Thread Info
  • State Suggested Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 9 replies
  • Answers 2 answers
  • Subscribers 6 subscribers
  • Views 13016 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

What about CVE-2018-6789

MassimoDalla Giustina

Hi folks,

 

any news about new CVE-2018-6789?

Is there a patch release on the air for UTM?

In 9.508 version seems not present.

The alert is reported also in nakedsecurity

 

Cheers

Max.



This thread was automatically locked due to age.
Parents
  • 0

    Hi  

    There is currently a patch in development to address this vulnerability, I will update this thread with the latest news I receive.

    Regards,

    FloSupport | Community Support Engineer

    Florentino
    Director, Global Community & Digital Support
    Are you a Sophos Partner? | Product Documentation@SophosSupport | Sign up for SMS Alerts
    If a post solves your question, please use the 'Verify Answer' button.
    The Award-winning Home of Sophos Support Videos! - Visit Sophos Techvids
  • 0 in reply to FloSupport

    This is one of the cases where I would wish Sophos had a different approach to patches.
    Suppose there is then a 9.509 patch that fixes this problem.
    Due to the incremental strategy, I am forced to install 9.508 as well, knowing that I will have problems with SMIME, as this problem is probably not solved by then. Therefore, I can choose safety or functionality.
    Is the concept of the XG the same as that of the UTM? If not, that might be an argument for it.
    It's not a wish list, but sometimes separating functional and security updates would have great advantages.
    If so, a 9.506-3 would be desirable.
    But now enough of the criticism.

    Best
    Alex

    -

Reply
  • 0 in reply to FloSupport

    This is one of the cases where I would wish Sophos had a different approach to patches.
    Suppose there is then a 9.509 patch that fixes this problem.
    Due to the incremental strategy, I am forced to install 9.508 as well, knowing that I will have problems with SMIME, as this problem is probably not solved by then. Therefore, I can choose safety or functionality.
    Is the concept of the XG the same as that of the UTM? If not, that might be an argument for it.
    It's not a wish list, but sometimes separating functional and security updates would have great advantages.
    If so, a 9.506-3 would be desirable.
    But now enough of the criticism.

    Best
    Alex

    -

Children
No Data
Unfiltered HTML