Messages

1

Zenarmor (Sensei) / Re: Sensei on OPNsense - Application based filtering

« on: April 18, 2019, 09:49:44 pm »

Just installed 0.8.0.beta8 and did an audit of the packages and found that an outdated library is being used that is vulnerable.  Any way I can manually update this w/o breaking anything or will it be fixed in the stable release?

***GOT REQUEST TO AUDIT SECURITY***
vulnxml file up-to-date
libXdmcp-1.1.2_2 is vulnerable:
libXdmcp -- insufficient entropy generating session keys
CVE: CVE-2017-2625
WWW: https://vuxml.FreeBSD.org/freebsd/1b6a10e9-4b7b-11e9-9e89-54e1ad3d6335.html

1 problem(s) in the installed packages found.
***DONE***