Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    FreeBSD-SA-13:02.libc

    General pfSense Questions
    2
    3
    699
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      Blooregard last edited by

      Gentleman!

      How far this can be in pfSense? Should we concerned about it?

      http://www.freebsd.org/security/advisories/FreeBSD-SA-13:02.libc.asc

      Greetings!

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        We don't have any way to pass user data into a glob that would result in any means to exploit that.

        2.1 will pick up the fix automatically, but even on 2.0.x it's not much to worry about. Not unless you let random people into the shell of the firewall that you don't trust (which you shouldn't be doing anyhow…)

        1 Reply Last reply Reply Quote 0
        • B
          Blooregard last edited by

          Thanks jimp!

          1 Reply Last reply Reply Quote 0

          Products

          • Platform Overview
          • TNSR
          • pfSense
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2020 Rubicon Communications, LLC | Privacy Policy