Suricata-update far behind in debian

gordnho · May 3, 2024, 7:04am

Hello everyone I’m using suricata and have now update to suricata version 7.0.5 today on debian 12 unfortunately noticed suricata-update didn’t update along side it and is still in version 1.2.7 and is very far behind in updates compared to suricata it self , i really needed version 1.3.0 because there was a fix for MISP rules where they didn’t work because the file didn’t end with .rules

vjulien · May 3, 2024, 7:28am

Looks like 1.3.3 is in testing: suricata-update - Debian Package Tracker

Generally, I don’t think Debian updates major versions in stable, right @satta ?

gordnho · May 3, 2024, 7:32am

Yes the problem is for example we have the stable bpo version 7.0.5 and when i updated it today i was expecting suricata-update to do the same since they “should” come together maybe this is something you guys could take a look because it seems to be inconsistent

https://tracker.debian.org/pkg/suricata

satta · May 3, 2024, 7:38am

Generally, I don’t think Debian updates major versions in stable, right @satta ?

Right. But AFAICS @gordnho mentioned stable-backports and not stable.

Unfortunately there has not been a backport for suricata-update so far, so even if I upload one now, it will need to be manually reviewed to clear backports-NEW. This might take a while. If you want I can provide you with a stable .deb here.

gordnho · May 3, 2024, 7:43am

Thanks a lot Sascha .

It’s not an urgent request since we are just still running test servers to deploy suricata permanently soon, but is this something that you will be doing in the future or will you just stick with updating the stable version.

Also thank a lot for your team for the quick answers.

satta · May 3, 2024, 7:55am

Uploaded the backport, hopefully it’ll be through the NEW queue quickly. (You can track the progress via Debian NEW and BYHAND Packages where it should be listed soon)

Here’s the bookworm deb for you, if you want it directly:
bookworm-backports-suricata-update-1.3.3.zip (61.5 KB)

(You’d need to unzip it before since .deb uploads are not supported here)

satta · May 3, 2024, 7:57am

I usually try to provide stable backports for new versions as soon as the new packages hit testing, but it must have slipped off my radar this time.

gordnho · May 3, 2024, 7:58am

Thanks a lot,no problems

eleanelbert · May 29, 2024, 12:50pm

You might want to check the Suricata-update documentation or the Debian package repository for any available updates or patches.

gordnho · May 29, 2024, 12:57pm

The “issue” has been fixed by Sascha since the suricata-update was behind in debian

satta · June 3, 2024, 1:46pm

FYI, it’s now version 1.3.3 in testing and bookworm-backports.

Topic		Replies	Views
Upgrading suricata-upgrade when coupled to Suricata Help suricata-update	2	306	July 31, 2023
Considering upgrade to suricata 6.0.10	6	574	March 11, 2023
Suricata 7.0.0 released Announcements	15	4744	November 14, 2023
Suricata-IDS and Debian Help	16	961	September 28, 2023
Suricata 4.1 EOL update: support extended Announcements	0	728	March 25, 2020

Suricata-update far behind in debian

Related Topics