Installation
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
- Find Answers
- :
- Splunk Administration
- :
- Admin Other
- :
- Installation
- :
- Re: Vulnerability Reported in linux server, which ...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Vulnerability Reported in linux server, which Splunk application running on the server
Ka21
Loves-to-Learn
11-26-2023
05:26 AM
The below Vulnerabilities reported in linux servers and let me know if any impact on Splunk application, if we remediate the vulnerabilities based on solution provided.
| Amazon Linux 2 : polkit (ALAS-2022-1745) |
| Amazon Linux 2 : libgcrypt (ALAS-2022-1769) |
| Amazon Linux 2 : gzip, xz (ALAS-2022-1782) |
| Amazon Linux 2 : vim (ALAS-2022-1829) |
| Amazon Linux 2 : zlib (ALAS-2022-1849) |
| Amazon Linux 2 : aide (ALAS-2022-1850) |
| Amazon Linux 2 : pcre2 (ALAS-2022-1871) |
| Amazon Linux 2 : e2fsprogs (ALAS-2022-1884) |
| Amazon Linux 2 : sqlite (ALAS-2023-1911) |
| Amazon Linux 2 : libtasn1 (ALAS-2023-1908) |
| Amazon Linux 2 : freetype (ALAS-2023-1909) |
| Amazon Linux 2 : libpng (ALAS-2023-1904) |
| Amazon Linux 2 : python-lxml (ALAS-2023-1956) |
| Amazon Linux 2 : nss-util (ALAS-2023-1954) |
| Amazon Linux 2 : nss-softokn (ALAS-2023-1955) |
| Amazon Linux 2 : python (ALAS-2023-1980) |
| Amazon Linux 2 : cpio (ALAS-2023-1972) |
| Amazon Linux 2 : curl (ALAS-2023-1986) |
| Amazon Linux 2 : nss (ALAS-2023-1992) |
| Amazon Linux 2 : babel (ALAS-2023-2010) |
| Amazon Linux 2 : systemd (ALAS-2023-2004) |
| Amazon Linux 2 : jasper (ALAS-2023-2018) |
| Amazon Linux 2 : gd (ALAS-2023-2044) |
| Amazon Linux 2 : perl (ALAS-2023-2034) |
| Amazon Linux 2 : libwebp (ALAS-2023-2048) |
| Amazon Linux 2 : mariadb (ALAS-2023-2057) |
| Amazon Linux 2 : sysstat (ALAS-2023-2068) |
| Amazon Linux 2 : rsync (ALAS-2023-2074) |
| Amazon Linux 2 : dnsmasq (ALAS-2023-2069) |
| Amazon Linux 2 : glusterfs (ALAS-2023-2071) |
| Amazon Linux 2 : pcre (ALAS-2023-2082) |
| Amazon Linux 2 : git (ALAS-2023-2072) |
| Amazon Linux 2 : libfastjson (ALAS-2023-2079) |
| Amazon Linux 2 : openldap (ALAS-2023-2095) |
| Amazon Linux 2 : perl-HTTP-Tiny (ALAS-2023-2093) |
| Amazon Linux 2 : glib2 (ALAS-2023-2107) |
| Amazon Linux 2 : perl-Pod-Perldoc (ALAS-2023-2094) |
| Amazon Linux 2 : ncurses (ALAS-2023-2096) |
| Amazon Linux 2 : squashfs-tools (ALAS-2023-2152) |
| Amazon Linux 2 : fribidi (ALAS-2023-2116) |
| Amazon Linux 2 : tcpdump (ALAS-2023-2119) |
| Amazon Linux 2 : libX11 (ALAS-2023-2129) |
| Amazon Linux 2 : c-ares (ALAS-2023-2127) |
| Amazon Linux 2 : zstd (ALAS-2023-2140) |
| Amazon Linux 2 : SDL2 (ALAS-2023-2162) |
| Amazon Linux 2 : bluez (ALAS-2023-2167) |
| Amazon Linux 2 : avahi (ALAS-2023-2175) |
| Amazon Linux 2 : nghttp2 (ALAS-2023-2180) |
| Amazon Linux 2 : ca-certificates (ALAS-2023-2224) |
| Amazon Linux 2 : amazon-ssm-agent (ALAS-2023-2238) |
| Amazon Linux 2 : shadow-utils (ALAS-2023-2247) |
| Amazon Linux 2 : libssh2 (ALAS-2023-2257) |
| Amazon Linux 2 : libjpeg-turbo (ALAS-2023-2254) |
| Amazon Linux 2 : expat (ALAS-2023-2280) |
| Amazon Linux 2 : kernel (ALAS-2023-2264) |
| Amazon Linux 2 : flac (ALAS-2023-2283) |
| Amazon Linux 2 : python-pillow (ALAS-2023-2286) |
| Amazon Linux 2 : bind (ALAS-2023-2273) |
| Oracle Java JRE Unsupported Version Detection (Unix) |
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
isoutamo
SplunkTrust
11-26-2023
11:33 PM
Hi
it's hard to say if anyone of those is directly affected to splunk, but usually it's a best practices to keep your OS and also other products up to date to avoid any security issues. You already have found Splunk's own security issue page which also should fulfil as soon as possible.
r. Ismo
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
tscroggins
Influencer
11-26-2023
03:37 PM
Hi @Ka21,
Splunk periodically releases updates to address vulnerabilities in libraries shipped with Splunk products. Browse to <https://advisory.splunk.com/> to review bulletins labeled "Third Party Package Updates in Splunk Enterprise" and "Splunk Universal Forwarder Third-Party Updates."
For November 2023:
November 2023 Third Party Package updates in Splunk Enterprise
November 2023 Splunk Universal Forwarder Third-Party Updates
Third Party Package Update in Splunk Add-on for Google Cloud Platform
Third Party Package Update in Splunk Add-on for Amazon Web Services
Re: Java, you'll need to review individual Java-based apps and add-ons--Splunk ITSI, Splunk DB Connect, etc.--for compatibility and upgrade the JRE as needed.
Get Updates on the Splunk Community!
AppDynamics Summer Webinars
This summer, our mighty AppDynamics team is cooking up some delicious content on YouTube Live to satiate your ...
SOCin’ it to you at Splunk University
Splunk University is expanding its instructor-led learning portfolio with dedicated Security tracks at .conf25 ...
Credit Card Data Protection & PCI Compliance with Splunk Edge Processor
Organizations handling credit card transactions know that PCI DSS compliance is both critical and complex. The ...
