OPNsense Forum

Archive => 17.1 Legacy Series => Topic started by: fabian on May 05, 2017, 07:38:32 pm

Title: CVE-2017-8301
Post by: fabian on May 05, 2017, 07:38:32 pm

Just if anyone is questioning this:

OPNsense is not affected as CVE-2017-8301 affects 2.5.1 to 2.5.3 and OPNsense uses a 2.4.x version of LibreSSL.

http://seclists.org/oss-sec/2017/q2/145

Please be careful with your other servers out there.

Kind regards

Fabian

Title: Re: CVE-2017-8301
Post by: franco on May 05, 2017, 10:18:16 pm

Strongswan and HAProxy currently fall apart with LibreSSL 2.5. We'll say with 2.4 a while longer, it's still fully supported and will receive updates if necessary.


Cheers,
Franco