Manuel Mancera discovered a XSS issue in Squert:
securityonion-squert - 20141015-0ubuntu0securityonion19 resolves this XSS issue and also disables the Apache autoindex module:
Issue 967: Squert: Parameter not escaped in ip2c.php
Issue 969: Squert: prevent directory listing for subdirectories
This package is now available in our stable repo. Please see the following page for full update instructions:
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
Security Onion Conference will be on Friday September 9 and registration is open!
Need training? Please see:
Need support? Please see: