• Support
  • Forums
  • Blogs

AlienVault v5.2.5 Hotfix

LBarracoLBarraco

AlienVault Employee
+20
As of Thursday, June 9, 2016, AlienVault USM and OSSIM v5.2.5 are now generally available for all existing and new customers. Users can update their system(s) through the console or web UI (see upgrade instructions for more information).

Please take a few minutes to carefully read these release notes before upgrading.

Important Information

As of v5.2.5, two major changes occurred in how we handle backups of configuration settings. These changes were made to prevent exploitation of a vulnerability related to the API key:

Removal of API key from backups
The AVAPI key will no longer be stored in the configuration backups. As a precaution, we recommend that you reset the AVAPI key via the ssh console after updating to v5.2.5.

Encryption password added to backups
Users must create a new encryption password that will be used to decrypt configuration backups at the time of restore. Password can be set in the web UI under "Configuration > Admin > Main > Backups". Configuration backups will not run until the password is set. If we detect that no password has been set for the backups, you will receive a message in the Message Center with instructions on how to set your password.


Additional Upgrade Info for All Users on v5.1.1 and Earlier


Documentation Updates


Defects Fixed

  • ENG-103562 - Only global admin accounts can view alarms in list view - Users can see alarms according to the assets and/or contexts they have visibility to (regardless of global admin status)

Security Advisories

  • ENG-102048, Vulnerable Package - libidn (CVVE-2015-2059) - Added new version of package to repository - AlienVault 5.2.5 is not vulnerable.
  • ENG-103101, Vulnerable Configuration - privilege escalation - AlienVault v5.2.5 is not vulnerable
  • ENG-103540, Vulnerable Package - libexpat (CVE-2016-0718) - Added new version of package to repository - AlienVault 5.2.5 is not vulnerable.
  • ENG-103541, Vulnerable Package - jansson (CVE-2016-4425) - Added new version of package to repository - AlienVault 5.2.5 is not vulnerable.
  • ENG-103564, Vulnerable Package - wireshark (multiple) - Added new version of package to repository - AlienVault 5.2.5 is not vulnerable.
  • ENG-103599, Vulnerable Package - gdk-pixbuf (multiple) - Added new version of package to repository - AlienVault 5.2.5 is not vulnerable.
  • ENG-103626, Vulnerable Package - libxml2 (multiple) - Added new version of package to repository - AlienVault 5.2.5 is not vulnerable.

See the Security Advisory for USM and OSSIM v5.2.5 for more information.

Share post:

Comments

  • Received this message after applying the update.

    Update error - unable to complete for lblUSM
    2016-06-10 18:15:50
    Message: Unable to complete update for . ERROR_PACKAGE_INDEX_RESYNCHRONIZATION
    Please
    check your network settings and try again. If you are still unable to
    update your system, please contact AlienVault Support.

    I know my USM has internet connection because I can ping sites from internet

    What should I do?

  • hi

    I am using OSSIM for my lab, and i just tried the update from 5.2.4 to 5.2.5 and it failed.

    With checking for update in the web interface, it says not update available. when updating via the shell menu i receive the following message:

    "there was an error updating the system, please contact support for more information
    error during a dist-upgrade operation"

    Regards,
    didier



  • I fixed the problem:
    --------------------------- 

    Here is the error in the update log file

    the following packages have unmet dependencies:
     ossim-framework: PreDepends: ossim-framework-daemon (=1.5.2.3.30) but 1.5.2.4-31 is installed 
    E: unmet dependencies. Try using -f
    + return 28
    ## upgrade_dist, code 28

    ----------------------------------------

    i have jail break the system and run 
    apt-get install -f

    and updated again, and system says that i am on 5.2.5
    edongLBarraco
  • I tried the above solution and it worked. Thanks!
  • Hi,

    Do you have a roadmap for futur releases ? 

    When do you plan to release the 5.3 ? 

    Thanks.
  • @ol.batard - we don't currently publish our roadmaps. But you can expect 5.3 to be released at the beginning of August :) 
  • thanks !
  • Hi, I have the same Issue when updating from 5.2.4 to 5.2.5 but 'apt-get install -f' didn't work for me, I received the following dependency error:

    Setting up ossim-framework-daemon (1:5.2.5-37) ...
    insserv: warning: script 'nmap-scan-init.sh' missing LSB tags and overrides
    insserv: There is a loop between service monit and nmap-scan-init.sh if stopped
    insserv:  loop involving service nmap-scan-init.sh at depth 2
    insserv:  loop involving service monit at depth 1
    insserv: Stopping nmap-scan-init.sh depends on monit and therefore on system facility `$all' which can not be true!
    insserv: exiting now without changing boot order!
    update-rc.d: error: insserv rejected the script header
    dpkg: error processing package ossim-framework-daemon (--configure):
     subprocess installed post-installation script returned error exit status 1

    Any Ideas on how can I resolve the issue with the looped dependencies?
  • Hi, I have the same Issue when updating from 5.2.4 to 5.2.5 but 'apt-get install -f' didn't work for me, I received the following dependency error:

    Setting up ossim-framework-daemon (1:5.2.5-37) ...
    insserv: warning: script 'nmap-scan-init.sh' missing LSB tags and overrides
    insserv: There is a loop between service monit and nmap-scan-init.sh if stopped
    insserv:  loop involving service nmap-scan-init.sh at depth 2
    insserv:  loop involving service monit at depth 1
    insserv: Stopping nmap-scan-init.sh depends on monit and therefore on system facility `$all' which can not be true!
    insserv: exiting now without changing boot order!
    update-rc.d: error: insserv rejected the script header
    dpkg: error processing package ossim-framework-daemon (--configure):
     subprocess installed post-installation script returned error exit status 1

    Any Ideas on how can I resolve the issue with the looped dependencies?
Sign In or Register to comment.