Announcement

Collapse
No announcement yet.

Suricata long out of date

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Suricata long out of date

    Forums - Edge Threat Management Forums - Arista
    https://forums.untangle.com/intrusion-prevention/44063-suricata-4-1-eol-31-dec-2020-a.html
    vBulletin Forums


    Looking at that thread and the year or so it's been, Debian has 6.0.1 of Suricata in the stable track now.

    Any chance we can get it updated for the next release?
    Tags: None
  • #2
    Suricata engine is based on the package available on the Debian platform. Debian package suricata 1:4.1.2-2+deb10u1 is the latest for Buster which 16.5.0 is based on. Debian Bullseye package suricata (1:6.0.1-3) will be in the next release.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email [email protected]

    Comment

    • #3
      And yet, most sane people using Debian 10 have long since started using buster-backports, which has 1:6.0.1-2~bpo10+1.

      Sadly, this is normal behavior for Untangle, which never uses backports. The upside is more stability, the downside is missing security updates sometimes. But yes this will also go away with the OS upgrade, which presumably is v17.0? I don't know for certain but given the above and other communications from Untangle seems likely.
      Last edited by sky-knight; 02-23-2022, 05:39 AM.
      Rob Sandling, BS:SWE, MCP, Microsoft Certified: Azure Administrator Associate
      NexgenAppliances.com
      Phone: 866-794-8879 x201
      Email: [email protected]

      Comment

      • #4
        Originally posted by sky-knight View Post
        And yet, most sane people using Debian 10 have long since started using buster-backports, which has 1:6.0.1-2~bpo10+1.

        Sadly, this is normal behavior for Untangle, which never uses backports. The upside is more stability, the downside is missing security updates sometimes. But yes this will also go away with the OS upgrade, which presumably is v17.0? I don't know for certain but given the above and other communications from Untangle seems likely.

        I'm hoping we see v17 soon, or at least a beta since Debian 10 goes EoL late summer / early fall this year. I'm sure Suricata isn't the only package that's long out of date, but it's just the one affecting me at the moment.

        Comment

        • #5
          Originally posted by WookieeSasquatch View Post
          I'm hoping we see v17 soon, or at least a beta since Debian 10 goes EoL late summer / early fall this year. I'm sure Suricata isn't the only package that's long out of date, but it's just the one affecting me at the moment.
          Given past habits, I'd say we'll see v17.0 with a new kernel this Summer.
          Rob Sandling, BS:SWE, MCP, Microsoft Certified: Azure Administrator Associate
          NexgenAppliances.com
          Phone: 866-794-8879 x201
          Email: [email protected]

          Comment

          • #6
            Even if 17 uses the current bullseye package suricata (1:6.0.1-3) it will be older than the backports version suricata (1:6.0.4-2~bpo11+1). I realize things need to be tested but there is also a need to be current. Debian is conservative enough without adding much more latency to it.

            This applies to many packages not just this one. Using the logic that older packages are more secure fails more often than it works!

            Comment

            Previous template Next
            Working...
            X
            😀
            🥰
            🤢
            😎
            😡
            👍
            👎