OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of reachmedia »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - reachmedia

Pages: [1]
1
21.1 Legacy Series / Re: Run security audit
« on: April 21, 2021, 12:29:35 pm »
Hi Franco,

Apologies ... i ran updates before you posted 21.1.5, which I just ran again and saw it. Its just to highlight the issues. :)

Thanks

2
21.1 Legacy Series / Run security audit
« on: April 21, 2021, 12:01:30 pm »
Hi opnsense,

Please advise.

Just ran a security audit and the below is shown:

***GOT REQUEST TO AUDIT SECURITY***
Currently running OPNsense 21.1.4 (amd64/OpenSSL) at Wed Apr 21 17:58:46 +08 2021
Fetching vuln.xml.bz2: .......... done
curl-7.75.0 is vulnerable:
curl -- Automatic referer leaks credentials
CVE: CVE-2021-22876
WWW: https://vuxml.FreeBSD.org/freebsd/b1194286-958e-11eb-9c34-080027f515ea.html

curl-7.75.0 is vulnerable:
curl -- TLS 1.3 session ticket proxy host mixup
CVE: CVE-2021-22890
WWW: https://vuxml.FreeBSD.org/freebsd/d10fc771-958f-11eb-9c34-080027f515ea.html

nettle-3.6 is vulnerable:
nettle 3.7.2 -- fix serious ECDSA signature verify bug
WWW: https://vuxml.FreeBSD.org/freebsd/80f9dbd3-8eec-11eb-b9e8-3525f51429a0.html

dnsmasq-2.84,1 is vulnerable:
dnsmasq -- cache poisoning vulnerability in certain configurations
CVE: CVE-2021-3448
WWW: https://vuxml.FreeBSD.org/freebsd/5b72b1ff-877c-11eb-bd4f-2f1d57dafe46.html

4 problem(s) in 3 installed package(s) found.
***DONE***

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2