fatal error in /opt/bro/share/bro/policy/frameworks/software/vulnerable.bro, line 41: BroType::AsRecordType (table/record) (set[record { min:record { major:count; minor:count; minor2:count; minor3:count; addl:string; }; max:record { major:count; minor:count; minor2:count; minor3:count; addl:string; }; }])
Not trying to hijack the thread, but ditto for me on the above message. I just updated to git master today after running an old version for a long time. Commenting out f/s/vulnerable in local.bro bypasses error.
The way vulnerable software is specified has changed to allow for more flexibility. Here's what my local.bro has, for example:
global java_1_6_vuln: Software::VulnerableVersionRange = [$max=[$major=1,$minor=6,$minor2=0,$minor3=44]];
global java_1_7_vuln: Software::VulnerableVersionRange = [$min=[$major=1,$minor=7], $max=[$major=1,$minor=7,$minor2=0,$minor3=20]];redef Software::vulnerable_versions += {
["Java"] = set(java_1_6_vuln, java_1_7_vuln)
};
This defines any Java <= 1.6.0.44 and any Java >= 1.7 and <= 1.7.0.20 as vulnerable.
From CHANGES:
2.1-366 | 2013-03-17 12:35:59 -0700
* Improvements to vulnerable software detection. (Seth Hall)
- Add a DNS based updating method. This needs to be tested
still.- Vulnerable version ranges are used now instead of only single
versions. This can deal with software with multiple stable
major versions.* Update software version parsing and comparison to account for a
third numeric subversion. Also, $addl is now compared numerically
if the value is actually numeric. (Seth Hall)
Is it safe to assume accounts didn't get ported over to the new Tracker?
See: <http://blog.bro.org/2013/07/bug-tracker-migration.html>, specifically:
The most significant thing users should note is that as part of the import in to JIRA, accounts have been created with the same usernames as were in Trac, however password resets need to be requested before they can be used to log in. This can be done by selecting the "Unable to access your account?" link from the log in screen to request password reset instructions via email.
Hope this helps,
--Vlad