Hello Sophos, are Sophos firewalls (SG and XG) affected by the OpenSSL vulnerability? https://mta.openssl.org/pipermail/openssl-announce/2022-October/000238.html Ben

It would appear that UTM 9.7 is vulnerable to CVE-2022-0778 as described in https://www.openssl.org/news/secadv/20220315.txt As I read the alert, it would appear that this has severe impact for all the older OpenSSL releases like are being used on the…

Hi, there´s a new Bug in OpenSSL that was fixed today. Is there a plan to include it in UTM? Or is it not affected. Kind Regards

So, I've been trying to generate a CSR from my gateway (UTM 9), here is the commands I've run from an SU prompt: openssl genrsa -aes256 -out gateway.key 2048 <--- This works fine, generates the key file correctly. openssl req -new -key gateway.key…

Hello, I would like to write a firewall rule to drop all SSLv2 traffic attempting to travel through our UTM because of the DROWN vulnerability . We have a couple of servers susceptible to the attack and it would be nice to first block the attack at…