Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Upgrade because of heartbleed

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    2 Posts 2 Posters 821 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N Offline
      newbieuser1234
      last edited by

      I know an upgrade is recommended, but I have one machine running 2.0.2 or 2.0.1, I don't recall. It has openvpn installed and requires and cert and username and password to authenticate.  Is that vulnerable to heartbleed? The device is in a location that is difficult to access in the event of needing a manual reboot.  openvpn is also on a non-standard port.  i am worried about an external vulnerability to heartbleed, not internal. any help is appreciated. thanks.

      1 Reply Last reply Reply Quote 0
      • stephenw10S Offline
        stephenw10 Netgate Administrator
        last edited by

        The vulerability was only introduced with 2.1 so you should not be vulnerable to heartbleed.

        Additionally OpenVPN is not vulnerable in its default configuarion:
        https://forum.pfsense.org/index.php?topic=74796.msg409174#msg409174

        However that doesn't mean that your outdated install isn't vulnerable to all the other fixes that have gone in since 2.0.2.  ;)

        Steve

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.