Monday, October 16, 2017

Bro 2.5.2 & 2.4.2 release (security update)

We announce the release of Bro v2.5.2. The new version is now available for download at https://bro.org/download/index.html or directly at https://www.bro.org/downloads/bro-2.5.2.tar.gz.

Binary packages for the new version are currently building and will be available in the next hours at https://bro.org/download/packages.html

This is a security release that fixes an out-of-bound write in the ContentLine analyzer. This issue can be used by remote attackers to crash Bro (i.e. a DoS attack). There also is a possibility this can be exploited in other ways.

This bug was found by Frank Meier. A CVE has been requested for this bug.

Bro 2.5.2 does not contain any other changes. We urge everyone to update their installation as quickly as possible.

Due to the potential severity of this bug we also provide a patched version of Bro v2.4.2. The only difference to version v2.4.1 is this bugfix. Please note that we encourage users to use version 2.5.2 instead; we do generally not provide security updates for old releases; version 2.4.2 is missing a number of other bugfixes that were applied to v2.5.2.

Version 2.4.2 is available for download at https://www.bro.org/downloads/bro-2.4.2.tar.gz.

Feel free to use our mailing list or the bug tracker to provide feedback or report problems.

Wednesday, October 11, 2017

A new name for the Bro project

At this year’s BroCon (Sept. 12–14), we announced that the project is going to be renamed, and that we are seeking community input for ideas. After the issue was raised at the previous year’s BroCon panel, the leadership team felt that we needed to take the idea of changing the name seriously and come back with a decision and explanation either way. 

After many discussions, the leadership team decided it was time to change the name of the project. This was not forced from the outside. There are people with views in the community both ways, some very strong. However, we decided it was time to rename the project for several reasons.

The most obvious reason is that the name has taken on a new meaning, representative of “bro culture”, which in an industry dominated by men and struggling with issues relating to sexism, it would be tone deaf at the very least not to acknowledge this. The term “brogrammer" no longer means the same thing to us nor the outside world.

Further, the original connotation of Bro as short for Big Brother is not what people think of, and so that original name with the Orwellian reference is lost on people. In fact, many people introducing Bro or asking their managers to go to BroCon, spend an unnecessary amount of time explaining the name. It simply gets in the way, and in the end they explain that it isn’t a reference to this one negative thing, but another. This pragmatism also played a role in the decision to change the name.

Finally, software projects rename themselves all the time. For example, another common tool for network analysis, Wireshark, was once called Ethereal. And after a while no one really thought much about the old name as it is the software’s quality and utility that matter most for longevity, and it will be the same with the Bro project’s software.

As announced at the most recent BroCon, we are looking for community input for a new name for the project. This does not mean we will change every piece of software’s name, but the project page, social media accounts, and conference name will most certainly reflect the change, and we would like help.


We are accepting name suggestions through December 4th, 2017, from which the leadership team will narrow to a list of 5. Then we will have one more survey, asking for input for those names.  We will choose a new name based on many factors, including community input, domain availability, and trademarks. The change will then rollout as quickly as possible for social media and the web site, though any changes to files names in our packages will not happen before the next major release, version 2.6.