Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Critical flaw in OpenSSL announced
« previous
next »
Print
Pages: [
1
]
Author
Topic: Critical flaw in OpenSSL announced (Read 1181 times)
EdwinKM
Full Member
Posts: 155
Karma: 5
Critical flaw in OpenSSL announced
«
on:
October 27, 2022, 11:35:38 pm »
Did a fast scan and found nothing. No blog item.
1 November people expect a patch for OpenSSL
https://tweakers.net/nieuws/202682/openssl-kondigt-update-aan-voor-kritiek-beveiligingslek.html
.
Does this affect the OpnSense community? Should people patch this day? I hope OpnSense will inform the users.
Especially strange because the business release is released yesterday (and no openssl reference)
Logged
Mks
Sr. Member
Posts: 272
Karma: 19
Re: Critical flaw in OpenSSL announced
«
Reply #1 on:
October 28, 2022, 06:36:12 am »
Hi,
I've the latest version of OpnSense installed. You could check your OpenSSL version with:
Code:
[Select]
openssl version
Mine is OpenSSL 1.1.1o-freebsd 3 May 2022
According to
https://www.mail-archive.com/openssl-users@openssl.org/msg91244.html
the critical issue applies to 3.0.0 - 3.0.6 only. It does not apply to any 1.1.1 release.
br
Logged
DEC670airp414user
Full Member
Posts: 163
Karma: 8
Re: Critical flaw in OpenSSL announced
«
Reply #2 on:
October 30, 2022, 01:08:38 pm »
OPNsense 22.10-amd64
FreeBSD 13.1-RELEASE-p2
OpenSSL 1.1.1q 5 Jul 2022
is the current version of business release on my 670
Logged
RamSense
Hero Member
Posts: 595
Karma: 10
Re: Critical flaw in OpenSSL announced
«
Reply #3 on:
October 30, 2022, 06:54:10 pm »
For the community version also:
OPNsense 22.7.6-amd64
FreeBSD 13.1-RELEASE-p2
OpenSSL 1.1.1q 5 Jul 2022
The terminal [openssl version] lookup gives a different version back (?)
# openssl version
OpenSSL 1.1.1o-freebsd 3 May 2022
«
Last Edit: October 30, 2022, 07:03:19 pm by RamSense
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Critical flaw in OpenSSL announced
