fix package vulnerability

void · September 17, 2019, 06:16:10 PM

Hello, today vulnerability test gave me this output. Tryied remove curl and expat with no luck.. How can I fix this? The OPNsense installed version is 19.7.4 and no update of any kind available..

***GOT REQUEST TO AUDIT SECURITY***
vulnxml file up-to-date
expat-2.2.6_1 is vulnerable:
expat2 -- Fix extraction of namespace prefixes from XML names
WWW: https://vuxml.freebsd.org/freebsd/c5bd8a25-99a6-11e9-a598-f079596b62f9.html

curl-7.65.3 is vulnerable:
curl -- multiple vulnerabilities
CVE: CVE-2019-5482
CVE: CVE-2019-5481
WWW: https://vuxml.freebsd.org/freebsd/9fb4e57b-d65a-11e9-8a5f-e5c82b486287.html

2 problem(s) in the installed packages found.
***DONE***

franco · September 17, 2019, 09:20:16 PM

Hi,

1. Don't panic.
2. Read the links if you care.
3. Wait for next stable update.

No particular order implied, but all of these are important points to remember.

Cheers,
Franco

fix package vulnerability

void

September 17, 2019, 06:16:10 PM Last Edit: September 17, 2019, 06:19:32 PM by void

franco

September 17, 2019, 09:20:16 PM #1