Suricata long out of date

**WookieeSasquatch** · 02-22-2022, 08:13 PM

https://forums.untangle.com/intrusio...ec-2020-a.html

Looking at that thread and the year or so it's been, Debian has 6.0.1 of Suricata in the stable track now.

Any chance we can get it updated for the next release?

**jcoffin** · 02-22-2022, 08:33 PM

Suricata engine is based on the package available on the Debian platform. Debian package suricata 1:4.1.2-2+deb10u1 is the latest for Buster which 16.5.0 is based on. Debian Bullseye package suricata (1:6.0.1-3) will be in the next release.

**sky-knight** · 02-23-2022, 05:07 AM

And yet, most sane people using Debian 10 have long since started using buster-backports, which has 1:6.0.1-2~bpo10+1.

Sadly, this is normal behavior for Untangle, which never uses backports. The upside is more stability, the downside is missing security updates sometimes. But yes this will also go away with the OS upgrade, which presumably is v17.0? I don't know for certain but given the above and other communications from Untangle seems likely.

**WookieeSasquatch** · 02-23-2022, 08:56 AM

Originally Posted by sky-knight

And yet, most sane people using Debian 10 have long since started using buster-backports, which has 1:6.0.1-2~bpo10+1.

Sadly, this is normal behavior for Untangle, which never uses backports. The upside is more stability, the downside is missing security updates sometimes. But yes this will also go away with the OS upgrade, which presumably is v17.0? I don't know for certain but given the above and other communications from Untangle seems likely.

I'm hoping we see v17 soon, or at least a beta since Debian 10 goes EoL late summer / early fall this year. I'm sure Suricata isn't the only package that's long out of date, but it's just the one affecting me at the moment.

**sky-knight** · 02-23-2022, 10:14 AM

Originally Posted by WookieeSasquatch

I'm hoping we see v17 soon, or at least a beta since Debian 10 goes EoL late summer / early fall this year. I'm sure Suricata isn't the only package that's long out of date, but it's just the one affecting me at the moment.

Given past habits, I'd say we'll see v17.0 with a new kernel this Summer.

**donhwyo** · 02-25-2022, 10:23 AM

Even if 17 uses the current bullseye package suricata (1:6.0.1-3) it will be older than the backports version suricata (1:6.0.4-2~bpo11+1). I realize things need to be tested but there is also a need to be current. Debian is conservative enough without adding much more latency to it.

This applies to many packages not just this one. Using the logic that older packages are more secure fails more often than it works!

Thread: Suricata long out of date

LinkBack

Thread Tools

Suricata long out of date

Posting Permissions