Splunk maintenance releases and patch to address the DROWN OpenSSL vulnerability

Today, we published a number of maintenance releases that include updates to the OpenSSL package in order to address the DROWN vulnerability.

Download Splunk Enterprise 5.0.15, 6.0.11, 6.1.10, or 6.2.9 from

Download Splunk Light 6.2.9  from

Download HUNK 6.2.9  from

For more information about the DROWN vulnerability, review the following security advisory posted on our security portal.

Patches available for users on 6.3.x

If you can upgrade to 6.4, you should absolutely do that. In addition to a bunch of great new features, the 6.4.0 release contains the updated OpenSSL package. However, if you’re not able to upgrade to 6.4, we’ve made patches available on the 6.3.x codeline to get you through until the upcoming 6.3.4 release (which will also include the updated OpenSSL package).

Find and download your product/platform from the sections below, then unpack and install the patch over your existing Splunk instance(s).

Splunk Enterprise – Linux


Splunk Enterprise – MacOS


Splunk Enterprise – Solaris


Splunk Enterprise – Windows


Splunk Light – Linux


Splunk Light – MacOS


Splunk Light – Windows


Universal Forwarder – AIX


Universal Forwarder – FreeBSD


Universal Forwarder –  HP-UX


Universal Forwarder – Linux


Universal Forwarder – MacOS


Universal Forwarder – Solaris


Universal Forwarder – Windows


Universal Forwarder – Linux PPC

rachel perkins

Posted by