OPNsense Forum
Archive => 20.7 Legacy Series => Topic started by: magnust on October 01, 2020, 06:20:27 pm
-
Known thing?
***GOT REQUEST TO AUDIT SECURITY***
vulnxml file up-to-date
libxml2-2.9.10 is vulnerable:
libxml -- multiple vulnerabilities
WWW: https://vuxml.FreeBSD.org/freebsd/f5abafc0-fcf6-11ea-8758-e0d55e2a8bf9.html
1 problem(s) in 1 installed package(s) found.
***DONE***
OPNsense 20.7.3-amd64
FreeBSD 12.1-RELEASE-p10-HBSD
LibreSSL 3.1.4
-
Yes, packages will always be Updated with a new release
-
So this is supposed to be vulnerable with 20.7.3 and probably fixed in a future 20.7.4? So I understand this correctly :)
-
Yes
-
Thank you!
-
magnust if you are really concerned about it you can update it yourself using the FreeBSD repository. From the console edit the FreeBSD.conf file at:
/usr/local/etc/pkg/repos/FreeBSD.conf
add the following information:
FreeBSD: {
url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest",
mirror_type: "srv",
signature_type: "fingerprints",
fingerprints: "/usr/share/keys/pkg",
enabled: yes
}
From the console run the following commands:
pkg update
pkg install libxml2-2.9.10_1
pkg clean
At this point I would remove the information you added to the FreeBSD.conf file otherwise you will have issues with updating OPNsense. This is a temporary fix until until the OPNsense 20.7.4 update.