japanese translation update, provided by Hideki Yamane (Closes: #463650)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sun, 24 Feb 2008 22:21:09 +0100

snort (2.7.0-10) unstable; urgency=low

  * Add a new ALLOW_UNAVAILABLE definition in /etc/default/snort which
    makes the init.d not complain if a configured interface is not available.
    Also make the init.d script not break if no instances are configured
    through debconf (to make it possible to use snort using just if-up.d
    by providing a given interface instance as a 'start' parameter)
    (Closes: #458823)
  * Fix typo in templates, unfuzzy translations I can "understand" and
    which seem to have fixed the typo themselves.
  * Po-debconf updates:
    - Update German translation provided by Erik Schanze (Closes: #462674)
    - Updated Italian translation provided by Gianluca Cotr (Closes: #462865)
    - Romanian translation provided by Eddy Petrisor (Closes: #460344)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Sun, 27 Jan 2008 11:12:05 +0100

snort (2.7.0-9) unstable; urgency=low

  * Modify debian/rules to prevent autobuilders from building 
    the binary-independent components: (Closes: #445113)
    (Thanks dato for the tip)
     * Create a new Build-Depends-Indep with all the TeX components used
       to build documentation
     * Since autobuilders call build, which in turns calls build-indep, hack
       the debian rules file so that the documentation is only built
       if ps2pdf, dvips and pslatex are available. 
  * Enable prelude support in all variants (Closes: #458790)
  * Debconf translation updates:
     - Dutch, provided by Peter Vandenabeele
     - Vietnamese, provided by Clytie Siddall (Closes: #458161)
     - Portuguese, provided by Miguel Figueiredo (Closes: #458214)
     - Galician, provided by Jacobo Tarrio (Closes: #458533)
     - French, provided by Christian Perrier (Closes: #458621)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Mon, 31 Dec 2007 00:31:13 +0100

snort (2.7.0-8) unstable; urgency=low

  * Rewrite debian/rules:
      - the documentation does not get build on the binary-arch target,
      (Closes: #445113) 
      - there is now a install-dep and install-arch
      - install-* dependencies do not depend on build
      - create a 'clean-sources' target, used only by the 'clean' target
      - create a clean_sources.sh script to clean the sources properly before
        each run
      - call 'clean_sources.sh' before a binary (pgsql, mysql...) is built to
        prevent the binary-* rule from calling 'distclean' at the end of each
        run (and thus making issues more difficult to debug)
      - generate a configure target and use it when building both -arch
        and -indep (needed to generate doc/Makefile)
      - copy, instead of moving, the binaries, so the 'install' target 
        is more idempotent (still have to use dh_install more to make it so)
  * Change Maintainer's email address
  * Create a mechanism to generate all the templates using a "template of
    templates" since all the questions where the same with small differences
    per package.
      - Also fixed snort-inline templates, which were not correct (pointed
        to the wrong configuration file)
      - Update Spanish translation myself
  * Change the init.d script so it behaves like LSB demands:
      - Do not exit with error if there are no running instances and we
        try to stop
      - With 'status', exit with a 1/3 error based on the existence (or not
        of the pidfiles)
      - Dot not exit with error when trying to start an instance that is
        already started (use running() for that)
      - Check if the user is root before attempting to star/stop/restart
      - Adjust to LSB exit values (instead of just using always '1', use
        3-6 to indicate several different errors)
  * Lintian cleanup:
      - Move Homepage: from the description to a pseudo-header in
      debian/control
      - do not ignore distclean errors
      - remove call to dh_suidregister, we did not use it
      - add DEBHELPER token to snort-common.postinst
      - update config.guess and config.sub with automake's 1.7 versions
        (this is not done automatically in the package, however)
      - replace ${Source-Version} substvar with ${binary:version}
      - Move the configuration check of snort-common over to the config
        script and leave the postinst only to check the status of the
        init.d script. Also, modify the snort-common.postinst so it only
        does the configuration check if invoke-rc.d (if installed)
      - Fix 'malformed-title-in-templates' in all templates by removing
        the ending dot
      - Fix the 'malformed-prompt-in-templates' by adjusting the contents
        of all the titles affected
      - Shorten the length of the 'interface' template
      - Fix syntax on debian/NEWS
      - Remove empty dirs

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Thu, 27 Dec 2007 09:14:00 +0100

snort (2.7.0-7) unstable; urgency=low

  * Remove empty comment line in lsb headers

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Mon, 01 Oct 2007 03:01:26 +0200

snort (2.7.0-6) unstable; urgency=low

  * Create a separate snort-libraries package and move all the libraries that
    were previously (wrongly) included in the snort-common package there
    (Closes: #439642)
  * Add proper LSB headers, license and copyright to the init.d file
  * Also add proper messages to the init script and proper checks to generate
    the correct errors when non-root users try to run the script. Exit status
    of the script should now reflect better the problems found.
  * Removed dependencies on essential packages (coreutils)
  * Recode Debian changelog to UTF-8

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Mon, 01 Oct 2007 01:24:32 +0200

snort (2.7.0-5) unstable; urgency=low

  * Initialise variables in preinst to prevent collisions with predefined
    environment variables (Closes: #443481)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Fri, 21 Sep 2007 22:49:25 +0200

snort (2.7.0-4) unstable; urgency=low

  * Fix phrase in the NEWS file

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Wed, 29 Aug 2007 18:26:45 +0200

snort (2.7.0-3) unstable; urgency=low

  * Move over the package to unstable.
  * Fix FBTFS at Ubuntu due to snort_manual.tex still using latex2html's
    html.sty. Thanks Michael Bienia for spotting this and point at the
    issue with a patch (Closes: 436244)
  * Fixed a typo in the French translation (Closes: 432840)
  * Fix documentation errors in debian/README-database.debian. (Closes: 416400)

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Mon, 06 Aug 2007 23:28:02 +0200

snort (2.7.0-2) experimental; urgency=low

  * Fix generation of the common snort binary, which was distributed without
    prelude support.
  * Fix location of dynamic engines in snort.conf
  * Change signatures 1443 and 1444 since there was an error in their
    definition ( Cannot use 'rawbytes' and 'http_uri' as modifiers for the
    same "content" nor use 'rawbytes' with "uricontent". )

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Wed, 01 Aug 2007 02:49:50 +0200

snort (2.7.0-1) experimental; urgency=low

  * New upstream release (Closes: #435417, #404991, #320920, #323985)
     - Fixes DOS attack: CVE-2006-6931 - "Backtracking Algorithmic Complexity"
       DoS against IDS engine (Closes: #407421)
  * Introduce all the rules available from the 2.4 release which are GPL and
    are non-VRT certified, that is, all rules which are outside of the range
    [3,465-1,000,000]. This amounts to a total of 3935 rules (820 of which are
    Community released).
  * In order to handle rulesets with mixed GPL and non-GPL rules two scripts
    have been made available in the source rules/ subdirectory:
        - remove-non-gpl.pl - Given a rules file removes all rules outside
          the above range
        - purge-non-gpl.sh - Given a directory dumps on the local directory
          only rules outside this range.
    In order to limit maintainer overhead the header for modified rulesets has
    not been changed.
  * Include the VRT license file. This file is kept for reference under the
    rules/ dir, although *no* rule in this package is under that non-free license.
  * Include a NEWS.Debian item describing the license change and the rules
    distributed within this package.
    not in the database packages (Closes: #320920)
  * As a consequence of the above Build-Depend on libprelude-dev, iptables-dev
  * Provide support for Prelude in both snort and snort-inline packages but
  * The examples are now included in the -common package instead of having
    them  in all the binary packages

  This package provides support to make an experimental separate binary
  package for inline support: snort-inline, which most of the configuration is
  shared with the snort binary package but the PPP related options have been
  removed. However, snort-inline does not support libnet 1.1 so we cannot
  provide it yet. This has been changed in Snort's code but it's far from
  complete:
       - Make the configure script work with libnet 1.1. 
       - Port parts of the API (some declarations) to 1.1

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Tue, 31 Jul 2007 23:35:06 +0200

snort (2.3.3-15) unstable; urgency=low

  * Include all the community signatures available as of today into the
    snort-signatures package. This means 820 new signatures go in.
  * Sync mappings:
    * Updated the gen-msg.map under rules/ with the maps under etc/ 
    * Updated the sid-msg.map under etc/ with the maps under rules/ 

 -- Javier Fernandez-Sanguino Pen~a <jfs@debian.org>  Tue, 31 Jul 2007 21:57:46 +0200

snort (2.3.3-14) unstable; urgency=low

  * Use the patch provided by Matt Kraai to fix the FTBFS due to the
    tetex -> Texlive transition. Also make the package Build-Depend 
    on texlive and texlive-latex-base instead of tetex-bin and tetex-extra
    (Closes: 419454)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Sun, 22 Apr 2007 16:41:50 +0200

snort (2.3.3-13) unstable; urgency=low

  * Translations added:
    - Tamil translation, provided by Tirumurti Vasudevan (Closes: #413830)
    - Russian translation, provided by Yuriy Talakan' (Closes: #411822)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Tue, 13 Mar 2007 16:30:52 +0100

snort (2.3.3-12) unstable; urgency=low

  * Translations updated:
    - Czech (Closes: #408619)
    - Swedish
  * New translations
    - Galician, provided by Jacobo Tarrio (Closes: #409651)
    - Italian, provided by Gianluca Cotrino. Slightly edited to fix header. (Closes: #411270)
    - Romanian, provided by Eddy Petrisor (Closes: #409505)
    - Portuguese, provided by Miguel Figueiredo

