update 18.1.3: audit security problem?

Started by vividou, March 05, 2018, 07:18:01 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 05, 2018, 07:18:01 PM Last Edit: March 05, 2018, 09:41:48 PM by vividou
Hello,

After updating Opnsense to the version 18.1.3, the security audit returns the following message:
Code Select
***GOT REQUEST TO AUDIT SECURITY***
vulnxml file up-to-date
isc-dhcp43-client-4.3.6 is vulnerable:
isc-dhcp -- Multiple vulnerabilities
CVE: CVE-2018-5733
CVE: CVE-2018-5732
WWW: https://vuxml.FreeBSD.org/freebsd/2040c7f5-1e3a-11e8-8ae9-0050569f0b83.html

1 problem(s) in the installed packages found.
***DONE***

Is it a bug?
March 05, 2018, 10:10:43 PM #1
No. That's just a feature they so you can see what CVEs are out there for certain things. They'll usually patch it at some point :)
March 06, 2018, 07:48:38 AM #2
Release builds take 1-2 days normally, this time around we also waited for the weekend to clear. That makes 4 days where new CVEs become known that can't magically make it into a prepared release.

We're preparing for 18.1.4 on Thursday.


Cheers,
Franco
Print
Go Up Pages1
User actions