Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
21.1 Legacy Series
»
Run security audit
« previous
next »
Print
Pages: [
1
]
Author
Topic: Run security audit (Read 2863 times)
reachmedia
Newbie
Posts: 2
Karma: 1
Run security audit
«
on:
April 21, 2021, 12:01:30 pm »
Hi opnsense,
Please advise.
Just ran a security audit and the below is shown:
***GOT REQUEST TO AUDIT SECURITY***
Currently running OPNsense 21.1.4 (amd64/OpenSSL) at Wed Apr 21 17:58:46 +08 2021
Fetching vuln.xml.bz2: .......... done
curl-7.75.0 is vulnerable:
curl -- Automatic referer leaks credentials
CVE: CVE-2021-22876
WWW:
https://vuxml.FreeBSD.org/freebsd/b1194286-958e-11eb-9c34-080027f515ea.html
curl-7.75.0 is vulnerable:
curl -- TLS 1.3 session ticket proxy host mixup
CVE: CVE-2021-22890
WWW:
https://vuxml.FreeBSD.org/freebsd/d10fc771-958f-11eb-9c34-080027f515ea.html
nettle-3.6 is vulnerable:
nettle 3.7.2 -- fix serious ECDSA signature verify bug
WWW:
https://vuxml.FreeBSD.org/freebsd/80f9dbd3-8eec-11eb-b9e8-3525f51429a0.html
dnsmasq-2.84,1 is vulnerable:
dnsmasq -- cache poisoning vulnerability in certain configurations
CVE: CVE-2021-3448
WWW:
https://vuxml.FreeBSD.org/freebsd/5b72b1ff-877c-11eb-bd4f-2f1d57dafe46.html
4 problem(s) in 3 installed package(s) found.
***DONE***
Logged
franco
Administrator
Hero Member
Posts: 17570
Karma: 1596
Re: Run security audit
«
Reply #1 on:
April 21, 2021, 12:12:46 pm »
Update to 21.1.5
Cheers,
Franco
Logged
franco
Administrator
Hero Member
Posts: 17570
Karma: 1596
Re: Run security audit
«
Reply #2 on:
April 21, 2021, 12:13:37 pm »
PS:
> Please advise.
The security scanner is for your convenience already, not for asking questions what to do with its results.
Logged
reachmedia
Newbie
Posts: 2
Karma: 1
Re: Run security audit
«
Reply #3 on:
April 21, 2021, 12:29:35 pm »
Hi Franco,
Apologies ... i ran updates before you posted 21.1.5, which I just ran again and saw it. Its just to highlight the issues.
Thanks
Logged
franco
Administrator
Hero Member
Posts: 17570
Karma: 1596
Re: Run security audit
«
Reply #4 on:
April 21, 2021, 03:37:01 pm »
No worries. Happy to be able to provide the update today.
Cheers,
Franco
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
21.1 Legacy Series
»
Run security audit