[Bro] OpenSSL security issue affecting Bro
Daniel Guerra
daniel.guerra69 at gmail.com
Fri Dec 4 01:20:45 PST 2015
I think the main distro’s are not ready yet! Just got :
jessie/main openssl amd64 1.0.1k-3+deb8u1
q is still in testing.
> On 03 Dec 2015, at 21:01, Johanna Amann <johanna at icir.org> wrote:
>
> Hello,
>
> The OpenSSL Project today published a security advisory, that affects
> users of Bro that are using the X.509 certificate validation functionality
> of Bro. Note that this functionality is not enabled by default - typically
> it is enabled by either loading the policy script
> protocols/ssl/validate-certs.bro or protocols/ssl/validate-ocsp.bro.
>
> The OpenSSL bug can cause a null-pointer exception when parsing certain
> malformed X.509 certificates and can potentially be used for DOS attacks.
>
> The issue affects OpenSSL 1.0.1 and 1.0.2 and was fixed in OpenSSL 1.0.1q
> and 1.0.2e respectively. If you use Bro and perform certificate
> validation, you should update as soon as possible.
>
> The original OpenSSL security advisory is available at
> https://www.openssl.org/news/secadv/20151203.txt. It also contains a few
> other issues that are not directly applicable to Bro.
>
> Johanna
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20151204/fe5fe6e9/attachment-0001.html
More information about the Bro
mailing list