[Bro] Bro 2.5.4 release (security update)

Jon Siwek jsiwek at corelight.com
Tue Jun 5 14:49:41 PDT 2018


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

We announce the release of Bro v2.5.4. The new version is now available
for download at:

    https://bro.org/download/index.html

or directly at:

    https://www.bro.org/downloads/bro-2.5.4.tar.gz

Binary packages for the new version are currently building and will be
available in the next hours at:

    https://bro.org/download/packages.html

This release has the following security fixes:

* Incorrect array parsing behavior in BinPAC-generated code with
  potential for remotely-triggerable buffer over-reads, invalid memory
  accesses, or assertions in Bro analyzers.

* The NCP analyzer could, depending on packet input, overflow signed
  integer storage and use the result in a subsequent memory allocation
  leading to crashes.  Note that the NCP analyzer was not enabled by
  default and that it also was not properly updated to use newer Bro
  analyzer APIs, so the impact of this issue is limited to only those
  who may have done their own patching to get the NCP analyzer working
  in the first place.

There's also the following bug fixes:

* Fix a memory leak in the SMBv1 analyzer.

* General fixes for the MySQL analyzer.  This update is included to
  avoid the appearance of a regression in the analyzer's
  output/functionality due to having relied on the previous, incorrect
  behavior of BinPAC.

Please update your Bro installations as soon as possible.
-----BEGIN PGP SIGNATURE-----

iQIcBAEBAgAGBQJbFsWkAAoJEMaLSU31asx+sJoP/3e8tStsvUfo/7F4RLk31Dfk
+6wtho/OstL1RyQRavCqXfThGZu8gzMY8z2i6+ACTiWf3KVooKrMjucX4CVnL0L3
JORpEra00V+KPWMyv7eU9XkZJQuc52oVtcVMQQsaBbmPcKSeyLx13K4qim3tZPqF
r3IRbtjq+8vi5zgKw60MEmcguarkzDwnO7oVs+oiZ5BmhkZy0VWG3pKQQ28+6S/b
bf3T659UmukeHyEgR6OrLA8JmuY501Tb43RGh5rsCOkyPtYS0k/ARZhXyBqx1qqz
ap74nUBLFJ2LTKefXFDtcjjOYnq3cJqNZjojIOys3Ec0YMKLjQKso8MVqJdJgQ4i
arMeBHZYTCnOsgyophCAp6BzOWtiB3hBpnE5UnjHB2c4jCPOcRbyk7b2oKqqfWyS
S1UgmX6pUlyG+eDi2nVlEiqHkRbgalXrIhFmGvyAHzf8GHODpSbiNCfYKINP5lVj
Ipo0q50fm1HDgjLSp6Bwy9pvWejaKSHg3qikCcFVAgnO/NkCxfLtYlBO1uGw1niP
NLv1VBydyaTYJL8XFZHxgVz4mIMGDYjTMDQ+Biv5GYcAesVtPR0taTkWzGibP8D7
opdbXvVrOQDhnI+LnR9sLAkXifJyBiUNmSWSSeryqmCxj2Jo9zCBB5iV+nN/lLXp
gr7epYv6u0g2au7u5lnm
=TOdb
-----END PGP SIGNATURE-----


More information about the Bro mailing list