Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 10 subscribers
  • Views 3616 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

OpenSSL Security update announced

Ben@Network

Hello Sophos,

are Sophos firewalls (SG and XG) affected by the OpenSSL vulnerability?
https://mta.openssl.org/pipermail/openssl-announce/2022-October/000238.html

Ben



This thread was automatically locked due to age.
Parents
  • 0

    You aren't giving them any time, are ya?!  LOL, it was announced a few hours ago.

    There's nothing I can find on CVE related to this and nothing really of note in that site that describes much.  Do you happen to know if they even related a CVE?  Is it even a vulnerability?

    EDIT:  Checking the IPS Rules covering CVE issues, the latest one I can find from this year is CVE 2022-1292 and that was fixed in 3.0.3 OpenSSL.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • 0 in reply to Amodin

    A note in one of the other forums advise both UTM and XG are not affected.

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

Reply Children
No Data
Unfiltered HTML