fix package vulnerability

Started by void, September 17, 2019, 06:16:10 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 17, 2019, 06:16:10 PM Last Edit: September 17, 2019, 06:19:32 PM by void
Hello, today vulnerability test gave me this output. Tryied remove curl and expat with no luck.. How can I fix this? The OPNsense installed version is 19.7.4 and no update of any kind available..

***GOT REQUEST TO AUDIT SECURITY***
vulnxml file up-to-date
expat-2.2.6_1 is vulnerable:
expat2 -- Fix extraction of namespace prefixes from XML names
WWW: https://vuxml.freebsd.org/freebsd/c5bd8a25-99a6-11e9-a598-f079596b62f9.html

curl-7.65.3 is vulnerable:
curl -- multiple vulnerabilities
CVE: CVE-2019-5482
CVE: CVE-2019-5481
WWW: https://vuxml.freebsd.org/freebsd/9fb4e57b-d65a-11e9-8a5f-e5c82b486287.html

2 problem(s) in the installed packages found.
***DONE***
September 17, 2019, 09:20:16 PM #1
Hi,

1. Don't panic.
2. Read the links if you care.
3. Wait for next stable update.

No particular order implied, but all of these are important points to remember.


Cheers,
Franco
"AI has absolutely reduced the cost of creating technical debt." -- ChatGPT
Print
Go Up Pages1
User actions