Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Upstream fixes missing?

    Installation and Upgrades
    2
    2
    109
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tm_an last edited by

      I'm a little worried now, that something went wrong, maybe locally at our side.
      It's been 22 days since CVE-2020-25577 and CVE-2020-7469 were announced, with possible remote code execution affecting FreeBSD.
      I was told, the fix is already in the pipeline, but I have checked frequently since, and have not seen any updates for 2.4.5-RELEASE-p1.

      Can anyone shed some light on this? Is pfSense not affeccted, or is there some other reason for the delay? Or is my local update bugged?

      Cheers,
      Tobias

      Gertjan 1 Reply Last reply Reply Quote 0
      • Gertjan
        Gertjan @tm_an last edited by

        @tm_an said in Upstream fixes missing?:

        Or is my local update bugged?

        Easy to check. Visit System > Update System Update : does it say "up to date" ?
        Visit System > Package Manager > Available Packages : does the list gets populated ? Do you receive package updates ones in a while ?
        Visit SSH (console) : option 8 and " pkg update" : do you receive a :

        pfSense repository is up to date.
All repositories are up to date.

        About "CVE-2020-25577" : see for yourself : https://www.cybersecurity-help.cz/vdb/SB2020120118

        The first one : local access is needed ..
        The second part : a special ICMPv6 crafted package : you use IPv6 ? Accessible from the outside ? Normally, there are no WAN rules, that is, there will be one rule : block everything. Crafted, or not.

        CVE-2020-7469 : somewhat the same thing : ICMPv6 : https://lists.freebsd.org/pipermail/freebsd-announce/2020-December/002000.html (take note that FreeBSD 11.3 isn't listed here which means there is no patch available or the issue doesn't exist for 11.3).

        Anyway, it's an upstream FreeBSD issue.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post

        Products

        • Platform Overview
        • TNSR
        • pfSense
        • Appliances

        Services

        • Training
        • Professional Services

        Support

        • Subscription Plans
        • Contact Support
        • Product Lifecycle
        • Documentation

        News

        • Media Coverage
        • Press
        • Events

        Resources

        • Blog
        • FAQ
        • Find a Partner
        • Resource Library
        • Security Information

        Company

        • About Us
        • Careers
        • Partners
        • Contact Us
        • Legal
        Our Mission

        We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

        Subscribe to our Newsletter

        Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

        © 2021 Rubicon Communications, LLC | Privacy Policy