Hello, today vulnerability test gave me this output. Tryied remove curl and expat with no luck.. How can I fix this? The OPNsense installed version is 19.7.4 and no update of any kind available..
***GOT REQUEST TO AUDIT SECURITY***
vulnxml file up-to-date
expat-2.2.6_1 is vulnerable:
expat2 -- Fix extraction of namespace prefixes from XML names
WWW: https://vuxml.FreeBSD.org/freebsd/c5bd8a25-99a6-11e9-a598-f079596b62f9.html
curl-7.65.3 is vulnerable:
curl -- multiple vulnerabilities
CVE: CVE-2019-5482
CVE: CVE-2019-5481
WWW: https://vuxml.FreeBSD.org/freebsd/9fb4e57b-d65a-11e9-8a5f-e5c82b486287.html
2 problem(s) in the installed packages found.
***DONE***
Hi,
1. Don't panic.
2. Read the links if you care.
3. Wait for next stable update.
No particular order implied, but all of these are important points to remember.
Cheers,
Franco