Hello, We have PCI compliancy organisation requesting information/documentation on whether Sophos UTM is vulnerable to a range of CVE's based on detecting version of the Exim component. Some of the CVE's information as asked already, however we haven…

There is a vulnerability in OpenSSL: https://www.openssl.org/news/secadv/20201208.txt It could be used for a denial-of-service attack openSSL has it already fixed, when will it be included into UTM (and XG)? BR Edmund