Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
CVE-2018-0732
« previous
next »
Print
Pages: [
1
]
Author
Topic: CVE-2018-0732 (Read 3203 times)
Wyrm
Jr. Member
Posts: 56
Karma: 1
CVE-2018-0732
«
on:
July 19, 2018, 02:57:39 pm »
Hi,
I have done security audit on version 18.1.12 and there is security vulnerabilty:
***GOT REQUEST TO AUDIT SECURITY***
vulnxml file up-to-date
libressl-2.6.5 is vulnerable:
OpenSSL -- Client DoS due to large DH parameter
CVE: CVE-2018-0732
WWW:
https://vuxml.FreeBSD.org/freebsd/c82ecac5-6e3f-11e8-8777-b499baebfeaf.html
1 problem(s) in the installed packages found.
***DONE***
Versions on box:
OPNsense 18.1.12-amd64
FreeBSD 11.1-RELEASE-p11
LibreSSL 2.6.5
Is it Ok, or there will be some patch ?
Thanks for reply...
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: CVE-2018-0732
«
Reply #1 on:
July 19, 2018, 05:14:29 pm »
Hi,
LibreSSL 2.6.5 is not vulnerable. There is an error in the FreeBSD database and the ports security team did not merge the fix:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=229037
Cheers,
Franco
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
CVE-2018-0732