Skip to content

Malcolm v5.0.1
Compare
Choose a tag to compare
@mmguero mmguero released this 14 Dec 15:35
· 4189 commits to main since this release
v5.0.1
b59e237
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Malcolm v5.0.1 is a patch release with minor bug- and security-related fixes.

v5.0.0...v5.0.1

  • Security vulnerabilities addressed:

  • Bugs addressed:

    • Very large pcaps don't get proccesed idaholab#44
    • pcap files with colon (:) in the name don't process correctly idaholab#2
    • turning off AUTO_TAG feature disables tagging altogether idaholab#12
    • recent debinterfaces release broke configure-interfaces.py idaholab#48
    • opensearch indexes in yellow state idaholab#67
    • arkime capture gives mlockall_init() warning on startup idaholab#66

  • Other

    • bumped Arkime from v3.1.1 to v3.2.0
    • bumped OpenSearch to v1.2.1
    • switched from elasticsearch to opensearch python client libraries
    • write contributor's guide for source code contributions/modifications idaholab#25
    • handle new fields in ethernet/IP logs (cisagov/icsnpp-enip@c4ae505)
    • use more recognizable dashboards logo for OpenSearch dashboards launcher in Malcolm ISO
    • include patches used to build Arkime Dockerfile when building Arkime for hedgehog as well
    • build Zeek spicy analyzers from their various repos rather than the zeek/spicy-analyzer meta-repo

Malcolm and Hedgehog Linux may be obtained by pulling or building the Docker images and/or building the ISO installer images as described in the documentation. Unofficial ISO installer images for Malcolm and Hedgehog Linux are not hosted on GitHub, but may be downloaded from https://malcolm.fyi/download/.

Assets 7
Loading