OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 17.1 Legacy Series »
  • 17.1 beta multiple vulnerabilities NTP / Squid
« previous next »
  • Print
Pages: [1]

Author Topic: 17.1 beta multiple vulnerabilities NTP / Squid  (Read 6267 times)

tillsense

  • Sr. Member
  • ****
  • Posts: 308
  • Karma: 48
    • View Profile
17.1 beta multiple vulnerabilities NTP / Squid
« on: December 23, 2016, 06:27:41 pm »
Hi Franco,

is there a chance to fix this over console on beta?

--------------------------------------------------------------------
OPNsense 17.1.b_60-amd64
FreeBSD 11.0-RELEASE-p5
OpenSSL 1.0.2j 26 Sep 2016
Logged

tillsense

  • Sr. Member
  • ****
  • Posts: 308
  • Karma: 48
    • View Profile
Re: 17.1 beta multiple vulnerabilities NTP / Squid
« Reply #1 on: December 24, 2016, 07:02:01 am »
Ok i found this: https://github.com/opnsense/ports/issues/30 and switch to
Quote
17.1/experimental
this is a good place for new updates  :)

Happy Holidays and many thanks for the great work!

cheers till

--------------------------------------------------------------------
OPNsense 17.1.b_60-amd64
FreeBSD 11.0-RELEASE-p5
OpenSSL 1.0.2j 26 Sep 2016
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13624
  • Karma: 1173
    • View Profile
Re: 17.1 beta multiple vulnerabilities NTP / Squid
« Reply #2 on: December 28, 2016, 03:17:02 pm »
Hi Till,

Experimental has been updated again, but please don't rely on it. There is no automated build on the other side. It's just for testing changes that we will not officially publish. :)

Please also note the vulnerability scan is a courtesy of FreeBSD. It is not meant to indicate update schedules. It is simply a tool for vulnerability management we wanted to bring to our users.


Happy holidays!

Cheers,
Franco
« Last Edit: December 28, 2016, 03:18:37 pm by franco »
Logged

tillsense

  • Sr. Member
  • ****
  • Posts: 308
  • Karma: 48
    • View Profile
Re: 17.1 beta multiple vulnerabilities NTP / Squid
« Reply #3 on: December 28, 2016, 08:28:53 pm »
Hi Franco,

yes just for testing...and thank you!
Quote
Any help in making 17.1 the best it could possibly be for its final release at the end of January 2017 is highly appreciated. Please do not hesitate to contact us through any of the known channels:

how can i install one of the new kernel(latest/route) in sets? The base package is missing/not necessary? What is *route*? (rc*out*possibly*) 33M?

cheers till

--------------------------------------------------------------------
OPNsense 17.1.b_73-amd64
FreeBSD 11.0-RELEASE-p5
OpenSSL 1.0.2j 26 Sep 2016

« Last Edit: December 28, 2016, 08:37:55 pm by tillsense »
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13624
  • Karma: 1173
    • View Profile
Re: 17.1 beta multiple vulnerabilities NTP / Squid
« Reply #4 on: December 29, 2016, 09:41:19 am »
The test kernels have no signatures and base sets, you can install them via:

# opnsense-update -kir 17.1.b-NAME

-i is for insecure (no signature)
-k is for kernel only
-r is the name of the release

17.1.b-latest is an up-to-date version of 17.1.b with some modifications to SEGVGUARD by Shawn.

17.1.b-route is a test kernel based on FreeBSD 12-CURRENT GENERIC for work that we do to finally enable multi-wan + ipfw traffic shaping and captive portal usage. I do not recommend using this one. ;)
Logged

tillsense

  • Sr. Member
  • ****
  • Posts: 308
  • Karma: 48
    • View Profile
Re: 17.1 beta multiple vulnerabilities NTP / Squid
« Reply #5 on: December 29, 2016, 06:41:39 pm »
is running... thanks!

Code: [Select]
FreeBSD 11.0-RELEASE-p6 #0 eebfd11d3(master): Sun Dec 25 15:36:58 CET 2016
    root@sensey64:/usr/obj/usr/src/sys/SMP amd64
FreeBSD clang version 3.8.0 (tags/RELEASE_380/final 262564) (based on LLVM 3.8.0)
[HBSD LOG] logging to system: enabled
[HBSD LOG] logging to user: disabled
[HBSD ASLR] status: opt-out
[HBSD ASLR] mmap: 30 bit
[HBSD ASLR] exec base: 30 bit
[HBSD ASLR] stack: 42 bit
[HBSD ASLR] vdso: 28 bit
[HBSD ASLR] map32bit: 18 bit
[HBSD ASLR] disallow MAP_32BIT mode mmap: opt-in
[HBSD ASLR (compat)] status: opt-out
[HBSD ASLR (compat)] mmap: 14 bit
[HBSD ASLR (compat)] exec base: 14 bit
[HBSD ASLR (compat)] stack: 14 bit
[HBSD ASLR (compat)] vdso: 8 bit
[HBSD SEGVGUARD] status: opt-out
[HBSD SEGVGUARD] expiry: 120 sec
[HBSD SEGVGUARD] suspension: 600 sec
[HBSD SEGVGUARD] maxcrashes: 5
CPU: AMD G-T40E Processor (1000.02-MHz K8-class CPU)


--------------------------------------------------------------------
OPNsense 17.1.b_73-amd64
FreeBSD 11.0-RELEASE-p6
OpenSSL 1.0.2j 26 Sep 2016
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13624
  • Karma: 1173
    • View Profile
Re: 17.1 beta multiple vulnerabilities NTP / Squid
« Reply #6 on: December 29, 2016, 10:19:19 pm »
Cool, thanks. 8)
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 17.1 Legacy Series »
  • 17.1 beta multiple vulnerabilities NTP / Squid
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2