This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is 9.411 affected by CVE-2017-3733 (OpenSSL bug)?

See https://www.openssl.org/news/secadv/20170216.txt

9.411 uses OpenSSL 1.0.1k, support for this version ends 2016/12/31. There is no info, if this old version is affected. Does anyone has an official statement from Sophos?

Regards

Manuel

This thread was automatically locked due to age.

Parents

0 BAlfson over 7 years ago

Hi, Manuel, and welcome to the UTM Community!

If this is not a home-use license, please let us know what your reseller finds when posing this question to Sophos.

In general, you will find that most modules used in UTM are not the most recent ones. Sophos developers test, tighten and enhance each module. This is a recent enough discovery that I haven't seen anything in official Sophos communications. In fact, we don't know if the implementation suffers from the problem at all.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 7 years ago

Hi, Manuel, and welcome to the UTM Community!

If this is not a home-use license, please let us know what your reseller finds when posing this question to Sophos.

In general, you will find that most modules used in UTM are not the most recent ones. Sophos developers test, tighten and enhance each module. This is a recent enough discovery that I haven't seen anything in official Sophos communications. In fact, we don't know if the implementation suffers from the problem at all.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data