Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
OpenSSL vulnerability
« previous
next »
Print
Pages: [
1
]
Author
Topic: OpenSSL vulnerability (Read 2156 times)
Goldorak92
Newbie
Posts: 27
Karma: 4
OpenSSL vulnerability
«
on:
April 22, 2020, 03:56:59 pm »
Hi guys,
For information, OpenSSL published a vulnerability paper yesterday:
https://www.openssl.org/news/secadv/20200421.txt
It's impacting our Opnsense20.1.4 which is using OpenSSL 1.1.1f .
Regards,
G.
Logged
Marcel_75
Full Member
Posts: 177
Karma: 5
Re: OpenSSL vulnerability
«
Reply #1 on:
April 22, 2020, 04:34:30 pm »
OpenSSL 1.1.1g will fix this issue as far as I know …
Is it possible to install this directly, without waiting for a OPNsense 20.1.5 release?
Logged
The fact that we live at the bottom of a deep gravity well, on the surface of a gas covered planet going around a nuclear fireball 90 million miles away and think this to be normal is obviously some indication of how skewed our perspective tends to be. (Douglas Adams)
mimugmail
Hero Member
Posts: 6767
Karma: 494
Re: OpenSSL vulnerability
«
Reply #2 on:
April 22, 2020, 05:21:30 pm »
Just disable TLS 1.3
Dont think that many guys use it already
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
franco
Administrator
Hero Member
Posts: 17675
Karma: 1613
Re: OpenSSL vulnerability
«
Reply #3 on:
April 23, 2020, 08:11:35 am »
There will always be OpenSSL vulnerabilities...
20.1.5 won't include this as it is bad timing as usual. Maybe we can pick this up next week.
Cheers,
Franco
Logged
Goldorak92
Newbie
Posts: 27
Karma: 4
Re: OpenSSL vulnerability
«
Reply #4 on:
April 23, 2020, 04:56:04 pm »
Ok, thanks for your replies Mimugmail and Franco.
Cheers,
G.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
OpenSSL vulnerability