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Sun, 18 Feb 2007 12:25:45 +0100

snort (2.3.3-11) unstable; urgency=low

  * Restore German translation (somehow removed in previous upload), courtesy
    of Erik Schanze (Closes: #397017)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Tue,  2 Jan 2007 17:26:10 +0100

snort (2.3.3-10) unstable; urgency=low

  * Fix snort-mysql template to prevent translators from duplicating work
    (two templates were nearly identical except for a double space)
  [ Translations update ]
  * Updated Spanish translation
  * Updated Japanese translation, courtesy of Hideki Yamane (Closes: #391894)
  * Updated German translation, courtesy of Erik Schanze (Closes: #397017)
  * Updated Dutch translation, courtesy of Peter Vandenabeele.
  * Updated Vietnamese translation, courtesy of Clytie Siddall
  * Fix error in Catalan translation (which made msgstat fail)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Thu, 21 Dec 2006 19:52:38 +0100

snort (2.3.3-9) unstable; urgency=low

  * Do not try to remove /etc/snort in postrm if it does not exist anymore
    when purging (Closes: #389766)
  * Simplify coreutils dependencies (Closes: #381836)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Sun,  1 Oct 2006 23:29:20 +0200

snort (2.3.3-8) unstable; urgency=medium

  * Fix security issue CVE-2006-2769, potential evasion in URI content
    buffers. This evasion only applies to Apache protected servers since
    that server supports some characters. The patch used is from 2.4.5
    and is *not* the one provided by Demarc (which is not fully
    comprehensive and is much more intrusive).
    Since this is an evasion issue and not a real security issue 
    thus the 'medium' urgency even though it fixes security bug (Closes:
    #381726)

    From upstream (snort.org webpage, News item "Possible Evasion in
    http_inspect"): 

     «The Apache web server supports special characters in HTTP requests that
     do not affect the processing of the particular request. The current
     target-based profiles for Apache in the http_inspect preprocessor do not
     properly handle these requests, resulting in the possibility that an
     attacker can bypass detection of rules that use the "uricontent" keyword
     by embedding special characters in a HTTP request.»

     «It is important to note that this is an evasion and not a vulnerability.
     This means that while it is possible for an attacker to bypass detection,
     Snort sensors and the networks they protect are not at a heightened risk
     of other attacks.»

  * Backport fix of another (different) potential evasion in Stream4 (also in
    the Snort 2.4.5 release, no CVE name)
  * Relocate Czech translation, it was not under debian/po
  * Add a warning in /etc/default/snort that the SNORT_USER will be 
    modified (with usermod) every time you reinstall the package
    (don't change it to 'root'!)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Thu, 10 Aug 2006 00:44:36 +0200

snort (2.3.3-7) unstable; urgency=low

  * *Really* recompile to use latest libmysqlclient libraries (Closes:
    #366748)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Sat,  3 Jun 2006 15:20:57 +0200

snort (2.3.3-6) unstable; urgency=medium

  * Recompile to use latest libmysqlclient libraries (Closes: #366748)
  * Remove the following unused dependencies as suggested by  Stefan Huehner:
    libsnmp4.2-dev and libssl-dev (and their --with calls in debian/rules) . I'm
    still keeping the coreutils | fileutils dependency since I still want to
    compile this package in woody.(Closes: #365874)
  * Also remove DH_COMPAT from debian/rules as suggested by  Stefan Huehner in
    #365874
  * Move 'debian/my/lisapaper.txt' to snort-doc.docs and remove from snort,
    snort-pgsql and snort-mysql doc files (Closes: #340091)
  * Have faq.tex use hyperref.sty instead of latex2html's html.sty and comment
    the \latexonly definitions. This makes latex2html unnecessary to
    build the package (Closes: #365872)
  * doc-base files now point to the compressed PDF documents (lintian fix)
  * Updated debconf translations:
    - French translation provided by Christian Perrier (Closes: #359285)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Mon, 29 May 2006 20:05:29 +0200

snort (2.3.3-5) unstable; urgency=low

  * Updated Build-Dependencies to use libmysqlclient15-dev instead of the 
    old libmysqlclient10 library (Closes: #356706)
  * Add a 'DEBIAN_SNORT_SEND_STATS' option (controlled by debconf) to allow
    users to define if snort should send daily stats. Users that want to
    change the frequency should manually move over the cron.daily script
    to other cron.XXX locations (Closes: #353035)
  * Updated debconf translations:
    - Dutch translation with patch provided by Peter Vandenabeele
    - Spanish Debconf translation ('send_stats' template)
  * Do not indent '@' in the e-mail of users that receive the stats (Closes: #335803)
  * Preliminary code (only in snort.config) to detect if the default interface
    is up when configuring Snort, the Debconf question priority is raised if
    the interface is not up or it does not exist and the user is pestered
    if he still provides an invalid answer (unless he doesn't see the
    question, which is the case if running with debconf priority set to
    'high', in this case, we bail out)
    Note: will introduce this in the DB packages after it gets some testing
    out there.
  * Change the Debconf priority of the note that warns that  the configuration
    is not working to 'critical' (was 'high')
  * Acknowledge NMU made by Margarita:
    * Drop automake1.6 dependency in Build-Depends (Closes: #335143)
    * Updated config.guess and config.sub with the latest versions available
      to prevent FTBFS on GNU/k*BSD (Closes: #342446)
    * Updated german debconf translation with patch provided by Erik Schanze 
      (Closes: #345855)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Wed, 22 Mar 2006 02:09:01 +0100

snort (2.3.3-4) unstable; urgency=low

  * Build-Depend on newer automake version: 1.7 (Closes: #335143)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Tue, 17 Jan 2006 02:10:41 +0100

snort (2.3.3-3) unstable; urgency=low

  * Properly remove the snort user on purge.

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Thu, 20 Oct 2005 01:13:47 +0200

snort (2.3.3-2.1) unstable; urgency=low

  * NMU to drop automake1.6 dependency (Closes: #335143)
  * Updated config.guess and config.sub (Closes: #342446)
  * Updated german debconf translation (Closes: #345855)

 -- Margarita Manterola <marga@debian.org>  Sun, 22 Jan 2006 21:54:43 -0300

snort (2.3.3-2) unstable; urgency=high

  * Backport the following changes introduced in 2.4.1. Upstream changelog:
      * src/log.c:
        Fix problem in sniffer mode when incomplete TCP option data is received.
        Thanks A Hernandez for the find.
    (Closes: #328134)
    Note: This is a "security" bug but no CVE is assigned, it is actually
    something that can happen only if a Snort user willingly shoots himself
    on the foot (uses ASCII logging mode) or if he uses the fast output
    mode with some non-default options.
    For a detailed view see:
    Martin Roesch's mail "Snort DoS Fallacies" to snort-users and bugtraq:
    http://marc.theaimsgroup.com/?l=bugtraq&m=112665341207363&w=2
    http://marc.theaimsgroup.com/?l=snort-users&m=112657845119746&w=2
    http://marc.theaimsgroup.com/?l=snort-users&m=112667020331513&w=2
    http://marc.theaimsgroup.com/?l=snort-devel&m=112672013010948&w=2
    and also
    http://www.snort.org/pub-bin/snortnews.cgi#58
    To summarise: The only recommended alert methods in a production sensor
    are unified, syslog or database. And unified is The Right Way to run
    a sensor (others have important performance issues under high load )
    NOTE to Debian Security teams: I don't believe this bug merits a DSA 
    (or a DTSA for that matter)
    (Closes: #328134)
  * Backport the following changes introduced in 2.4.2. Upstream changelog:
      * src/output-plugins/spo_log_database.c:
      * schemas/create_mysql:
        Fixes to address schema being a keyword in MySQL 5.0.  Thanks Wes Young,
        Adolfo Gomez, and Aleem Mawji for the updates.
    (Closes: #327791)
  * Added Swedish translation provided by Daniel Nylander (Closes: #330834)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Fri, 30 Sep 2005 21:21:43 +0200

snort (2.3.3-1) unstable; urgency=low

  * New upstream release.
  * Use upstream's FAQ in PDF format instead of debian/my/FAQ.txt, also
    have the FAQ available only in the snort-doc package (after fixing 
    the Makefile so that the faq.tex file does not get removed on distclean)
  * Fix typo in snort.8 manpage (Closes: #326538)
  * Fixed address of the FSF in debian/copyright
  * Updated debconf translations:
    - Vietnamese provided by Clytie Siddall

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Wed, 31 Aug 2005 19:47:16 +0200

snort (2.3.2-8) unstable; urgency=low

  * _Really_ use debhelper compat version 4 now
  * Remove debian/*conffiles since debhelper now marks them as config files

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Sat, 27 Aug 2005 01:50:40 +0200

snort (2.3.2-7) unstable; urgency=low

  * Fix lintian warnings
  * Fix error in database config scripts (when not upgrading, the
    wait_for_db_config key does not exist) (Closes: #325223)
  * Updated debconf translations:
     - French provided by Christian Perrier

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Thu, 25 Aug 2005 21:52:19 +0200

snort (2.3.2-6) unstable; urgency=low

  * Add Dependency on "debconf | debconf-2.0" as requested by Joey Hess
  * Use Debhelper compatibility version 4
  * New mechanism for database packages:
    - Introduce a mechanism to create /etc/snort/db-pending-config on
      initial installation of the database packages.
    - Have the init.d script abort the start attempt if the 
      /etc/snort/db-pending-config file exists.
    - Describe how to setup the database support in README-database.Debian
      and install this document in the database packages.
      (Closes: #205683, #219696, #265735, #265878, #290104, #291616)
  * po-debconf changes:
    (still waiting a little bit before switching to dbconfig-common)
    - Sinchronise all the debconf templates of the different snort 
      variants.
    - Change the wait_for_db_config message, now called 'needs_db_config'
      and provides slightly different information.
    - Fixed typos in German debconf translation courtesy of Jens Seidel
      (Closes: #313906)
    - Added Japanese translation contributed by Hideki Yamane
      (Closes: #310096)
    - Added Vietnamese translation contributed by Clytie Siddall 
      (Closes: #318695)
    - Added Czech translation contributed by Jan Outrata (Closes: #321738)
    - Updated the Spanish translation.
    - Improve the debconf dialog with suggestions from Justin B Rye
      (Closes: #306269)
    - Fix the templates so that all the files use the same strings, that
      should reduce the workload of translating almost identical lines.
      (but also fuzzies more of the translations above)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Thu, 25 Aug 2005 14:59:29 +0200

snort (2.3.2-5) unstable; urgency=medium

  * Medium priority since it seems some buildds are not auto building
    snort ok and this changes fix it.
  * Use PostgreSQL 8.0 now as requested by Martin Pitt. Basicly just
    changed the build-depends and use 'pg_config --includedir' when
    setting the location of the PostgreSQL location. 
  * Changes to configure.in: (Closes: #313499)
    * Fixed configure.in so that it uses the --with dir directly first
      (intead of looking for $i/include and stuff like that). 
    * Fixed configure.in so that it outputs the PostgreSQL directories 
      it tested by fixing a typo.
    * Have all ERROR messages abort with an exit 1 so that the Makefile breaks
      and we will notice the error if doing an automatic build.


