OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 19.7 Legacy Series »
  • fix package vulnerability
« previous next »
  • Print
Pages: [1]

Author Topic: fix package vulnerability  (Read 1836 times)

void

  • Newbie
  • *
  • Posts: 4
  • Karma: 0
    • View Profile
fix package vulnerability
« on: September 17, 2019, 06:16:10 pm »
Hello, today vulnerability test gave me this output. Tryied remove curl and expat with no luck.. How can I fix this? The OPNsense installed version is 19.7.4 and no update of any kind available..

***GOT REQUEST TO AUDIT SECURITY***
vulnxml file up-to-date
expat-2.2.6_1 is vulnerable:
expat2 -- Fix extraction of namespace prefixes from XML names
WWW: https://vuxml.FreeBSD.org/freebsd/c5bd8a25-99a6-11e9-a598-f079596b62f9.html

curl-7.65.3 is vulnerable:
curl -- multiple vulnerabilities
CVE: CVE-2019-5482
CVE: CVE-2019-5481
WWW: https://vuxml.FreeBSD.org/freebsd/9fb4e57b-d65a-11e9-8a5f-e5c82b486287.html

2 problem(s) in the installed packages found.
***DONE***
« Last Edit: September 17, 2019, 06:19:32 pm by void »
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 17665
  • Karma: 1611
    • View Profile
Re: fix package vulnerability
« Reply #1 on: September 17, 2019, 09:20:16 pm »
Hi,

1. Don't panic.
2. Read the links if you care.
3. Wait for next stable update.

No particular order implied, but all of these are important points to remember.


Cheers,
Franco
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 19.7 Legacy Series »
  • fix package vulnerability
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2