Debian Package Tracker

general

source: bro (main)
version: 2.5.5-1
maintainer: Hilko Bengen [DMD]
uploaders: Raúl Benencia [DMD]
arch: all any
std-ver: 4.2.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 2.5-1
stable: 2.5.5-1
stable-sec: 2.5.5-1+deb10u1
stable-p-u: 2.5.5-1+deb10u1
testing: 2.5.5-1
unstable: 2.5.5-1
NEW/unstable: 2.6.1+ds1-1

versioned links

2.5-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.5.5-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.5.5-1+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

bro
bro-common

action needed

Marked for autoremoval on 03 August: #908614, #908779 high

Version 2.5.5-1 of bro is marked for autoremoval from testing on Sat 03 Aug 2019. It is affected by #908614, #908779. The removal of bro will also cause the removal of (transitive) reverse dependency: broctl. You should try to prevent the removal by fixing these RC bugs.

Created: 2019-07-04 Last update: 2019-07-17 06:31

Failed to analyze the VCS repository. Please troubleshoot and fix the issue. high

vcswatch reports that there is an error with this package's VCS, or the debian/changelog file inside it. Please check the error shown below and try to fix it. You might have to update the VCS URL in the debian/control file to point to the correct repository.

fatal: could not read Username for 'https://salsa.debian.org': No such device or address

Created: 2018-02-16 Last update: 2019-07-17 06:07

A new upstream version is available: 2.6.2 high

A new upstream version 2.6.2 is available, you should consider packaging it.

Created: 2018-09-22 Last update: 2019-07-17 00:31

2 security issues in sid high

There are 2 open security issues in sid.

2 important issues:

CVE-2018-16807: In Bro through 2.5.5, there is a memory leak potentially leading to DoS in scripts/base/protocols/krb/main.bro in the Kerberos protocol parser.
CVE-2018-17019: In Bro through 2.5.5, there is a DoS in IRC protocol names command parsing in analyzer/protocol/irc/IRC.cc.

Please fix them.

Created: 2018-09-11 Last update: 2019-07-07 09:00

2 security issues in bullseye high

There are 2 open security issues in bullseye.

2 important issues:

CVE-2018-16807: In Bro through 2.5.5, there is a memory leak potentially leading to DoS in scripts/base/protocols/krb/main.bro in the Kerberos protocol parser.
CVE-2018-17019: In Bro through 2.5.5, there is a DoS in IRC protocol names command parsing in analyzer/protocol/irc/IRC.cc.

Please fix them.

Created: 2019-07-07 Last update: 2019-07-07 09:00

lintian reports 1 error and 1 warning high

Lintian reports 1 error and 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2016-09-15 Last update: 2019-04-14 18:01

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2018-11-21 Last update: 2019-07-17 04:02

Multiarch hinter reports 1 issue(s) normal

There are issues with the multiarch metadata for this package.

bro-common could be marked Multi-Arch: foreign

Created: 2016-09-14 Last update: 2019-07-17 02:32

The URL(s) for this package had some recent persistent issues low

DUCK reports some issues concerning upstream URLs defined for this package.

Created: 2019-01-12 Last update: 2019-07-17 03:40

3 ignored security issues in stretch low

There are 3 open security issues in stretch.

3 issues skipped by the security teams:

CVE-2018-16807: In Bro through 2.5.5, there is a memory leak potentially leading to DoS in scripts/base/protocols/krb/main.bro in the Kerberos protocol parser.
CVE-2017-1000458: Bro before Bro v2.5.2 is vulnerable to an out of bounds write in the ContentLine analyzer allowing remote attackers to cause a denial of service (crash) and possibly other exploitation.
CVE-2018-17019: In Bro through 2.5.5, there is a DoS in IRC protocol names command parsing in analyzer/protocol/irc/IRC.cc.

Please fix them.

Created: 2018-01-03 Last update: 2019-07-07 09:00

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2018-09-11 Last update: 2018-09-11 01:33

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.4.0 instead of 4.2.0).

Created: 2018-08-20 Last update: 2019-07-08 20:07

news

[rss feed]

[2019-07-04] Accepted bro 2.5.5-1+deb10u1 (source) into testing->embargoed, testing (Hilko Bengen)
[2019-07-04] Accepted bro 2.5.5-1+deb10u1 (source) into testing-proposed-updates (Hilko Bengen)
[2018-09-16] bro 2.5.5-1 MIGRATED to testing (Debian testing watch)
[2018-09-10] Accepted bro 2.5.5-1 (source) into unstable (Hilko Bengen)
[2018-08-03] bro 2.5.4-1 MIGRATED to testing (Debian testing watch)
[2018-06-17] Accepted bro 2.5.4-1 (source) into unstable (Hilko Bengen)
[2018-02-21] bro 2.5.3-1 MIGRATED to testing (Debian testing watch)
[2018-02-16] Accepted bro 2.5.3-1 (source) into unstable (Hilko Bengen)
[2017-12-05] bro 2.5.2-2 MIGRATED to testing (Debian testing watch)
[2017-11-29] Accepted bro 2.5.2-2 (source) into unstable (Hilko Bengen)
[2017-10-22] bro 2.5.2-1 MIGRATED to testing (Debian testing watch)
[2017-10-17] Accepted bro 2.5.2-1 (source) into unstable (Hilko Bengen)
[2017-07-23] bro 2.5.1-1 MIGRATED to testing (Debian testing watch)
[2017-07-16] Accepted bro 2.5.1-1 (source) into unstable (Hilko Bengen)
[2017-01-03] bro 2.5-1 MIGRATED to testing (Debian testing watch)
[2016-12-23] Accepted bro 2.5-1 (source) into unstable (Hilko Bengen)
[2016-11-28] bro 2.4.1+dfsg-4 MIGRATED to testing (Debian testing watch)
[2016-11-22] Accepted bro 2.4.1+dfsg-4 (source) into unstable (Hilko Bengen)
[2016-11-15] Accepted bro 2.4.1+dfsg-3 (source) into unstable (Hilko Bengen)
[2015-11-11] bro 2.4.1+dfsg-2 MIGRATED to testing (Britney)
[2015-11-05] Accepted bro 2.4.1+dfsg-2 (source all amd64) into unstable (Hilko Bengen)
[2015-11-04] bro 2.4.1+dfsg-1 MIGRATED to testing (Britney)
[2015-10-29] Accepted bro 2.4.1+dfsg-1 (source all amd64) into unstable (Hilko Bengen)
[2015-07-04] bro 2.4+dfsg-1 MIGRATED to testing (Britney)
[2015-06-28] Accepted bro 2.4+dfsg-1 (source all amd64) into unstable (Hilko Bengen)
[2015-04-27] bro 2.3.2+dfsg-1 MIGRATED to testing (Britney)
[2015-02-08] Accepted bro 2.3.2+dfsg-1 (source amd64 all) into unstable, unstable (Hilko Bengen)

bugs [bug history graph]

all: 0

links

homepage
lintian (1, 1)
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.5.5-1build1