 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Tue, 14 Jun 2005 19:33:49 +0200

snort (2.3.2-4) unstable; urgency=low

  * Snort, snort-pgsql and snort-mysql now depend on either coreutils
    or earlier packages which provided 'stat'. This should prevent
    partial-upgrades of woody systems which prevent snort's init scripts
    from running (Closes: #311616)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Fri,  3 Jun 2005 16:24:50 +0200

snort (2.3.2-3) unstable; urgency=high

  * Pre-Depend on adduser since we use it on preinst
  * Changed debian/TODO
  * Snort-common now Replaces old snort versions (1.8.4beta1-1) since
    the configuration files where moved there from snort. 
    Save for the ppp configuration file which was moved from snort-common to
    snort. Snort now Replaces snort-common versions previous to 2.0.2-3, 
    that introduced the change, cannot conflict since we will end up with
    circular dependencies. (Closes: #311257)
  * Check MD5sums before rule files are moved from the old location to the
    new one in snort-rules-default's preinst when upgrading.
    If the files have not been changed from the ones provided
    by the woody version then remove them (Closes: #311263)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Wed,  1 Jun 2005 09:47:04 +0200

snort (2.3.2-2) unstable; urgency=low

  * Have snort-common Conflict on versions prior to the Source-Version to
    prevent users upgrading snort-common without upgrading snort.
    (Closes: #300785
  * Fixed homepage location of Snort (Closes: #300727)
  * Fixed snort-stat so it can be used when the -y option is used with Snort,
    thanks to the patch provided by Chirik (Closes: #200276)
  * Updated German translation courtesy of Erik Schanze 

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Tue, 22 Mar 2005 01:26:55 +0100

snort (2.3.2-1) unstable; urgency=low

  * New upstream release. 
    - Fixes some bugs in preprocessors
    - Rules updates
  * Fixed format of NEWS file, updated the version of the changelog entry so
    that everybody will read it on next upgrade (Closes: #299334) 
  * Added debconf french translation provided by Christian Perrier (Closes: #299016)
  * Updated debconf dutch translation provided by  Peter Vandenabeele (Closes: #296152)
  * The PPP script will now use the new /etc/default/snort mechanism 
    (Closes: 298003

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Mon, 14 Mar 2005 13:26:45 +0100

snort (2.3.0-7) unstable; urgency=low

  * Do not change the permissions of /var/log/snort/ and 
    /etc/snort/snort.conf if the administrator has setup an override
    using dpkg-statoverride (Closes: #296927)
  * Updated translation to Catalan with the one provided by Aleix Badia i
    Bosch

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Sat, 26 Feb 2005 13:09:14 +0100

snort (2.3.0-6) unstable; urgency=low

  * Added tetex-extra to Build-Depends (Closes: #296814)
  * Refer to the proper file in debconf template (Closes: #296809)
  * Updated the spanish debconf translation.

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Fri, 25 Feb 2005 00:43:19 +0100

snort (2.3.0-5) unstable; urgency=low

  * Upload of the experimental package to unstable
    Even though I don't get to fix #205683 and friends (and I would
    like to, before the release)
    This release Closes #283816, #241995, #289405, #247603
  * Do not rotate log files if empty (Closes: #193299)
  * Added dutch translation (Closes: #247603)
  * Added yet another TODO item

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Tue, 22 Feb 2005 21:36:40 +0100

snort (2.3.0-4) experimental; urgency=low

  * Call dh_installdocs with -i or -a depending on target, rename
    (Closes: #295228, #294755)
  *  NEWS.Debian file to NEWS 

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Tue, 15 Feb 2005 08:33:34 +0100

snort (2.3.0-3) experimental; urgency=low

  * Create manual in build-indep location (Closes: #294755) 
  * Fixed location of snort_manual and lisapaper in their respective
    doc-base files.
  * Added a reference to the FAQ through a new doc-base file.

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Sat, 12 Feb 2005 12:23:35 +0100

snort (2.3.0-2) experimental; urgency=low

  * Improved postrm purge action by removing also obsolete configuration
  (since it's no longer in the conffiles) and the group. Also, synced all
  postrm scripts (mysql did not included the rmdir /etc/snort code)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Wed,  9 Feb 2005 08:44:05 +0100

snort (2.3.0-1) experimental; urgency=low

  (First attempt at experimental, to avoid breaking installations running sid)
  * New upstream release 
  * This version now uses libnet1, changed Build-Depends (Closes: #241995)
  * Introduced /etc/default/snort and removed /etc/snort/common.parameters
    this makes it easier to check for common situations (parsing the parameter
    file is quite complicated). The old common.parameters file is moved
    over to /etc/default/snort automatically, but retained in case
    the parsing has not been done properly (and will not be used until
    the common.parameters file is removed). This is described in the
    NEWS.Debian file.
  * Fixed the postint call so that the passwd and group are checked before
    they are created. Also fix chown call (still used '.' instead of ':')
  * Introduce a check for the status of Snort's logdirectory, it checks if
    it belongs to Snort (Closes: #247603)
  * This release provides debconf support for snort sensors in 
    multiple interfaces (Closes: #283816)
  * Run update-debconf, seems I had not done this when I last made changes
    in the templates in 2.2.0-8
  * Included the documentation available, including signatures. Also
    added the LaTeX manual included as well as the additional Build-Depends
    on tetex-bin and gs-common
  * Updated the FAQ (was about time!) from http://www.snort.org/docs/FAQ.txt
  * Added a README.docs file (pointing people to more documents)
  * Updated translations:
    - German, provided by Erik Schanze (Closes: #289405)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Wed, 26 Jan 2005 09:18:53 +0100

snort (2.2.0-9) unstable; urgency=low

  * Removed old (obsolete) converstion of PPPENV in /var/tmp in postinst
    which actually might open up security holes when using dialup access
    and installing/upgrading the package.
  * Updated translations:
    - Japanese, provided by Hideki Yamane (closes: #283128)
    - French, provided by Christian Perrier (closes: #284559)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Mon, 20 Dec 2004 01:35:21 +0100

snort (2.2.0-8) unstable; urgency=low

  * Updated the README.Debian file with proper information on how to setup
    multiple interfaces and rewrote the Debconf question to specify that
    it can be used to define multiple interfaces (Closes: #283816) 
  * Added some additional TODO notes

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Wed,  1 Dec 2004 17:04:38 +0100

snort (2.2.0-7) unstable; urgency=low

  * Make snort-common Arch: all (Closes: #278987) 
  * The installation will now check if you are using a configuration that
    will not be able to work with the current Snort version and will forewarn
    you. The package installation will still fail (if Snort is started
    automatically) but the administrator will be pointed to where the
    error is (Closes: #165107)
  * Use dh_installman instead of dh_installmanpages and provide proper
    PACKAGE.manpages file since dh_installmanpages now fails to create the
    snort-common package properly.
  * Updated to the latest rules snapshot
  * Added an 'update-rules' target in debian/rules that downloads the 
    latest rules snapshot and installs it in the package.
  [ Translations ]
  * Dutch update, provided by cobaco (Closes: #278719)
  * Japanese update, provided by Hideki Yamane (Closes: #279028)
  * French update, provided by Christian Perrier (Closes: #279833)
  * German update, provided by Erik Schanze (Closes: #280964)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Sat, 30 Oct 2004 22:47:34 +0200

snort (2.2.0-6) unstable; urgency=low

  * Added a 'config-check' option in init.d to test the user's configuration
    file. This could be used to determine (in postinst) if snort should be
    restarted and warn the user (not yet done). This will help fix #165107,
    #165351 (since similar user mistakes would be detected), #276565 and
    #247665.
  * Added more information to the TODOs
  * Moved DEBIAN_TRESHOLD to DEBIAN_THRESHOLD (save for the debconf value
    in order to avoid reseting it) (Closes: #256581)
  * Removed double space in template (Closes: #275936)
  * The snort-rules package now Suggests: snort instead of depending on it
    (Closes: #249697)
  * Updated rules with the latest snapshot.

