Bug #9980

Fresh install of Suricata 4.1.5 package warns about CVE-2015-3152; need newer MySQL

Added by Sean McBride 10 months ago. Updated about 12 hours ago.

Target version:
Start date:
Due date:
% Done:


Estimated time:
Affected Version:
Affected Architecture:


5 minutes ago I installed Suricata 4.1.5 package on pfSense 2.4.4-RELEASE-p3 (both newest at this time). It output a bunch of stuff, including:

Message from mysql56-client-5.6.41:

  • * * * * * * * * * * * * * * * * * * * * * * *

Please be aware the database client is vulnerable
to CVE-2015-3152 - SSL Downgrade aka "BACKRONYM".
You may find more information at the following URL:

Although this database client is not listed as
"affected", it is vulnerable and will not be
receiving a patch. Please take note of this when
deploying this software.

  • * * * * * * * * * * * * * * * * * * * * * * *

That's rather disconcerting. :(

Hopefully the usage of mysql isn't actually vulnerable, but this CVE was fixed back in 2015, surely by now it should be using a newer MySQL anyway!


#1 Updated by Bill Meeks 10 months ago

The MySQL dependency is actually being pulled in by Barnyard2 and not Suricata itself. So long as you do not configure Barnyard2, MySQL will not be loaded by Suricata. Barnyard2 is quite old and does not seem to be actively maintained any longer. I am pretty sure a newer version of the MySQL client will break the Barnyard2 binary's MySQL database code.

Suricata upstream is planning to deprecate creation of Unified2 binary log files, and when they do I will likely pull Barnyard2 support out of the Suricata package. The logging method of choice for Suricata upstream is EVE JSON.

#2 Updated by Sean McBride 10 months ago

Thanks for the fast response!

I don't use Barnyard2, so that's good news for me.

But for others... is this therefore a bug of the FreeBSD barnyard2 package? Or...

#3 Updated by Jim Pingle 10 months ago

  • Target version deleted (2.4.5)

#4 Updated by Viktor Gurov about 12 hours ago

  • Status changed from New to Closed

no such message on pfSense 2.4.5-p1/2.5 with suricata-5.0.3/suricata-4.1.8

Also available in: Atom PDF