Alerts regarding the security of the Corelight products.
1.15 and 1.16 resolve some CVEs and pull in Bro security patches from 2.5.5 and 2.6.0.
1.14.1 Updates Bro to version 2.5.4, which is a security release
1.14.1 Corelight Announces FIPS 140-2 compliance for the sensors.
1.13 has been released with the Meltdown patch. Please update to 1.13 or later for the latest in protection.
Given widespread concern about the Intel Meltdown vulnerability we wanted to provide an update on steps we’re taking to address this issue. While the Corelight Sensor uses Intel processors we believe the risk of data compromise via a Meltdown exploit is very low due to the sensor’s design, which limits access to logged in accounts via the Diagnostic Shell. Consequently, we recommend that you verify that SSH access to your Corelight Sensor(s) is appropriately limited. The forthcoming 1.13 sensor software release will also include a patch that fixes this vulnerability.
Corelight Sensor 1.12.1: Open source Bro release 2.5.2 fixed an out-of-bounds write condition which would crash Bro. This could be used as a denial of service attack against the Corelight Sensor, so we have released 1.12.1 to include Bro 2.5.2 and resolve any potential issue.