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Mon, 25 Oct 2004 23:47:45 +0200

snort (2.2.0-5) unstable; urgency=low

  * Rules update 

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Wed, 13 Oct 2004 12:11:21 +0200

snort (2.2.0-4) unstable; urgency=medium

  * Fix typo introduced in previous upload that prevents
    ppp init script from loading properly common.parameters (Closes: #275439)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Fri,  8 Oct 2004 09:50:06 +0200

snort (2.2.0-3) unstable; urgency=high

  * Added config-file discovery to ppp init.scripts so that Snort is
    started (-c) with the proper configuration file if available or 
    snort.conf if not. Setting high severity so that users running
    Snort with PPP don't end up with a full /var filesystem (Closes: #268707)
  * Fixed bashism in /etc/ppp/if-up.d/snort
  * Modified the init.d an if-up.d scripts so that
    /etc/snort/snort.common.parameters is only used if it exists.
  * Snort-rules-default now Recommends: oinkmaster 
    now that it is in the archive (accepted 01 Oct 2004), this does not
    close #191105 since IMHO a better signature update mechanism should 
    be introduced. Also updated the related TODO item.
  * Added a FAQ Q&A regarding rule updates in README.Debian
  * Added code to detect for deprecated preprocessors and warn the user,
    curretnly the code will not touch the configuration files himself and
    will not detect if you are using the standard package configuration file.
    It will prevent users from having configuration issues, however
    (Closes: #247665)
  * Modified the init.d file so you can use 'status' to determine if
    the Snort sensors are up or not.
  * Updated the 2.2 rule set with the snapshot provided at snort.org, new rules
    include detection of the recent JPEG exploit (Closes: #274244)
  * Fixed typo in templates (unfuzzied modified entries) and updated
    JA translation provided by Hideki Yamane (Closes: #273138)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Sat,  2 Oct 2004 12:41:50 +0200

snort (2.2.0-2) unstable; urgency=low

  * Taking over maintainership of this package (Closes: #265343)
  * Have  Snort{,-mysql,-pgsql} depend on the same versions of the
    common packages (was not done in the previous release)
  * Updated JA translation (Closes: #271755)
  * Added a list of todo items in debian/TODO

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Wed, 15 Sep 2004 10:42:43 +0200

snort (2.2.0-1) unstable; urgency=low

  + The 'Please Adopt Me!' release.

  + Fixed build-depends on libpcap0.8-dev closes: #263923
  + Fixed failure to start on multiple interfaces, each interface
    now uses it's own configuration file. Closes: #248908
  + Snort{,-mysql,-pgsql} depend on the same versioned rules + common
    Closes: #257078
  + NL, DE, pt_BR, FR, JA translations added
    Closes: #265508, #264301, #246553, #246374, #239206
  + New upstream release closes: #262297
 
 -- Sander Smeenk <ssmeenk@debian.org>  Sun, 15 Aug 2004 15:24:39 +0200
  
snort (2.1.2-2) unstable; urgency=low

  ! Once again: Thanks Mario 'BitKoenig' Holbe for your great help:
    + Moved 'dialup' interface guessing from ppp/ip-up to postinst
  + Cleanup restart: only restart current running interfaces
    This also cleans up: 'dialup' logcheck failure, if no snort running
  + Prepare for multisensor support
  + Use start-stop-daemon --retry instead of sleep and kill -9
  + Use invoke-rc.d only, if it exists
    Closes: #191574
  + Correct please_restart to please_restart_manually
  + Re-Unified prerm and postinst scripts
  + Fix the backward-compatible just-kill-them-all in prerm;
    do we really need it? It definitely didn't work before and
    since the old-package prerm is called anyways, we shouldn't.
  + Simplify snort.debian.conf creation

  + snort-doc/examples now has a snort-rules auto-update script!
    Closes: #242521, thanks Marcel!
  + Updated fr.po by Christian Perrier
    Closes: #244048, thanks Christian!
  + Recent changes to init / ip-{up,down} scripts fixed this bug:
    Closes: #226236
  + Fixed database schema's in {pg,my}sql packages. This does not fix
    the 'schema is not installed when debconf prompts for it'-problem.
    Closes: #244017
  + Problem with snort-pgsql.template fixed.
    Closes: #244175

 -- Sander Smeenk <ssmeenk@debian.org>  Sun, 18 Apr 2004 14:39:19 +0200

snort (2.1.2-1) unstable; urgency=low

  + New upstream release
  + Templates corrected (reflect same text at shared options, typos)
  
  + -b switch removed from snort startup, log_tcpdump changed to snort.log
    Closes: #241425, #171190
  + French debconf translation by Christian Perrier
    Closes: #241991
  + Added checks on purge of snort-rules-default. Fixed breakage
    Closes: #239542
  + Firewall interaction is explained in the FAQ
    Closes: #217174
  + Snort now has snort.common.options, and no -b anymore.
    Closes: #217244
  + Changed helptext in snort.debian.conf to be more generic.
    Closes: #196694
  + Improved dialup suppport. MANY Thanks to Mario 'BitKoenig' Holbe for
    his great work on this subject and the changes to the init script!
    Closes: #226236

 -- Sander Smeenk <ssmeenk@debian.org>  Sun,  4 Apr 2004 15:12:27 +0100

snort (2.1.1-1) unstable; urgency=low

  + New upstream release
    Closes: #238427
  + Added catalan debconf templates (debian/po/ca.po)
    Closes: #236644
  + Fixed packaging bugs.
  + Applied following changes by Javier Fernández-Sanguino Peña. Thanks!!
      * Snort group is now created using --system in all packages
        Closes: #231580
      * Both the cron.daily script and the postinst scripts set a default
        value for STATS_RCPT and STATS_TRESHOLD to avoid buggy behaviours
        if the user does not setup a proper value when interfacing with
        debconf. Still, these values should be checked in the config 
        scripts. (Closes: #173331)
      * Snort-stat now exists if there are no results which will avoid
        it from sending empty emails 
        (Closes: #217913, #174508, #192401, #172529)
      * Improved the explanations in several templates (Closes: #217173)
      * Updated Japanese translation (and fixed some po format errors,
        hopefully without damaging the po file) (Closes: #226680)
      * Included Catalan debconf translation (Closes: #236644)
      * Updated pt-BR debconf translation (Closes: #228244)
      * Re-Added (partial) spanish debconf translation (it seems that 
        the work I did back in december 2001 has not been moved to po-debconf!)

 -- Sander Smeenk <ssmeenk@debian.org>  Wed, 17 Mar 2004 18:46:28 +0100
 
snort (2.1.0-4) unstable; urgency=low

  + Fixed FTBFS with -B flag specified to dpkg-buildpackage
    Thanks Pascal Hakim.
  + Restart target in init.d script requires a sleep on slow systems.
    Thanks Marco Gaiarin.
  + Updated the ja.po templates 

 -- Sander Smeenk <ssmeenk@debian.org>  Wed, 1 Mar 2004 00:00:00 +0100
  
snort (2.1.0-3) unstable; urgency=low

  + Split binary-indep packages from binary-arch target
    Closes: #226072, #157708, #185806
  + ip-up.d script now correctly guesses the PPPENV settings
    Closes: #225956
  + Updated the fr.po templates
    Closes: #225906

 -- Sander Smeenk <ssmeenk@debian.org>  Sun, 04 Jan 2004 12:51:38 +0100

snort (2.1.0-2) unstable; urgency=low

  + Added example init.d script to manage multiple sensors.
  + No longer kills custom daemons at init.d stop
    Closes: #181637
  + Fixed build-dependency on libpcre3-dev
    Closes: #225707
  + Fixed manpage to reflect new SIGHUP handling
    Closes: #122689
  + Already implemented 'statesaving' dialup scripts
    Closes: #101725
  + Changed default flow-portscan configuration
    Closes: #225506

 -- Sander Smeenk <ssmeenk@debian.org>  Fri, 02 Jan 2004 13:01:54 +0100

snort (2.1.0-1) unstable; urgency=low

  + New upstream version
  + Depend on perl-modules for perlscripts
    Closes: #212805
  + Fixed breakage of upgrades when conffiles were removed by user
    Closes: #207970
  + Added japanese translation of templates
    Closes: #224191

 -- Sander Smeenk <ssmeenk@debian.org>  Sun, 21 Dec 2003 15:48:55 +0100

snort (2.0.2-3) unstable; urgency=low

  * ip-up.d/snort and init.d/snort now use the same startup arguments
    with an extra config file that holds the common parameters.
    Closes: #217244
  + ip-{up,down}.d/snort moved from snort-common to snort{,-mysql,-pgsql}
  * Clarified debconf questions. Fixed typos, corrected grammar.
    Closes: #217173
  * Updated what documenation files are included.
    Closes: #217174

 -- Sander Smeenk <ssmeenk@debian.org>  Fri, 24 Oct 2003 18:05:26 +0200

snort (2.0.2-2) unstable; urgency=low

  * Fixed 'native package' problem
  	Closes: #216326

  * Fixed syntaxerrors in init script
    Closes: #215142

 -- Sander Smeenk <ssmeenk@debian.org>  Sun, 19 Oct 2003 16:11:09 +0200

snort (2.0.2-1) unstable; urgency=low

  Pascal:
  * Make snort-rules-default depend on a recent version of snort
    Closes: #135603
  * Delete configuration files and log files on purge.
    Closes: #180043

  Sander:
  * Fixed the init.d script to not start snort in dialup mode at boot. 
    Closes: #207291, #208003

 -- Sander Smeenk <ssmeenk@debian.org>  Wed, 08 Oct 2003 21:09:34 +1000

snort (2.0.1-3) unstable; urgency=low

  + Fixed FTBFS: automake1.6 dependency (Closes: #207010)

 -- Sander Smeenk <ssmeenk@debian.org>  Mon, 25 Aug 2003 10:45:31 +0200

snort (2.0.1-2) unstable; urgency=low
  
  + Snort now co-maintained by Pascal Hakim
  
  + fr.po added, forgot the NMU by Christian Perrier
  + Untranslatable strings marked for translation fixed
    Closes: #206972, #192952
  + create_postgresql.gz has been updated and now uses 'TIMESTAMP'
    Closes: #206372
  + Changed the init.d's "start" section to support dialup mode
    Closes: #205873
  + SNMP support has been removed upstream, I forgot to remove the MIB
    message from snort-common
    Closes: #206668
  + Since the MIB note was removed, this also fixes inapropriate use of
    debconf, which Closes: #205085

 -- Sander Smeenk <ssmeenk@debian.org>  Sun, 24 Aug 2003 11:41:23 +0200

snort (2.0.1-1) unstable; urgency=low

  + New upstream source

 -- Sander Smeenk <ssmeenk@debian.org>  Tue, 19 Aug 2003 16:32:46 +0200

snort (2.0.0-3.1) unstable; urgency=low

  + Eeps! Forgot my versioned dependencies!

