Results 1 to 6 of 6
  1. #1
    Untanglit
    Join Date
    May 2020
    Posts
    17

    Default Suricata long out of date

    https://forums.untangle.com/intrusio...ec-2020-a.html

    Looking at that thread and the year or so it's been, Debian has 6.0.1 of Suricata in the stable track now.

    Any chance we can get it updated for the next release?

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Lake Tahoe
    Posts
    9,655

    Default

    Suricata engine is based on the package available on the Debian platform. Debian package suricata 1:4.1.2-2+deb10u1 is the latest for Buster which 16.5.0 is based on. Debian Bullseye package suricata (1:6.0.1-3) will be in the next release.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,485

    Default

    And yet, most sane people using Debian 10 have long since started using buster-backports, which has 1:6.0.1-2~bpo10+1.

    Sadly, this is normal behavior for Untangle, which never uses backports. The upside is more stability, the downside is missing security updates sometimes. But yes this will also go away with the OS upgrade, which presumably is v17.0? I don't know for certain but given the above and other communications from Untangle seems likely.
    Last edited by sky-knight; 02-23-2022 at 06:39 AM.
    donhwyo likes this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  4. #4
    Untanglit
    Join Date
    May 2020
    Posts
    17

    Default

    Quote Originally Posted by sky-knight View Post
    And yet, most sane people using Debian 10 have long since started using buster-backports, which has 1:6.0.1-2~bpo10+1.

    Sadly, this is normal behavior for Untangle, which never uses backports. The upside is more stability, the downside is missing security updates sometimes. But yes this will also go away with the OS upgrade, which presumably is v17.0? I don't know for certain but given the above and other communications from Untangle seems likely.

    I'm hoping we see v17 soon, or at least a beta since Debian 10 goes EoL late summer / early fall this year. I'm sure Suricata isn't the only package that's long out of date, but it's just the one affecting me at the moment.

  5. #5
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,485

    Default

    Quote Originally Posted by WookieeSasquatch View Post
    I'm hoping we see v17 soon, or at least a beta since Debian 10 goes EoL late summer / early fall this year. I'm sure Suricata isn't the only package that's long out of date, but it's just the one affecting me at the moment.
    Given past habits, I'd say we'll see v17.0 with a new kernel this Summer.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  6. #6
    Untangler
    Join Date
    May 2008
    Posts
    519

    Default

    Even if 17 uses the current bullseye package suricata (1:6.0.1-3) it will be older than the backports version suricata (1:6.0.4-2~bpo11+1). I realize things need to be tested but there is also a need to be current. Debian is conservative enough without adding much more latency to it.

    This applies to many packages not just this one. Using the logic that older packages are more secure fails more often than it works!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2