Tuesday, October 28, 2014

New securityonion-web-page package fixes an issue in the Apache configuration

Yesterday, we released a new version of the securityonion-web-page package:

That package updated the Apache configuration to disable SSLv3.  However, the package used "sed" to update /etc/apache2/mods-enabled/ssl.conf, which is a symlink to /etc/apache2/mods-available/ssl.conf.  When sed operates on a symlinked file, it replaces the symlink with a copy of the file and then makes its modifications.  The broken symlink would have caused issues with future package updates, so I've released a new version of the securityonion-web-page package that fixes the symlink and updates the original file properly.

The new package version is as follows:

securityonion-web-page - 20141015-0ubuntu0securityonion7

Issues Resolved

Issue 640: securityonion-web-page: previous update broke ssl symlink

The new packages are now available in our stable repo.  Please see the following page for full update instructions:

Updating using "sudo soup"

Verifying that the update fixed the ssl.conf hyperlink

Verifying that SSLProtocol excludes SSLv3

Restarting Apache using "sudo service apache2 restart"

Verifying that SSLv3 is disabled using "openssl s_client -connect localhost:443 -ssl3"

Thanks to David Zawdie for testing!

If you have any questions or problems, please use our security-onion mailing list:

Commercial Support
Need commercial support?  Please see:

Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:

We especially need help in answering support questions on the mailing list:

We also need help testing new packages:


No comments:

Search This Blog

Featured Post

Quick Malware Analysis: WORD MACRO --> SSLOAD --> COBALT STRIKE pcap from 2024-04-18

Thanks to Brad Duncan for sharing this pcap from 2024-04-18 on his malware traffic analysis site! Due to issues with Google flagging a warni...

Popular Posts

Blog Archive