Re: Is Snort affected ? (CVE-2019-1696, CVE-2019-1704)

["Joel Esler \(jesler\) via Snort-devel" <snort-devel () lists snort org>]

Thanks,

I am in touch with the product team now to clarify and if action is needed, to take action.

--
Joel Esler
Manager, Communities Division
Cisco Talos Intelligence Group
http://www.talosintelligence.com

From: Snort-devel <snort-devel-bounces () lists snort org> on behalf of Snort User via Snort-devel <snort-devel () 
lists snort org>
Reply-To: Snort User <snort.user () gmail com>
Date: Monday, May 20, 2019 at 10:40 AM
To: snort-devel <snort-devel () lists snort org>
Subject: [Snort-devel] Is Snort affected ? (CVE-2019-1696, CVE-2019-1704)

Hi

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort

In the above report, I saw -

"These vulnerabilities may also affect the open-source Snort project. For more information, see the Snort 
website<https://www.snort.org/>."
However, I did not see any information on the website (or I missed it)

I could not find any relevant info in the ChangeLog of the most recent release.

Can anyone provide any details or info on this?

- Is Snort affected? How?
- Which versions? Is a patch available? etc

_______________________________________________
Snort-devel mailing list
Snort-devel () lists snort org
https://lists.snort.org/mailman/listinfo/snort-devel

Please visit http://blog.snort.org for the latest news about Snort!