Debian Package Tracker

general

source: bro (main)
version: 2.5.5-1
maintainer: Hilko Bengen [DMD]
uploaders: Raúl Benencia [DMD]
arch: all any
std-ver: 4.2.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

stable: 2.5-1
testing: 2.5.5-1
unstable: 2.5.5-1

versioned links

2.5-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.5.5-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

bro
bro-common

action needed

A new upstream version is available: 2.6-beta2 high

A new upstream version 2.6-beta2 is available, you should consider packaging it.

Created: 2018-09-22 Last update: 2018-10-19 18:29

Failed to analyze the VCS repository. Please troubleshoot and fix the issue. high

vcswatch reports that there is an error with this package's VCS, or the debian/changelog file inside it. Please check the error shown below and try to fix it. You might have to update the VCS URL in the debian/control file to point to the correct repository.

fatal: could not read Username for 'https://salsa.debian.org': No such device or address

Created: 2018-02-16 Last update: 2018-10-19 15:31

2 security issues in sid high

There are 2 open security issues in sid.

2 important issues:

CVE-2018-16807: In Bro through 2.5.5, there is a memory leak potentially leading to DoS in scripts/base/protocols/krb/main.bro in the Kerberos protocol parser.
CVE-2018-17019: In Bro through 2.5.5, there is a DoS in IRC protocol names command parsing in analyzer/protocol/irc/IRC.cc.

Please fix them.

Created: 2018-09-11 Last update: 2018-09-16 07:20

2 security issues in buster high

There are 2 open security issues in buster.

2 important issues:

CVE-2018-16807: In Bro through 2.5.5, there is a memory leak potentially leading to DoS in scripts/base/protocols/krb/main.bro in the Kerberos protocol parser.
CVE-2018-17019: In Bro through 2.5.5, there is a DoS in IRC protocol names command parsing in analyzer/protocol/irc/IRC.cc.

Please fix them.

Created: 2018-09-11 Last update: 2018-09-16 07:20

lintian reports 1 error and 2 warnings high

Lintian reports 1 error and 2 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2016-09-15 Last update: 2018-09-11 08:01

2 bugs tagged patch in the BTS normal

The BTS contains patches fixing 2 bugs, consider including or untagging them.

Created: 2018-10-01 Last update: 2018-10-19 21:04

Multiarch hinter reports 1 issue(s) normal

There are issues with the multiarch metadata for this package.

bro-common could be marked Multi-Arch: foreign

Created: 2016-09-14 Last update: 2018-10-19 18:22

The URL(s) for this package had some recent persistent issues low

DUCK reports some issues concerning upstream URLs defined for this package.

Created: 2018-09-07 Last update: 2018-10-19 19:02

3 ignored security issues in stretch low

There are 3 open security issues in stretch.

3 issues skipped by the security teams:

CVE-2017-1000458: Bro before Bro v2.5.2 is vulnerable to an out of bounds write in the ContentLine analyzer allowing remote attackers to cause a denial of service (crash) and possibly other exploitation.
CVE-2018-16807: In Bro through 2.5.5, there is a memory leak potentially leading to DoS in scripts/base/protocols/krb/main.bro in the Kerberos protocol parser.
CVE-2018-17019: In Bro through 2.5.5, there is a DoS in IRC protocol names command parsing in analyzer/protocol/irc/IRC.cc.

Please fix them.

Created: 2018-01-03 Last update: 2018-09-16 07:20

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2018-09-11 Last update: 2018-09-11 01:33

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.2.1 instead of 4.2.0).

Created: 2018-08-20 Last update: 2018-09-11 01:11

news

[rss feed]

[2018-09-16] bro 2.5.5-1 MIGRATED to testing (Debian testing watch)
[2018-09-10] Accepted bro 2.5.5-1 (source) into unstable (Hilko Bengen)
[2018-08-03] bro 2.5.4-1 MIGRATED to testing (Debian testing watch)
[2018-06-17] Accepted bro 2.5.4-1 (source) into unstable (Hilko Bengen)
[2018-02-21] bro 2.5.3-1 MIGRATED to testing (Debian testing watch)
[2018-02-16] Accepted bro 2.5.3-1 (source) into unstable (Hilko Bengen)
[2017-12-05] bro 2.5.2-2 MIGRATED to testing (Debian testing watch)
[2017-11-29] Accepted bro 2.5.2-2 (source) into unstable (Hilko Bengen)
[2017-10-22] bro 2.5.2-1 MIGRATED to testing (Debian testing watch)
[2017-10-17] Accepted bro 2.5.2-1 (source) into unstable (Hilko Bengen)
[2017-07-23] bro 2.5.1-1 MIGRATED to testing (Debian testing watch)
[2017-07-16] Accepted bro 2.5.1-1 (source) into unstable (Hilko Bengen)
[2017-01-03] bro 2.5-1 MIGRATED to testing (Debian testing watch)
[2016-12-23] Accepted bro 2.5-1 (source) into unstable (Hilko Bengen)
[2016-11-28] bro 2.4.1+dfsg-4 MIGRATED to testing (Debian testing watch)
[2016-11-22] Accepted bro 2.4.1+dfsg-4 (source) into unstable (Hilko Bengen)
[2016-11-15] Accepted bro 2.4.1+dfsg-3 (source) into unstable (Hilko Bengen)
[2015-11-11] bro 2.4.1+dfsg-2 MIGRATED to testing (Britney)
[2015-11-05] Accepted bro 2.4.1+dfsg-2 (source all amd64) into unstable (Hilko Bengen)
[2015-11-04] bro 2.4.1+dfsg-1 MIGRATED to testing (Britney)
[2015-10-29] Accepted bro 2.4.1+dfsg-1 (source all amd64) into unstable (Hilko Bengen)
[2015-07-04] bro 2.4+dfsg-1 MIGRATED to testing (Britney)
[2015-06-28] Accepted bro 2.4+dfsg-1 (source all amd64) into unstable (Hilko Bengen)
[2015-04-27] bro 2.3.2+dfsg-1 MIGRATED to testing (Britney)
[2015-02-08] Accepted bro 2.3.2+dfsg-1 (source amd64 all) into unstable, unstable (Hilko Bengen)

bugs [bug history graph]

all: 2
RC: 0
I&N: 2
M&W: 0
F&P: 0
patch: 2

links

homepage
lintian (1, 2)
buildd: logs, checks, clang, reproducibility
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.5.4-1build1