Debian Bug report logs - #777523
suricata: CVE-2015-8954: evasion issues

version graph

Package: suricata; Maintainer for suricata is Pierre Chifflier <pollux@debian.org>; Source for suricata is src:suricata (PTS, buildd, popcon).

Reported by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>

Date: Mon, 9 Feb 2015 08:33:02 UTC

Severity: important

Tags: security

Found in version suricata/2.0.4-1

Fixed in version suricata/2.0.6-1

Done: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Pierre Chifflier <pollux@debian.org>:
Bug#777523; Package suricata. (Mon, 09 Feb 2015 08:33:07 GMT) (full text, mbox, link).


Acknowledgement sent to Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>:
New Bug report received and forwarded. Copy sent to Pierre Chifflier <pollux@debian.org>. (Mon, 09 Feb 2015 08:33:07 GMT) (full text, mbox, link).


Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: suricata: evasion issues
Date: Mon, 09 Feb 2015 09:27:20 +0100
Package: suricata
Version: 2.0.4-1
Severity: important
Tags: security

Just to keep track of suricata 2,0.4-1 being affected by a serious detection issue.
It lead to various ways to bypass the detection and confuse a number of protocol parsers.

No CVE was allocated though.

https://redmine.openinfosecfoundation.org/issues/1364

This was fixed upstream in 2.0.6.



Marked as fixed in versions suricata/2.0.6-1. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Wed, 18 Feb 2015 07:51:04 GMT) (full text, mbox, link).


Reply sent to Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>:
You have taken responsibility. (Fri, 26 Aug 2016 11:12:16 GMT) (full text, mbox, link).


Notification sent to Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>:
Bug acknowledged by developer. (Fri, 26 Aug 2016 11:12:16 GMT) (full text, mbox, link).


Message #12 received at 777523-done@bugs.debian.org (full text, mbox, reply):

From: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
To: 777523-done@bugs.debian.org
Date: Fri, 26 Aug 2016 13:10:26 +0200
-- 
Arturo Borrero González



Changed Bug title to 'suricata: CVE-2015-8954: evasion issues' from 'suricata: evasion issues'. Request was from Henri Salo <henri@nerv.fi> to control@bugs.debian.org. (Sun, 28 Aug 2016 15:12:04 GMT) (full text, mbox, link).


Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Mon, 26 Sep 2016 07:27:21 GMT) (full text, mbox, link).


Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Fri Aug 2 00:51:44 2024; Machine Name: bembo

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.