 -- Sander Smeenk <ssmeenk@debian.org>  Mon, 05 May 2003 21:02:13 +0200

snort (2.0.0-3) unstable; urgency=low

  + Added 'Provides: Snort' to snort-{pg,my}sql (Closes: #190064)
  + Moved parameter -b to snort.conf (Closes: #190748)
  + Seems fixed, according to submitter (Closes: #184596)
  + Fixed ppp/ip-up.d/snort, first source, then test (Closes: #190999, #191894)
  + Dependency on libpq3 isn't mandatory since postgresql-dev depends on it.
    (Closes: #191570)

 -- Sander Smeenk <ssmeenk@debian.org>  Mon, 05 May 2003 20:27:03 +0200

snort (2.0.0-2) unstable; urgency=low

  + Fixed PPP environment variables in ip-up.d. (Closes: #190107)
    I really don't know how to support multiple instances of snort here
  + Versioned depends on snort-rules-default (Closes: #190111)
  + Fixed wrong pid-finding init.d script (Closes: #190154)
  + cronjob 'snort' renamed to '5snort' again (Closes: #190303)

 -- Sander Smeenk <ssmeenk@debian.org>  Wed, 23 Apr 2003 21:00:23 +0200

snort (2.0.0-1) unstable; urgency=high

  + New Upstream version
  + SECURITY FIXES (Closes: #189267)
  - XML logging and SNMP notification seems to be removed upstream ?

  + The init.d script has added intelligence that will hopefully detect
    wether snort was running in manual mode / dialup mode when logrotate
    ran, and leave it in that state (Closes: #186060)
  + Tried to fix snort-stat by adding -a option (Closes: #186214)
  + Renamed cronjob 5snort to snort (Closes: #186380)
  + Rebuilt with new libsnmp-0.4.2 linking (Closes: #186415)
  + po-debconf patch applied, thanks (Closes: #186881)
  + Including sid-msg.map and gen-msg.map (Closes: #187291)

 -- Sander Smeenk <ssmeenk@debian.org>  Sat, 05 Apr 2003 13:32:18 +0200

snort (1.9.1-4) unstable; urgency=low

  + Added dependency on perl-modules to snort-common (Closes: #185180)
  + Attempt 1 at fixing snort-stat again (Closes: #184622)
  + init.d script tells how to start snort on dialup system (Closes: #181074)
  + snort-stat supports -a now (scan whole file) (Closes: #184282)

 -- Sander Smeenk <ssmeenk@debian.org>  Tue, 18 Mar 2003 21:37:47 +0100

snort (1.9.1-3) unstable; urgency=low

  + Fixed Override Disparities
  + Added section to snort-paper (Closes: #183988, #183388)

 -- Sander Smeenk <ssmeenk@debian.org>  Wed, 12 Mar 2003 09:04:30 +0100

snort (1.9.1-2) unstable; urgency=low

  + Fixed PostgreSQL CreateDB-scheme (Closes: #181733)
  + Fixed snort-doc (Closes: #183988, #183388)
  + A supposed fix for #181477 introduced a new bug which is now fixed
    (Closes: #184128, #184071)
  + Fixed -s commandline argument. It doesn't need an argument.
    (Closes: #183790)
  + Startup arguments for init.d invocation and pppd invocation are now
    'the same' (Closes: #183554)

 -- Sander Smeenk <ssmeenk@debian.org>  Mon, 10 Mar 2003 23:57:12 +0100

snort (1.9.1-1) unstable; urgency=high

  * SECURITY FIX
    ISS X-Force has discovered a remotely exploitable buffer overflow
    condition in Snort. A buffer overflow flaw exists in Snort RPC
    preprocessing code that is vulnerable to attack.

 -- Sander Smeenk <ssmeenk@debian.org>  Mon, 03 Mar 2003 21:15:27 +0100

snort (1.9.0rel-4) unstable; urgency=low

  + Changed logrotate (Closes: #176495)
  + Renamed 'portscan2' to 'portscan2.log' (Closes: #173978)
  + Recompile Fixed PostgreSQL dependency (Closes: #175977)
  + Applied patch against snort-stat (Closes: #175657)
  + Added 'portscan2-ignorehosts' example + enabled for $HOME_NET
    (Closes: #173985)
  + Marks old 'snort.rules.files' OBSOLETE (Closes: #173981)
  + Fixed snort-stat manpage to reflect alert.log (Closes: #175364)
  + Fixed snort-pgsql logging bug with last_cid (Closes: #166722)
  + Updated snort-rules-default to latest version
  + Recompile fixed libsnmp5 dependency (Closes: #183094, #182722)
  + Init scripts fixed (Closes: #181497)
  + Changed rights on /var/log/snort to snort.adm (Closes: #180216)
  + Fixed mkdir -p in snort-rules-default preinst (Closes: #180046)

 -- Sander Smeenk <ssmeenk@debian.org>  Sat, 25 Jan 2003 16:48:40 +0100
  
snort (1.9.0rel-3) unstable; urgency=low

  + Using invoke-rc.d instead of direct /etc/init.d calls (Closes: #165135)

 -- Sander Smeenk <ssmeenk@debian.org>  Thu, 17 Oct 2002 11:35:42 +0200

snort (1.9.0rel-2) unstable; urgency=low

  + Fixed Startup in Manual mode (Closes: #164644)
  + Fixed failing preinst in snort-rules-default (Closes: #164643)
  + No more useless cron messages (Closes: #158490)
  + Manually changed snort.c to fix -s cmdline problem (Closes: #164969)
  + DISABLED OLD PORTSCAN PREPROCESSOR, REPLACED BY PORTSCAN2 PREPROCESSOR

 -- Sander Smeenk <ssmeenk@debian.org>  Wed, 16 Oct 2002 19:58:29 +0200
  
snort (1.9.0rel-1) unstable; urgency=low

  + New Upstream Version
  + Moves old /etc/snort/*.rules to new rules/ directory 
    (Closes: #158447, #160888)
  + Closes: #158845, leftover bug fixed in previous upload.
  + Files *were* created with incorrect permissions (Closes: #162386)
  + Fixed Logrotate (Closes: #158042, #159456)

 -- Sander Smeenk <ssmeenk@debian.org>  Sat, 31 Aug 2002 15:59:16 +0200

snort (1.9.0beta4-5) unstable; urgency=low

  + ASN.1 Decoder turned OFF because of TOO MANY LOGENTRIES!
  * Fixed Bugs (Closes: #157443)
  + Commented out the 'Initializing Output Plugins!' message.
  
  
  + Changed to logrotate to rotate logfiles (Closes: #157706)
  * Unreproducable, but changed to new rotation system (Closes: #156896)
  
  
  + Specified 'portscan2.log' as portscan2 preprocessor logfile
  + Supports 'any' in the address range question to not trust
    any side of the network. Wishlist but no bug was filed for this.
  + Fixed faulty information in templates (Closes: #158708)
  + Added README.PHP in contrib/ for clearness (Closes: #158714)
  + snort-stat reported hostname with \n at the end, chomped off now.

 -- Sander Smeenk <ssmeenk@debian.org>  Fri, 23 Aug 2002 22:17:20 +0200

snort (1.9.0beta4-4) unstable; urgency=low

  + Severe postinst breakage when installing newer versions
    of Snort from scratch. Fixed.
  + Fixed world-writable logfiles problem (Closes: #155893)
  + Password-field must be filled in.
  + snort-mysql's postinst put postgresql config in snort.conf :(

 -- Sander Smeenk <ssmeenk@debian.org>  Tue, 20 Aug 2002 13:21:42 +0200

snort (1.9.0beta4-3) unstable; urgency=low

  + Fixed world-writable logfiles problem (Closes: #155893)
  + Password-field must be filled in.
  + snort-mysql's postinst put postgresql config in snort.conf :(

 -- Sander Smeenk <ssmeenk@debian.org>  Tue, 20 Aug 2002 11:11:35 +0200

snort (1.9.0beta4-2) unstable; urgency=low

  + Found nicer way of fixing #155893 (Closes: #155893)
  + Typo two typos in bugnumbers. 
    Previous #153221 should be (Closes: #153211)
    Previous #156119 should be (Closes: #156199)
    Sorry for the mixups. It was late :/
  + Fixed b0rking preinsts (Closes: #157085)
  
 -- Sander Smeenk <ssmeenk@debian.org>  Fri, 16 Aug 2002 00:03:41 +0200
  
snort (1.9.0beta4-1) unstable; urgency=low

  + Fixes world readable configuration file problem (Closes: #154977, #155484)
  + XML output should work in this release (Closes: #153845)
  + MIB's moved to /usr/share/snmp/mibs (Closes: #153221)
  + snort-stat now uses threshold (Closes: #147197)
  + SMTP rules have been disabled per default (Closes: #153817)
  + Fixed typo's in debconf screens (Closes: #154687)
  + 'Hacked around' the logfiles-not-group-readable problem (Closes: #155893)
  + Upload accepted (Closes: #156119)
  + Leftover bugs that have been fixed earlier (Closes: #134979)

  * Fixed but no-bugreports:
  + 'Initializing Plugins' log-message removed from src/plugbase.c
  + Rules have moved from /etc/snort to /etc/snort/rules/
  + snort-{pg,my}sql now update the snort.conf file properly
  + stream4 evasion-detection disabled
  + more...

