OPNsense Forum
Archive => 18.1 Legacy Series => Topic started by: vividou on March 05, 2018, 07:18:01 pm
-
Hello,
After updating Opnsense to the version 18.1.3, the security audit returns the following message:
***GOT REQUEST TO AUDIT SECURITY***
vulnxml file up-to-date
isc-dhcp43-client-4.3.6 is vulnerable:
isc-dhcp -- Multiple vulnerabilities
CVE: CVE-2018-5733
CVE: CVE-2018-5732
WWW: https://vuxml.FreeBSD.org/freebsd/2040c7f5-1e3a-11e8-8ae9-0050569f0b83.html
1 problem(s) in the installed packages found.
***DONE***
Is it a bug?
-
No. That's just a feature they so you can see what CVEs are out there for certain things. They'll usually patch it at some point :)
-
Release builds take 1-2 days normally, this time around we also waited for the weekend to clear. That makes 4 days where new CVEs become known that can't magically make it into a prepared release.
We're preparing for 18.1.4 on Thursday.
Cheers,
Franco