"
Hi, I read about the important PHP CVEs that were recently announced, so I checked the System Firmware by doing a Security Audit on the System:Firmware Status tab. It came back with
However there are no updates to correct this when checking for updates...
Is there a way to put the standard FreeBSD package servers in the list so that if there are no updates on OPNSense, then the upstream updates will be installed?
Or is there a better way?
Code Select
***GOT REQUEST TO AUDIT SECURITY***
Currently running OPNsense 25.1.3 (amd64) at Tue Mar 25 13:07:08 AEDT 2025
vulnxml file up-to-date
php83-8.3.17_1 is vulnerable:
php -- Multiple vulnerabilities
CVE: CVE-2025-1217
CVE: CVE-2025-1734
CVE: CVE-2025-1861
CVE: CVE-2025-1736
CVE: CVE-2025-1219
CVE: CVE-2024-11235
WWW: https://vuxml.FreeBSD.org/freebsd/2ac2ddc2-0051-11f0-8673-f02f7432cf97.html
1 problem(s) in 1 installed package(s) found.
***DONE***However there are no updates to correct this when checking for updates...
Is there a way to put the standard FreeBSD package servers in the list so that if there are no updates on OPNSense, then the upstream updates will be installed?
Or is there a better way?
