netbsd-bugs: pkg/21540: security/snortsnarf update

Subject: pkg/21540: security/snortsnarf update
To: None <gnats-bugs@gnats.netbsd.org>
From: None <hiramatu@boreas.dti.ne.jp>
List: netbsd-bugs
Date: 05/11/2003 22:01:10
>Number:         21540
>Category:       pkg
>Synopsis:       security/snortsnarf update
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    pkg-manager
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Sun May 11 21:52:00 UTC 2003
>Closed-Date:
>Last-Modified:
>Originator:     Hiramatsu Yoshifumi
>Release:        NetBSD 1.6S
>Organization:
	
>Environment:
	
	
System: NetBSD orinoco.my.domain 1.6S NetBSD 1.6S (Orinoco) #0: Fri May 9 22:59:00 JST 2003 hiramatsu@orinoco.my.domain:/sys/arch/i386/compile/Orinoco i386
Architecture: i386
Machine: i386
>Description:
This patch updates security/snortsnarf to 20021111.1 version.

Changes from previous version(20020516.1)

 + alerts with original packet included now have both sets of ports and
   first set of IPs as links
 + added -obfuscateip option to change the IP addresses in alerts to randomly
   (but consistently) chosen alternates (not presently available for database
   input)
 + Updated parsing for Snort 1.9.0 full alert files
 + new-style Spade reports now processed (Spade version 021008.1 and on)
 + spp_portscan2 log files now processed (these entries are displayed
   somewhat prettified)
 + updated linking to ICMP log files; this involved updates for new ICMP
   header format in Snort 1.9.0
 + more robust recognition of non-packet alerts in different formats(these
   get ignored)
 + clarified warning about unknown ICMP type text and added repeat warning
   suppression (you'll now only get a warning about a particular string
   twice)
 + SnortSnarf will now ignore lines beginning with '#' between alerts, so
   you can use that to begin a comment

>How-To-Repeat:
	
>Fix:
diff -buNr snortsnarf.orig/Makefile snortsnarf/Makefile
--- snortsnarf.orig/Makefile	2003-05-11 11:23:41.000000000 +0900
+++ snortsnarf/Makefile	2003-05-11 11:23:48.000000000 +0900
@@ -1,8 +1,8 @@
 # $NetBSD: Makefile,v 1.3 2002/12/14 03:43:20 schmonz Exp $
 #
 
-DISTNAME=	SnortSnarf-020516.1
-PKGNAME=	snortsnarf-20020516.1
+DISTNAME=	SnortSnarf-021111.1
+PKGNAME=	snortsnarf-20021111.1
 CATEGORIES=	security net
 MASTER_SITES=	http://www.silicondefense.com/software/snortsnarf/
 
@@ -33,7 +33,8 @@
 	AllMods.pm BasicFilters.pm KnownEquiv.pm SnortFileInput.pm	\
 	HTMLAnomMemStorage.pm Input.pm SorterBase.pm Sort.pm		\
 	StorageBase.pm MemAlert.pm BasicSorters.pm Filter.pm		\
-	SnortRules.pm MemStorage.pm SnortDBInput.pm TimeFilters.pm
+	SnortRules.pm MemStorage.pm SnortDBInput.pm TimeFilters.pm	\
+	HTMLOutput+other.pm IPObfuscater.pm
 	${INSTALL_DATA} ${WRKSRC}/include/SnortSnarf/${f} \
 		${PREFIX}/share/snortsnarf/SnortSnarf
 .endfor
diff -buNr snortsnarf.orig/PLIST snortsnarf/PLIST
--- snortsnarf.orig/PLIST	2003-05-11 11:23:41.000000000 +0900
+++ snortsnarf/PLIST	2003-05-11 11:23:48.000000000 +0900
@@ -11,7 +11,9 @@
 share/snortsnarf/SnortSnarf/Filtering.pm
 share/snortsnarf/SnortSnarf/HTMLAnomMemStorage.pm
 share/snortsnarf/SnortSnarf/HTMLMemStorage.pm
+share/snortsnarf/SnortSnarf/HTMLOutput+other.pm
 share/snortsnarf/SnortSnarf/HTMLOutput.pm
+share/snortsnarf/SnortSnarf/IPObfuscater.pm
 share/snortsnarf/SnortSnarf/Input.pm
 share/snortsnarf/SnortSnarf/KnownEquiv.pm
 share/snortsnarf/SnortSnarf/MemAlert.pm
diff -buNr snortsnarf.orig/distinfo snortsnarf/distinfo
--- snortsnarf.orig/distinfo	2003-05-11 11:23:41.000000000 +0900
+++ snortsnarf/distinfo	2003-05-11 11:23:48.000000000 +0900
@@ -1,5 +1,5 @@
 $NetBSD: distinfo,v 1.2 2002/08/11 00:50:36 fredb Exp $
 
-SHA1 (SnortSnarf-020516.1.tar.gz) = 01b4aebabea68dee5973e0d3fa20bfb73afa4b3f
-Size (SnortSnarf-020516.1.tar.gz) = 146806 bytes
-SHA1 (patch-aa) = b99cf1b838b2173f1bc17954e1acb51e37ba8682
+SHA1 (SnortSnarf-021111.1.tar.gz) = f06ce45095b9bcdc0e49033f8180a29141978f43
+Size (SnortSnarf-021111.1.tar.gz) = 143623 bytes
+SHA1 (patch-aa) = 4d03479074abd949d0e5b97607aaa9cb87b07da0
diff -buNr snortsnarf.orig/patches/patch-aa snortsnarf/patches/patch-aa
--- snortsnarf.orig/patches/patch-aa	2003-05-11 11:23:41.000000000 +0900
+++ snortsnarf/patches/patch-aa	2003-05-11 11:23:48.000000000 +0900
@@ -1,13 +1,13 @@
 $NetBSD$
 
---- snortsnarf.pl.orig	Fri May 17 09:00:56 2002
+--- snortsnarf.pl.orig	2002-11-12 10:11:36.000000000 +0900
 +++ snortsnarf.pl
 @@ -77,3 +77,3 @@
  
 -use lib qw(./include);
 +use lib qw(@PREFIX@/share/snortsnarf/);
  use Cwd;
-@@ -455,2 +455,3 @@ OPTION is one of the following:
+@@ -459,2 +459,3 @@ OPTION is one of the following:
  >>
 -}
 \ No newline at end of file

>Release-Note:
>Audit-Trail:
>Unformatted: