- Splunk Answers
- :
- Splunk Administration
- :
- Installation
- :
- Vulnerability Reported in linux server, which Splu...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Vulnerability Reported in linux server, which Splunk application running on the server
The below Vulnerabilities reported in linux servers and let me know if any impact on Splunk application, if we remediate the vulnerabilities based on solution provided.
| Amazon Linux 2 : polkit (ALAS-2022-1745) |
| Amazon Linux 2 : libgcrypt (ALAS-2022-1769) |
| Amazon Linux 2 : gzip, xz (ALAS-2022-1782) |
| Amazon Linux 2 : vim (ALAS-2022-1829) |
| Amazon Linux 2 : zlib (ALAS-2022-1849) |
| Amazon Linux 2 : aide (ALAS-2022-1850) |
| Amazon Linux 2 : pcre2 (ALAS-2022-1871) |
| Amazon Linux 2 : e2fsprogs (ALAS-2022-1884) |
| Amazon Linux 2 : sqlite (ALAS-2023-1911) |
| Amazon Linux 2 : libtasn1 (ALAS-2023-1908) |
| Amazon Linux 2 : freetype (ALAS-2023-1909) |
| Amazon Linux 2 : libpng (ALAS-2023-1904) |
| Amazon Linux 2 : python-lxml (ALAS-2023-1956) |
| Amazon Linux 2 : nss-util (ALAS-2023-1954) |
| Amazon Linux 2 : nss-softokn (ALAS-2023-1955) |
| Amazon Linux 2 : python (ALAS-2023-1980) |
| Amazon Linux 2 : cpio (ALAS-2023-1972) |
| Amazon Linux 2 : curl (ALAS-2023-1986) |
| Amazon Linux 2 : nss (ALAS-2023-1992) |
| Amazon Linux 2 : babel (ALAS-2023-2010) |
| Amazon Linux 2 : systemd (ALAS-2023-2004) |
| Amazon Linux 2 : jasper (ALAS-2023-2018) |
| Amazon Linux 2 : gd (ALAS-2023-2044) |
| Amazon Linux 2 : perl (ALAS-2023-2034) |
| Amazon Linux 2 : libwebp (ALAS-2023-2048) |
| Amazon Linux 2 : mariadb (ALAS-2023-2057) |
| Amazon Linux 2 : sysstat (ALAS-2023-2068) |
| Amazon Linux 2 : rsync (ALAS-2023-2074) |
| Amazon Linux 2 : dnsmasq (ALAS-2023-2069) |
| Amazon Linux 2 : glusterfs (ALAS-2023-2071) |
| Amazon Linux 2 : pcre (ALAS-2023-2082) |
| Amazon Linux 2 : git (ALAS-2023-2072) |
| Amazon Linux 2 : libfastjson (ALAS-2023-2079) |
| Amazon Linux 2 : openldap (ALAS-2023-2095) |
| Amazon Linux 2 : perl-HTTP-Tiny (ALAS-2023-2093) |
| Amazon Linux 2 : glib2 (ALAS-2023-2107) |
| Amazon Linux 2 : perl-Pod-Perldoc (ALAS-2023-2094) |
| Amazon Linux 2 : ncurses (ALAS-2023-2096) |
| Amazon Linux 2 : squashfs-tools (ALAS-2023-2152) |
| Amazon Linux 2 : fribidi (ALAS-2023-2116) |
| Amazon Linux 2 : tcpdump (ALAS-2023-2119) |
| Amazon Linux 2 : libX11 (ALAS-2023-2129) |
| Amazon Linux 2 : c-ares (ALAS-2023-2127) |
| Amazon Linux 2 : zstd (ALAS-2023-2140) |
| Amazon Linux 2 : SDL2 (ALAS-2023-2162) |
| Amazon Linux 2 : bluez (ALAS-2023-2167) |
| Amazon Linux 2 : avahi (ALAS-2023-2175) |
| Amazon Linux 2 : nghttp2 (ALAS-2023-2180) |
| Amazon Linux 2 : ca-certificates (ALAS-2023-2224) |
| Amazon Linux 2 : amazon-ssm-agent (ALAS-2023-2238) |
| Amazon Linux 2 : shadow-utils (ALAS-2023-2247) |
| Amazon Linux 2 : libssh2 (ALAS-2023-2257) |
| Amazon Linux 2 : libjpeg-turbo (ALAS-2023-2254) |
| Amazon Linux 2 : expat (ALAS-2023-2280) |
| Amazon Linux 2 : kernel (ALAS-2023-2264) |
| Amazon Linux 2 : flac (ALAS-2023-2283) |
| Amazon Linux 2 : python-pillow (ALAS-2023-2286) |
| Amazon Linux 2 : bind (ALAS-2023-2273) |
| Oracle Java JRE Unsupported Version Detection (Unix) |
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi
it's hard to say if anyone of those is directly affected to splunk, but usually it's a best practices to keep your OS and also other products up to date to avoid any security issues. You already have found Splunk's own security issue page which also should fulfil as soon as possible.
r. Ismo
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Ka21,
Splunk periodically releases updates to address vulnerabilities in libraries shipped with Splunk products. Browse to <https://advisory.splunk.com/> to review bulletins labeled "Third Party Package Updates in Splunk Enterprise" and "Splunk Universal Forwarder Third-Party Updates."
For November 2023:
November 2023 Third Party Package updates in Splunk Enterprise
November 2023 Splunk Universal Forwarder Third-Party Updates
Third Party Package Update in Splunk Add-on for Google Cloud Platform
Third Party Package Update in Splunk Add-on for Amazon Web Services
Re: Java, you'll need to review individual Java-based apps and add-ons--Splunk ITSI, Splunk DB Connect, etc.--for compatibility and upgrade the JRE as needed.
Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!
They're back! Join the SplunkTrust and MVP at .conf24
Enterprise Security Content Update (ESCU) | New Releases
