Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 21 Security Advisory: FEDORA-2015-7886 Critical Suricata Crash

fedora
Calendar Grey May 30, 2015
Dist Fedora Esm H88
Fedora introduces a security patch for Suricata to address a significant SSL/TLS parsing vulnerability that could lead to application crashes while handling file inputs.
This update fixes a bug in the DER parser which is used to decode SSL/TLS certificates could crash Suricata

Summary

The Suricata Engine is an Open Source Next Generation Intrusion

Detection and Prevention Engine. This engine is not intended to

just replace or emulate the existing tools in the industry, but

will bring new ideas and technologies to the field. This new Engine

supports Multi-threading, Automatic Protocol Detection (IP, TCP,

UDP, ICMP, HTTP, TLS, FTP and SMB! ), Gzip Decompression, Fast IP

Matching, and GeoIP identification.

Update Information:

This update fixes a bug in the DER parser which is used to decode SSL/TLS certificates could crash Suricata. Also, those processing large numbers of (untrusted) pcap files need to update as a malformed pcap could crash Suricata.

Topics%20covered

Topics Covered

security advisory fedora critical TLS SSL crash suricata

Change Log

* Wed May 6 2015 Steve Grubb 2.0.8-1 - New upstream security bug fix release * Thu Feb 26 2015 Steve Grubb 2.0.7-1 - New upstream security bug fix release for CVE-2015-0928 * Thu Jan 15 2015 Steve Grubb 2.0.6-1 - New upstream bug fix release - Don't use the system libhtp library * Fri Dec 12 2014 Steve Grubb 2.0.5-1 - New upstream bug fix release - Use the system libhtp library

References

Fedora Update Notification FEDORA-2015-7886 2015-05-10 04:04:10
Name : suricata Product : Fedora 21 Version : 2.0.8 Release : 1.fc21 URL : Summary : Intrusion Detection System Description : The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic Protocol Detection (IP, TCP, UDP, ICMP, HTTP, TLS, FTP and SMB! ), Gzip Decompression, Fast IP Matching, and GeoIP identification.

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update suricata' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: suricata
Product: Fedora 21
Version: 2.0.8
Release: 1.fc21
URL:
Summary: Intrusion Detection System

Topics%20covered

Topics Covered

security advisory fedora critical TLS SSL crash suricata

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here