Suricata-update far behind in debian

Hello everyone I’m using suricata and have now update to suricata version 7.0.5 today on debian 12 unfortunately noticed suricata-update didn’t update along side it and is still in version 1.2.7 and is very far behind in updates compared to suricata it self , i really needed version 1.3.0 because there was a fix for MISP rules where they didn’t work because the file didn’t end with .rules

Looks like 1.3.3 is in testing: suricata-update - Debian Package Tracker

Generally, I don’t think Debian updates major versions in stable, right @satta ?

Yes the problem is for example we have the stable bpo version 7.0.5 and when i updated it today i was expecting suricata-update to do the same since they “should” come together maybe this is something you guys could take a look because it seems to be inconsistent

https://tracker.debian.org/pkg/suricata

Generally, I don’t think Debian updates major versions in stable, right @satta ?

Right. But AFAICS @gordnho mentioned stable-backports and not stable.

Unfortunately there has not been a backport for suricata-update so far, so even if I upload one now, it will need to be manually reviewed to clear backports-NEW. This might take a while. If you want I can provide you with a stable .deb here.

Thanks a lot Sascha .

It’s not an urgent request since we are just still running test servers to deploy suricata permanently soon, but is this something that you will be doing in the future or will you just stick with updating the stable version.

Also thank a lot for your team for the quick answers.

Uploaded the backport, hopefully it’ll be through the NEW queue quickly. (You can track the progress via Debian NEW and BYHAND Packages where it should be listed soon)

Here’s the bookworm deb for you, if you want it directly:
bookworm-backports-suricata-update-1.3.3.zip (61.5 KB)

(You’d need to unzip it before since .deb uploads are not supported here)

1 Like

I usually try to provide stable backports for new versions as soon as the new packages hit testing, but it must have slipped off my radar this time.

1 Like

Thanks a lot,no problems :+1: