FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

logstash-forwarder and logstash -- susceptibility to POODLE vulnerability

Affected packages
logstash-forwarder <
logstash < 1.4.3


VuXML ID ad4d3871-1a0d-11e5-b43d-002590263bf5
Discovery 2015-06-09
Entry 2015-06-24
Modified 2015-06-24

Elastic reports:

The combination of Logstash Forwarder and Lumberjack input (and output) was vulnerable to the POODLE attack in SSLv3 protocol. We have disabled SSLv3 for this combination and set the minimum version to be TLSv1.0. We have added this vulnerability to our CVE page and are working on filling out the CVE.

Thanks to Tray Torrance, Marc Chadwick, and David Arena for reporting this.

SSLv3 is no longer supported; TLS 1.0+ is required (compatible with Logstash 1.4.2+).


FreeBSD PR ports/201065
FreeBSD PR ports/201065