FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

logstash -- SSL/TLS vulnerability with Lumberjack input

Affected packages
logstash < 1.4.4
1.5.0 <= logstash < 1.5.3

Details

VuXML ID c470bcc7-33fe-11e5-a4a5-002590263bf5
Discovery 2015-07-22
Entry 2015-07-27

Elastic reports:

Vulnerability Summary: All Logstash versions prior to 1.5.2 that use Lumberjack input (in combination with Logstash Forwarder agent) are vulnerable to a SSL/TLS security issue called the FREAK attack. This allows an attacker to intercept communication and access secure data. Users should upgrade to 1.5.3 or 1.4.4.

Remediation Summary: Users that do not want to upgrade can address the vulnerability by disabling the Lumberjack input.

References

CVE Name CVE-2015-5378
URL https://www.elastic.co/community/security