 -- Sander Smeenk <ssmeenk@debian.org>  Wed, 14 Aug 2002 22:00:24 +0200

snort (1.8.7-4) unstable; urgency=low
  
  + Typo in snort-stat, fixed.

 -- Sander Smeenk <ssmeenk@debian.org>  Sat, 03 Aug 2002 11:21:49 +0200

snort (1.8.7-3) unstable; urgency=low

  + snort-stat now shows hostname from where it's reporting.
  + ruleset tuning (Closes: #155084)  
  + i see no rules with <- direction specifier, snort starts
    just the way it should with telnet.rules and backdoor.rules
    (Closes: #153400)
  + Specific major-version Build-Depends on libsnmp4.2-dev (Closes: #155163)

 -- Sander Smeenk <ssmeenk@debian.org>  Sat, 03 Aug 2002 01:34:49 +0200

snort (1.8.7-2) unstable; urgency=low

  + Fixed situations where snort got restarted by cronscript while
    being started in dialup-mode. Snort should support -HUP'ing.
  + Fixed typo in /etc/snort/snort.conf (Closes: #152840, #152671)
  + Fixed stupid snmpd.conf auto-addition, that was bad (Closes: #153074)
  + Each MTA supplies 'sendmail' and each system has 'MTA' (Closes: #151678)
  + Snort-pgsql has debconf 'help' on configuring a DB (Closes: #149661)
  + Fixed snort-mysql.config problem (Closes: #110952)
  + Multiple subnets problem fixed (Closes: #146861)
  * Maintainer Wipes Forehead.

 -- Sander Smeenk <ssmeenk@debian.org>  Thu, 11 Jul 2002 21:06:50 +0200

snort (1.8.7-1) unstable; urgency=low

  + NEW UPSTREAM!
  * No more local-{first,last} creation in preinst (Closes: #152184)
  * var EXTERNAL_NET !$HOME_NET in snort.conf (Closes: #152182)

 -- Sander Smeenk <ssmeenk@debian.org>  Mon,  8 Jul 2002 10:59:16 +0200

snort (1.8.6-6) unstable; urgency=low

  * Fixed serious log-rotation problem (Closes: #151922)
  * Fixed typo in rules file: --enable-snmp versus --with-snmp
    + Reported in private mail, no bugs to close.
  * New ruleset & config & classification (Closes: #152070)
  * Not a bug (Closes: #152068)

 -- Sander Smeenk <ssmeenk@debian.org>  Fri,  5 Jul 2002 23:23:09 +0200

snort (1.8.6-5) unstable; urgency=low

  * Fixed 5snort cronjob, thanks for the patches.
     + Closes: #151336, #151341, #151393, #151395
  * Can't check this problem, it looks fixed to me. 
     + Closes: #94709
  * Cronjob has been reworked so it uses /var/log/snort/alert, also
    snort.conf has been configured to log to syslog by default.
     + Closes: #146680
  * Debconf frontend now supports multiple addresses (ranges) in
    address_range question.
     + Closes: #66932
  * Bug-submitter thinks this bug is fixes now.
     + Closes: #104074
  * Weird unaligned traps on alpha are unconfirmed snort-related.
    Also, haven't heard anyone else about this.
     + Closes: #130675
  * Fixed the debconf script's perl-regexp to support multiple
    subnet-definition separated by commas
     + Closes: #146945
  * Once more fixed /etc/snort/snort.conf _NOT_ to log to syslog,
    since that would stop logging to /var/log/snort/alert, and that
    would break the snort-stat cronjob, and more.

 -- Sander Smeenk <ssmeenk@debian.org>  Sun, 30 Jun 2002 00:29:26 +0200

snort (1.8.6-4) unstable; urgency=low

  + Fixed POSIX shell incompatibility (Closes: #150409)
  + Fixed Suggests instead of Recommends on snort-doc. 
    (Closes: #150768, #150702)
  + Fixed RULE_PATH setting in snort.conf
  + Fixed syslog default log-type in snort.conf (Closes: #46680, #124169)  
  + The cronjob in this release _tries_ syslogd-listfiles, and if
    that is not available defaults to /var/log/auth.log. (Closes: #120991)
  + Added section in README.Debian about FLEXRESP rules and 
    snort-not-starting because of permission denied (Closes: #132577)
  + Fixed Subject: in body instead of headers (Closes: #132220, #145836)
  + Fixed 'misleading comments' in snort.conf (Closes: #145749)
  + The empty snort.conf problem was fixed in 1.8.6-1? (Closes: #144218)
  + This was fixed in an earlier release (Closes: #134792)
  + Applied patch against cronjob (Closes: #151229)
  + Package 'debianutils' is in base and required, so no dependancies
    are nescasary (Closes: #145837)
  + Subjectless email fixed (Closes: #145876)
  + Cronjob emails daily-alerts instead of weekly (Closes: #145901)
  + Looks fixed to me (Closes: #136220)
  + Thanks for the patches everyone!! Greatly appreciated! (Closes: #151257)

 -- Sander Smeenk <ssmeenk@debian.org>  Fri, 28 Jun 2002 11:22:13 +0200
  
snort (1.8.6-3) unstable; urgency=low

  * New Maintainer!  Sander Smeenk <ssmeenk@debian.org>
  + POSTGRESQL SUPPORT WHOO (Closes: #108348)

 -- Sander Smeenk <ssmeenk@debian.org>  Tue,  4 Jun 2002 21:28:15 +0200

snort (1.8.6-2) unstable; urgency=low

  * [debian/snort-rules-default.conffiles] Added missing entries.
  * [debian/rules] Honour DEB_BUILD_OPTIONS.
  * [debian/rules] Use a variable to hold configure options that are common
    to the variant packages.
  * [debian/rules] Use debhelper *.dirs .
  * [debian/*.doc-base] New.
  * Bumped Standards-Version.
  * Previous uploads fixed more bugs than noted.
    (Closes: #142508, #143294, #131948)
  * Enabled SNMP support.
  * Added Spanish translations to debconf templates. (Closes: #126725)
  * Changes above by JHM (thanks!)
  * Added a new snort_stat.pl (Closes: #143875, #131887, #143962)

 -- Robert van der Meulen <rvdm@debian.org>  Mon, 29 Apr 2002 13:03:24 +0200

snort (1.8.6-1) unstable; urgency=low

  * Sander Smeenk <ssmeenk@debian.org> fixed:
    + Closes: #111533, #131047
    * Changed snort.template and made a clear text about what HOME_NET
      is used for. I had to remove the de_DE and pt_BR translations though.
    + Closes: #134063
    * The postinst now creates /etc/snort/snort.debian.conf if it doesn't
      exist by echoing a basic content into the file. Kinda ugly, but it
      works.
    + Closes: #132220, #134898, #136848, #139143, #139423
    * These are all about snort-stat and empty daily emails.
      Reported against version 1.7-9, and it seems to be fixed now.
    + Closes: #109135, #117010
    * Typo. Fixed.
    + Closes: #104447
    * Ooooooh ns.somehost.tld is portscanning me!   Add the nameservers
      to the DNS_SERVER value in snort.conf. Although I think this was fixed
      in 1.8.4beta2
    + Closes: #116169
    * I added 1 or 2 lines of short descriptive text to each package's
      description. It should be more clear now.
    + Closes: #67176, #130242, #133591, #79095, #102320
    * These are left-over bugs. Fixed in earlier releases.
    + Closes: #128689, #131049
    * Fixed the init.d script so that it doesn't say "already started" on
      errors. Snort returns 0(good) or 1(bad), not 2.
    + Closes: #143268
    * The supplied patch didn't contain any valid patchable entries. The
      script has changed that much that I assume it has been fixed already.
  * Thanks, smeenk :)

 -- Robert van der Meulen <rvdm@debian.org>  Fri, 19 Apr 2002 16:21:35 +0200

snort (1.8.4beta1-2) unstable; urgency=low

  * Fixed 'Depends:' of 'snort' package to depend on new-style snort-common
    package. (Closes: #131730)
  * Marked some /etc/ files as conffiles (Closes: #132823)
  * Fixed build problems on some arches (Closes: #132912, #131741)
  * Fixed quoting error in virus.rules (Closes: #131947)
  * Fixed snort-common Replaces: line (Closes: #131701, #133106)
  * Removed snort.debian.conf from the package (Closes: #132517)
  * Fixed initscript to allow for multiple subnets (Closes: #125686) 

 -- Robert van der Meulen <rvdm@debian.org>  Sun, 10 Feb 2002 16:11:55 +0100

snort (1.8.4beta1-1) unstable; urgency=low

  * New upstream release (Closes: #131517, #106093, #115955, #118270, #127564)
  * Moved config stuff to snort-common (Closes: #109862)
  * Fixed debconf instuctions for dialup (Closes: #113250)
  * Fixed snort-stat (Closes: #115873, #116964)
  * New upstream has icmp-info rules reordered (Closes: #111832)
  * Gave 'count' a bit more room in email reports (Closes: #102657)
  * Fixed snort cron script to not kill snort in dialup mode (Closes: #97950)
  * Fixed snort cron script to not send empty emails (Closes: #112100,#117079)
  * Fixed HOME_NET variable passing in init script (Closes: #117886)

 -- Robert van der Meulen <rvdm@debian.org>  Sun, 10 Feb 2002 15:41:40 +0100

snort (1.8p1-1) unstable; urgency=low

  * New upstream release
  * Depend on system-log-daemon|syslogd (Closes: #102511)
  * Fixed snort-stat empty log reports (Closes: #107515, #98944, #103542)
  * Fixed logfile pattern (Closes: #102787)

 -- Robert van der Meulen <rvdm@debian.org>  Tue, 14 Aug 2001 20:37:43 +0200

snort (1.7-9) unstable; urgency=low

  * Removed 'snort.debian.conf' from the 'conffiles' to avoid it being
    replaced. (Closes: #96950)
  * Fixed a lot of errors in the manpage. (Closes: #99873, #101868)
  * Removed '-s' option, and enabled logging to syslog in snort.conf.
    (Closes: #101873)
  * Fixed inconsequent ip-up.d and init.d behaviour (Closes: #101874)
  * Added pt_BR support (Closes: #93219)
  * Make snort stop before purging/removing.

