Security

OpenSSL 0.9.8p to 0.9.8r or 1.0.0e

fi5033
Engager

Current project I am working on require that OpenSSL be upgraded to at least 0.9.8r (with experimental "ECCdraft" ciphersuites disabled) or 1.0.0e. Specifically, OpenSSL 0.9.8p is cited as vulnerable.
Could you tell me if OpenSSL used by Splunk can be upgraded to 0.9.8r? Or can it be configured to simply use the existing installation of OpenSSL on the server so that we don’t always have to upgrade two copies on each server.

The version we are using is 4.2.1.

Tags (4)
1 Solution

dwaddle
SplunkTrust
SplunkTrust

(A) Splunk's OpenSSL is bundled into Splunk as a private copy. Splunk does not care what your "system" OpenSSL is.

(B) Splunk maintains OpenSSL (and several other bundled components) as part of their overall release process. You should not expect to upgrade "just" Splunk's OpenSSL w/o upgrading Splunk itself. More info is available on http://splunk-base.splunk.com/answers/6653/how-do-splunk-releases-integrate-security-patches-for-dep...

View solution in original post

dwaddle
SplunkTrust
SplunkTrust

(A) Splunk's OpenSSL is bundled into Splunk as a private copy. Splunk does not care what your "system" OpenSSL is.

(B) Splunk maintains OpenSSL (and several other bundled components) as part of their overall release process. You should not expect to upgrade "just" Splunk's OpenSSL w/o upgrading Splunk itself. More info is available on http://splunk-base.splunk.com/answers/6653/how-do-splunk-releases-integrate-security-patches-for-dep...

fi5033
Engager

The version of openssl came with 4.2.1 is 0.9.8p.

bash-3.00$ ls Copyright-for-open*
Copyright-for-openssl-0.9.8p.txt

Still seeking to upgrade 0.9.8p to 0.9.8r and not sure if this is even doable?

0 Karma

jasonnadeau
Explorer

If you review the open source license definitions that are distributed with splunk you should be able to ascertain the version of openssl you are running. I am using Splunk 4.1.8 and the license documents were located here: /opt/splunk/share/splunk/3rdparty. According to Copyright-for-openssl-0.9.8n.txt I should expect openssl 0.9.8n to be in my copy of Splunk.

0 Karma
Get Updates on the Splunk Community!

Improve Your Security Posture

Watch NowImprove Your Security PostureCustomers are at the center of everything we do at Splunk and security ...

Maximize the Value from Microsoft Defender with Splunk

 Watch NowJoin Splunk and Sens Consulting for this Security Edition Tech TalkWho should attend:  Security ...

This Week's Community Digest - Splunk Community Happenings [6.27.22]

Get the latest news and updates from the Splunk Community here! News From Splunk Answers ✍️ Splunk Answers is ...