Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    how to patch packages belonging to the core pfsense installation ?

    Scheduled Pinned Locked Moved General pfSense Questions
    2 Posts 2 Posters 338 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      fddi73
      last edited by

      Hello,
      I am running pfsense2.6.0-RELEASE.
      There are a number of packages with vulnerabilities.
      For instance strongswan-5.9.4 is vulnerable (CVE-2021-45079) and this has been resolved in strongswan-5.9.5
      How to upgrade specific packages which are affected by known vulnerabilities ? These vulnerabilities prevent me to be able to use pfSense CE in a production environment
      because of Cyber complaints, if I am not able to fix them in some way. Open to any solution you might suggest me.

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by stephenw10

        That particular CVE does not affect pfSense because it only applies to strongswan when acting as an EAP client which pfSense cannot be configured to do.
        That is often the case, FreeBSD vulnerabilities do not necessarily apply to pfSense.
        If it was affected we would either make a point release to address it or build an updated pkg in our repo which you could 'pkg upgrade' to depending on the level of assessed risk.

        Steve

        1 Reply Last reply Reply Quote 2
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.