 -- Robert van der Meulen <rvdm@debian.org>  Sun, 15 Jul 2001 14:04:35 +0200

snort (1.7-8) unstable; urgency=low

  * Have snort depend on system-log-daemon (Closes: #99203)
  * Changed package description (Closes: #99302)
  * Changed debconf 'extra options' question (Closes: #99303)

 -- Robert van der Meulen <rvdm@debian.org>  Sun, 17 Jun 2001 19:16:59 +0200

snort (1.7-7) unstable; urgency=low

  * Added a modified version of 'snort-stat', from Christian Hammers
    (Closes: #93739)
  * Changed '5snort' to do syslogd-listfiles --auth, to correctly list
    logfiles using the 'auth' facility. (Closes: #97467)
  * Modified crontab file to correctly keep /var/log/snort clean.
    (Closes: #97465, #97003)

 -- Robert van der Meulen <rvdm@debian.org>  Tue, 15 May 2001 20:40:03 +0200

snort (1.7-6) unstable; urgency=low

  * Added more paths in /etc/init.d/snort (Closes: #94651)
  * Removed non-US dependency on libssl096 (Closes: #92748)
  * Fixed old man-page synopsis bug (Closes: #90889)
  * Added 'please restart' notice for dialup users that upgrade(Closes: #90979).
  * Fixed 'snort.conf' indiscrepancy (comma-separated versus
    whitespace-separated)  (Closes: #93742)
  * Added '-d' option for startup (Closes: #78667)
  * Added snort FAQ (Closes: #91219) 

 -- Robert van der Meulen <rvdm@debian.org>  Mon, 30 Apr 2001 01:34:25 +0200

snort (1.7-5) unstable; urgency=low

  * fixed no-pidfile bug when using dialup interfaces. (Closes: #89133)
  * forgot to close host-timeout bug (Closes: #87838)
  * Removed bashisms from cron script (Closes: #88596)
  * Fixed start-stop-daemon paths in init.d script (Closes: #88678)
  * Corrected multiple -i startup option typo (Closes: #89131)
  * Added mysql support (Closes: #89840)
  * Applied 'unaligned trap on alpha' patches from Paul Slootman
    (Closes: #85684, #81092)

 -- Robert van der Meulen <rvdm@debian.org>  Thu, 22 Mar 2001 22:40:51 +0100

snort (1.7-4) unstable; urgency=low

  * lets-fix-lots-of-bugs release
  * Fixed snort-stat:
    - output is now 79 chars wide. (Closes: #70649)
    - output written to tempfile first, to work around 'host' timing out
      sometimes. (Closes: #74937)
  * There is no 'WARNING' message on startup, anymore (Closes: #79289)
  * Fixed crontab script to reflect /var/log/portscan.log ->
    /var/log/snort/portscan.log change. (Closes: #85571)
  * Fixed syntax error in cron file (*shame*) (Closes: #85686)
  * added check for existence of /var/log/snort/portscan.log in
    cron file (Closes: #86596 )
  * Fixed syslog dependency problem (syslogd|syslog-ng) (Closes: #85807)
  * Changed crontab file to allow for multiple auth.* files (Closes: #84183)
  * Snort doesn't crash on empty logfiles. (Closes: #85284 )
  * Snort generates correct snort-stat messages on a dialup link now.
    (Closes: #82504)

 -- Robert van der Meulen <rvdm@debian.org>  Fri,  2 Mar 2001 23:32:40 +0100

snort (1.7-3) unstable; urgency=low

  * Fixed a couple of bugs in the startup scripts for dialup. Closes: #85201
  * Made postinst modify /etc/snort/snort.debian.conf.  Closes: #85156
  * 'hardwired' /etc/ppp/ip-up.d/snort to use the PPP interface. Closes: #85218
  * Fixed problem with multiple 'auth' logfiles. Closes: #84316

 -- Robert van der Meulen <rvdm@debian.org>  Fri,  9 Feb 2001 23:47:19 +0100

snort (1.7-2) unstable; urgency=low

  * Fixed a small bug in the cron.daily script; snort.conf -> snort.debian.conf

 -- Robert van der Meulen <rvdm@debian.org>  Tue,  6 Feb 2001 23:47:31 +0100

snort (1.7-1) unstable; urgency=low

  * New upstream version.
  * New maintainer
  * Moved /etc/snort/snort-lib to /etc/snort/snort.conf
    /etc/snort/snort.conf was a script to set DEBIAN config variables,
    it now is the base rule file.
    /etc/snort/snort.debian.conf does the 'old' job.
  * modified startup parameters for 'new style'

 -- Robert van der Meulen <rvdm@debian.org>  Sun,  4 Feb 2001 23:31:02 +0100

snort (1.6.3a-5) unstable; urgency=low

  * Accidently typed "echo" instead of "kill" in init script. Closes: #84345

 -- Christian Hammers <ch@debian.org>  Thu,  1 Feb 2001 11:05:16 +0100

snort (1.6.3a-4) unstable; urgency=low

  * Enhanced init.d script. Fixes problems with cron rotations.
  * Now depends on debhelper. Closes: #75462
  * Added german translation for debconf menus. Closes: #83873
  * Is no longer accidently a "native Debian" package. Closes: #82097
  * Problem with libmysqlclient.so.9 fixed long ago. Closes: #74798, 74806
  * Debconf should be work fine now. Closes: #59726, #70711
  * Adopted new homepage URL. Closes: #69805 
  * Problem no longer reproducable. Closes: #67732, #67734
  * Added dependency to the virtual package "syslogd". Closes: #84183

 -- Christian Hammers <ch@debian.org>  Wed, 31 Jan 2001 00:38:22 +0100

snort (1.6.3a-3) unstable; urgency=low

  * Changed the "interface" debconf question to medium. Closes: #80996

 -- Christian Hammers <ch@debian.org>  Wed, 31 Jan 2001 00:10:01 +0100

snort (1.6.3a-2) testing unstable; urgency=low

  * Ok, forgot the ">/dev/null" after a savelog cron command... 

 -- Christian Hammers <ch@debian.org>  Sun, 31 Dec 2000 01:11:37 +0100

snort (1.6.3a-1) testing unstable; urgency=low

  * This is still 1.6.3!
    Somehow the .orig.tar.gz got renamed so I have to make a new
    -1 upload. 
  * Added rotation of /var/log/portscan.log. Closes: #80864 

 -- Christian Hammers <ch@debian.org>  Sat, 30 Dec 2000 17:52:58 +0100

snort (1.6.3-8) unstable; urgency=low

  * writed more good english in debconf template. Closes: #78367
  * Adjusted debconf question for email recipient to "medium".

 -- Christian Hammers <ch@debian.org>  Fri,  1 Dec 2000 20:01:38 +0100

snort (1.6.3-7) unstable; urgency=low

  * Recompiled against new kernel to handle pppeo.
    (requested by jeffml@pobox.com)

 -- Christian Hammers <ch@debian.org>  Sun, 26 Nov 2000 14:55:25 +0100

snort (1.6.3-6) unstable; urgency=low

  * Added debhelper to build depends. Closes #75462

 -- Christian Hammers <ch@debian.org>  Wed, 25 Oct 2000 10:51:23 +0200

snort (1.6.3-5) unstable; urgency=medium

  * Recompiled against libmysqlclient10. 

 -- Christian Hammers <ch@debian.org>  Tue, 17 Oct 2000 11:00:11 +0200

snort (1.6.3-4) unstable; urgency=low

  * Added dependencies to adduser >= 3.11. Closes: #69425

 -- Christian Hammers <ch@debian.org>  Sun, 20 Aug 2000 08:53:50 +0200

snort (1.6.3-3) unstable; urgency=low

  * Made postinst/preinst idempotent. Closes: 67732, 67734

 -- Christian Hammers <ch@debian.org>  Sun, 20 Aug 2000 08:53:37 +0200

snort (1.6.3-2) unstable; urgency=low

  * Disabled defrag-preprocessor due to upstream bugs. 

 -- Christian Hammers <ch@debian.org>  Mon, 24 Jul 2000 17:21:18 +0200

snort (1.6.3-1) unstable; urgency=low

  * New upstream release.
  * Now chrooted to /var/log/snort and running as snort:snort!
  * More scan detections added.
  * Applied fixed from Ian Zimmerman. Thanks. Closes: #66057

 -- Christian Hammers <ch@debian.org>  Sun, 23 Jul 2000 14:11:50 +0200

snort (1.6.2.2-1) unstable; urgency=low

  * New upstream release 1.6.2.2. Minor patches. 

