We announce the release of Bro v2.5.4. The new version is now available
for download at:
https://bro.org/download/index.html
or directly at:
https://www.bro.org/downloads/bro-2.5.4.tar.gz
Binary packages for the new version are currently building and will be
available in the next hours at:
https://bro.org/download/packages.html
This release has the following security fixes:
* Incorrect array parsing behavior in BinPAC-generated code with
potential for remotely-triggerable buffer over-reads, invalid memory
accesses, or assertions in Bro analyzers.
* The NCP analyzer could, depending on packet input, overflow signed
integer storage and use the result in a subsequent memory allocation
leading to crashes. Note that the NCP analyzer was not enabled by
default and that it also was not properly updated to use newer Bro
analyzer APIs, so the impact of this issue is limited to only those
who may have done their own patching to get the NCP analyzer working
in the first place.
There's also the following bug fixes:
* Fix a memory leak in the SMBv1 analyzer.
* General fixes for the MySQL analyzer. This update is included to
avoid the appearance of a regression in the analyzer's
output/functionality due to having relied on the previous, incorrect
behavior of BinPAC.
Please update your Bro installations as soon as possible.