Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
CVE-2019-18634, CVE-2020-7450
« previous
next »
Print
Pages: [
1
]
Author
Topic: CVE-2019-18634, CVE-2020-7450 (Read 4776 times)
mcc85s
Newbie
Posts: 6
Karma: 0
CVE-2019-18634, CVE-2020-7450
«
on:
February 02, 2020, 06:03:43 pm »
Reporting (2) CVE's after upgrading to [20.1]
***GOT REQUEST TO AUDIT SECURITY***
Fetching vuln.xml.bz2: .......... done
sudo-1.8.30 is vulnerable:
sudo -- Potential bypass of Runas user restrictions
CVE: CVE-2019-18634
WWW:
https://vuxml.FreeBSD.org/freebsd/b4e5f782-442d-11ea-9ba9-206a8a720317.html
pkg-1.12.0 is vulnerable:
pkg -- vulnerability in libfetch
CVE: CVE-2020-7450
WWW:
https://vuxml.FreeBSD.org/freebsd/2af10639-4299-11ea-aab1-98fa9bfec35a.html
2 problem(s) in 2 installed package(s) found.
***DONE***
Logged
chemlud
Hero Member
Posts: 2485
Karma: 112
Re: CVE-2019-18634, CVE-2020-7450
«
Reply #1 on:
February 02, 2020, 06:06:35 pm »
...this info is for your personal use, not for posting here ;-)
Logged
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare
felix eichhorns premium katzenfutter mit der extraportion energie
A router is not a switch - A router is not a switch - A router is not a switch - A rou....
mcc85s
Newbie
Posts: 6
Karma: 0
Re: CVE-2019-18634, CVE-2020-7450
«
Reply #2 on:
February 02, 2020, 06:30:13 pm »
Ok, what about for the developers?
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: CVE-2019-18634, CVE-2020-7450
«
Reply #3 on:
February 02, 2020, 06:46:15 pm »
They are also aware of this
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
chemlud
Hero Member
Posts: 2485
Karma: 112
Re: CVE-2019-18634, CVE-2020-7450
«
Reply #4 on:
February 02, 2020, 08:05:20 pm »
Quote from: mcc85s on February 02, 2020, 06:30:13 pm
Ok, what about for the developers?
...they also know how to press a button in their software... :-)
Logged
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare
felix eichhorns premium katzenfutter mit der extraportion energie
A router is not a switch - A router is not a switch - A router is not a switch - A rou....
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
CVE-2019-18634, CVE-2020-7450