 -- Christian Hammers <ch@debian.org>  Sun,  9 Jul 2000 23:21:16 +0200

snort (1.6.1-1) unstable; urgency=low

  * Many new scans for known vulnerabilities included!

 -- Christian Hammers <ch@debian.org>  Sat,  8 Jul 2000 17:06:47 +0200

snort (1.6-1) unstable; urgency=low

  * New upstream major release.

 -- Christian Hammers <ch@debian.org>  Tue,  4 Jul 2000 18:40:34 +0200

snort (1.5.1-12) unstable; urgency=low

  * Removed warning for port 53 source port traffic because old BINDs
    generated them. Closes: #65107

 -- Christian Hammers <ch@debian.org>  Tue,  6 Jun 2000 19:07:06 +0200

snort (1.5.1-11) frozen unstable; urgency=low

  * Package could not be build on powerpc because there were some
    obsolete AM_PROG_INSTALL (now AC_PROG_INSTALL) statements in
    aclocal.m4. Closes: #57916
  * Improved documentation about reading the tcpdump-style binary log 
    file. Closes: #57789

 -- Christian Hammers <ch@debian.org>  Sun, 13 Feb 2000 18:23:58 +0100

snort (1.5.1-10) frozen unstable; urgency=low

  * Make sure that snort's cron.daily script gets renamed to the new
    name in snort.preinst so that it won't be called twice.

 -- Christian Hammers <ch@debian.org>  Wed,  9 Feb 2000 12:37:53 +0100

snort (1.5.1-9) frozen unstable; urgency=low

  * Argh! Forgot to remove a malicious line in cron.daily. Closes: #57611 

 -- Christian Hammers <ch@debian.org>  Wed,  9 Feb 2000 11:10:53 +0100

snort (1.5.1-8) frozen unstable; urgency=low

  * Added "exit 0" to cron.daily script.

 -- Christian Hammers <ch@debian.org>  Sat,  5 Feb 2000 16:07:05 +0100

snort (1.5.1-7) frozen unstable; urgency=low

  * Applied upstream patch to get binary mode working.
    Now this is really 1.5.1 and not 1.5patch1, btw.
  * switched logging to tcpdump compatible binary mode so that
    snort is usable on 100MBit networks. Closes: #55949
  * fixed daily report of the weekly rotated auth.log. Closes: #56476
  * cron job restarts snort correctly. Closes: #56608
  * postinst should start snort only if $startup=="boot".
  * sanified snort.config (thank to Mario Holbe, again)
  * removed debconf-bug compatibility. Closes: #54990

 -- Christian Hammers <ch@debian.org>  Sat, 29 Jan 2000 17:57:34 +0100

snort (1.5.1-5) frozen unstable; urgency=low

  * User may only enter one interface and no comma separated list that
    confuses the postscript, too. Closes: #55567
  * Explained a debconf question. Closes: #55568
  * Fixed email address in copyright.
  * uncommented all backdoor-lib rules that do only whatch for a
    port >=1024, ignoring the content since they produce too much
    false-positives. (as requested by chirik@castlefur.com)
  * Added a note that this isn't actually 1.5.1 but 1.5patch1. 
  * Included "real" manpage that upstream author wrote.

 -- Christian Hammers <ch@debian.org>  Sat, 22 Jan 2000 15:30:32 +0100

snort (1.5.1-4) frozen unstable; urgency=low

  * Workaroung for debconf bug (#55317).
  * Do not ask user for IP range when using dialup-mode.
    (They normally wouldn't know!)
  * 

 -- Christian Hammers <ch@debian.org>  Sat, 22 Jan 2000 15:00:25 +0100

snort (1.5.1-3) frozen unstable; urgency=medium

  * Fixed cron script. Closes: #54553
  * The following was done by --- Mario Holbe --- thanks again!
  * Fixed quoting of metacharacters in postinst. Closes: #54984
  * replaced the snort.options thingy by a sh-based snort.conf                                                    
    - removed it from snort-lib                                                                                   
    - changed the README.Maintainer comment                                                                       
    - changed rule for it                                                                                         
    - created snort.conf with slightly beautified variables                                                       
  * modified ip-down.d to work with new snort.conf                                                                
  * modified ip-up.d to work with new snort.conf                                                                  
  * modified snort.init.d to work with new snort.conf Closes: #54553                                              
    - this closes some bugs in 1.5.1-2, which i've not submitted :-)                                              
  * modified snort-stat to work with new snort.conf Closes: #54555                                                
  * modified snort.cron.daily to work with new snort.conf/snort-stat                                              
  * added new snort/stats_treshold to snort.templates                                                             
  * modified snort.config to work with new config variable                                                        
  * modified snort.postinst to work with new snort.conf                                                           
  * modified snort.postrm to remove snort.conf if purge                                                           
  * all over all: did some beauifying :)                                                                          

 -- Christian Hammers <ch@debian.org>  Fri, 14 Jan 2000 21:09:42 +0100

snort (1.5.1-2) unstable; urgency=low

  * I was diligently and added five more debconf options :) Closing: #54227
    - receipient of the daily statistic mail
    - start at boot/ip-up/manual
    - interface
    - promiscuous mode
    - reverse order
  * Enhanced the snort-stat script with help from Mario Holbe. Closes: #54369

 -- Christian Hammers <ch@debian.org>  Fri, 14 Jan 2000 21:09:36 +0100

snort (1.5.1-1) unstable; urgency=low

  * Fixed cron script with the new logging method.
    Closes: #54226, #54275
  * Applied upstream patch1 and one from the mailing list.
    Closes: #54225, #54224
  * Added README.Debian with a small FAQ.
  * Changed configuration and added a /etc/snort/snort.options file.

 -- Christian Hammers <ch@debian.org>  Tue, 11 Jan 2000 22:56:33 +0100

snort (1.5-2) unstable; urgency=low

  * Fixed typo. Closes: #54269 

 -- Christian Hammers <ch@debian.org>  Sun,  9 Jan 2000 18:58:45 +0100

snort (1.5-1) unstable; urgency=low

  * New upstream release.
    Features speed burst and modularization of the rules file.
  * Now using syslog facility to log to /var/log/auth.log.
    (Details are still available in /var/log/snort/)
  * Daily generation of scan statistic via cron script.

 -- Christian Hammers <ch@debian.org>  Sun,  9 Jan 2000 18:58:39 +0100

snort (1.3.1-8) unstable; urgency=low

  * Sorry, future timestamps in package. Closes: #51848
    (too much Y2K testing, I guess)

 -- Christian Hammers <ch@debian.org>  Sun,  5 Dec 1999 16:49:56 +0100

snort (1.3.1-7) unstable; urgency=medium

  * Changed prio to high since it's an grave bug that was closed.
  * Closes: #51130 

 -- Christian Hammers <ch@debian.org>  Tue, 15 Feb 2000 00:34:59 +0100

snort (1.3.1-6) unstable; urgency=medium

  * Snort stalles after installation due to debconf misuse.
  * Closes: #51130

 -- Christian Hammers <ch@debian.org>  Wed, 24 Nov 1999 00:29:39 +0100

snort (1.3.1-5) unstable; urgency=low

  * Added debconf support to enter address range. 

 -- Christian Hammers <ch@debian.org>  Mon, 22 Nov 1999 20:13:41 +0100

snort (1.3.1-4) unstable; urgency=low

  * Extended archiving of log files. Closes: #50176 

 -- Christian Hammers <ch@debian.org>  Mon, 22 Nov 1999 00:56:38 +0100

snort (1.3.1-3) unstable; urgency=low

  * Registered cron script as config file. Closes: #48391

 -- Christian Hammers <ch@debian.org>  Wed, 27 Oct 1999 18:36:06 +0200

snort (1.3.1-2) unstable; urgency=low

  * Added the non-promiscuous flag (-p) to the man-page. 

 -- Christian Hammers <ch@debian.org>  Sun, 24 Oct 1999 18:52:20 +0200

snort (1.3.1-1) unstable; urgency=low

  * New upstream version. 
  * Many bugfixes.

 -- Christian Hammers <ch@debian.org>  Thu, 14 Oct 1999 00:20:35 +0200

snort (1.2.1-3) unstable; urgency=low

  * Included the LISA'99 Conference paper as documentation.
  * FHS compliant.
  * Improved /etc/cron.daily script. Fixes: #44568.

 -- Christian Hammers <ch@debian.org>  Fri, 10 Sep 1999 01:55:22 +0200

snort (1.2.1-2) unstable; urgency=low

  * Added a nice manpage (thanks to Peter T. Breuer). Closes #44127. 

 -- Christian Hammers <ch@debian.org>  Tue,  7 Sep 1999 17:15:51 +0200

snort (1.2.1-1) unstable; urgency=low

  * New upstream release with fixes and speed improvement. (fixes: #43049)

 -- Christian Hammers <ch@debian.org>  Mon, 30 Aug 1999 21:15:10 +0200

snort (1.2-2) unstable; urgency=low

  * Made cron.daily a bit quieter. (fixes: #43049) 

 -- Christian Hammers <ch@debian.org>  Mon, 16 Aug 1999 23:05:16 +0200

snort (1.2-1) unstable; urgency=low

  * New upstream version with great performance improve.

 -- Christian Hammers <ch@debian.org>  Mon,  2 Aug 1999 20:37:09 +0200

snort (1.1-2) unstable; urgency=low

  * Made better default IP in config file and fixed typo.

 -- Christian Hammers <ch@debian.org>  Tue, 13 Jul 1999 00:02:48 +0200

snort (1.1-1) unstable; urgency=low

  * Initial Release.

 -- Christian Hammers <ch@debian.org>  Mon, 12 Jul 1999 21:30:57 +0200