Looking for documentation? Check out our new learning center!

Patch release v4.2.3

juanmalsjuanmals Posts: 75 Alien Overseer
4.2.3
Minor

Patch Release v4.2.3 is now available for your system.  Patch releases are intended to be minimally disruptive to your system and do not contain new functionality.  However, please read release notes and change log below and apply the patch during an appropriate service window.

Release Notes
--------------------------------------------------------------------------

4.2.3 - RN1 Updates to Address Security Advisory

Included in this release are improvements to the input validation routines used to cleanse particular parameters submitted by the event search form.  This addresses all issues found in the security advisory found <a target="_blank" href="http://forums.alienvault.com/discussion/1236/security-advisory-alienvault-ossim-v4-1">here</a>

4.2.2 - RN1 Policies for Directive Events

The interface for policy creation previously allowed the user to create policies that were not supported by the policy engine.  This only applied to policies for directive events; more conditions were available in the UI then the policy engine supported.  This means some users may have policies existing in their system that are not being completely enforced.  Take note of any policies for directive events that have 'source' and 'destination' as conditions.  The logic in these policies will have to be recreated, either by creating policies that filter the events that trigger the directive, or by adding the conditions to the directive itself. 



Change Log - AlienVault USM v4.2.3 only
--------------------------------------------------------------------------

- New events logged by the  the AlienVault Forwarder process



Change Log - AlienVault OSSIM v4.2.3 and AlienVault USM v4.2.3
--------------------------------------------------------------------------

- Fixed multiple issues when resending events to multiple servers
- Fixed a segmentation fault when closing the agent-server correlation
- Fixed a race condition during correlation process
- Fixed an SQL injection in the SIEM Forensic console
- Updated PHP and PERL software packages

Comments

Sign In or Register to comment.