[Bro] OpenSSL security issue affecting Bro
daniel.guerra69 at gmail.com
Fri Dec 4 01:20:45 PST 2015
I think the main distro’s are not ready yet! Just got :
jessie/main openssl amd64 1.0.1k-3+deb8u1
q is still in testing.
> On 03 Dec 2015, at 21:01, Johanna Amann <johanna at icir.org> wrote:
> The OpenSSL Project today published a security advisory, that affects
> users of Bro that are using the X.509 certificate validation functionality
> of Bro. Note that this functionality is not enabled by default - typically
> it is enabled by either loading the policy script
> protocols/ssl/validate-certs.bro or protocols/ssl/validate-ocsp.bro.
> The OpenSSL bug can cause a null-pointer exception when parsing certain
> malformed X.509 certificates and can potentially be used for DOS attacks.
> The issue affects OpenSSL 1.0.1 and 1.0.2 and was fixed in OpenSSL 1.0.1q
> and 1.0.2e respectively. If you use Bro and perform certificate
> validation, you should update as soon as possible.
> The original OpenSSL security advisory is available at
> https://www.openssl.org/news/secadv/20151203.txt. It also contains a few
> other issues that are not directly applicable to Bro.
> Bro mailing list
> bro at bro-ids.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro