OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 21.7 Legacy Series »
  • OpenSSL and CVE-2021-3711 / CVE-2021-3712 / any others
« previous next »
  • Print
Pages: 1 [2]

Author Topic: OpenSSL and CVE-2021-3711 / CVE-2021-3712 / any others  (Read 4472 times)

harshw

  • Newbie
  • *
  • Posts: 37
  • Karma: 4
    • View Profile
Re: OpenSSL and CVE-2021-3711 / CVE-2021-3712 / any others
« Reply #15 on: September 10, 2021, 01:37:48 am »
Quote from: franco on September 06, 2021, 09:51:40 am
21.7.2 is due tomorrow.
Cheers,
Franco

Franco - for important security updates like this - would they be backported to the previous version for a short period (e.g. 21.1.9 gets a hot fix for OpenSSL) ? I ask because it is not always easy to move to the new version immediately since it requires planning etc, but a hotfix for the current version is 100x easier to apply ...
Logged

mimugmail

  • Hero Member
  • *****
  • Posts: 6342
  • Karma: 436
    • View Profile
Re: OpenSSL and CVE-2021-3711 / CVE-2021-3712 / any others
« Reply #16 on: September 10, 2021, 06:51:38 am »
Did you try to take the pkg and install manually in a test system? It should be compatible
Logged
Twitter: mimu_muc
WWW: www.routerperformance.net
Support plans: https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German): https://opnsense.max-it.de/

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13957
  • Karma: 1210
    • View Profile
Re: OpenSSL and CVE-2021-3711 / CVE-2021-3712 / any others
« Reply #17 on: September 10, 2021, 08:38:55 am »
Quote from: harshw on September 10, 2021, 01:37:48 am
Franco - for important security updates like this - would they be backported to the previous version for a short period (e.g. 21.1.9 gets a hot fix for OpenSSL) ? I ask because it is not always easy to move to the new version immediately since it requires planning etc, but a hotfix for the current version is 100x easier to apply ...

Technically, this is what the business version is for... you are about three months behind on the next major version but important security fixes are carried out independently as was the case with 21.4.3 hotfix for OpenSSL.

Practically, you can always build and replace OpenSSL or any other piece of software with the ports tree.


Cheers,
Franco
Logged
  • Print
Pages: 1 [2]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 21.7 Legacy Series »
  • OpenSSL and CVE-2021-3711 / CVE-2021-3712 / any others
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2