Jump to content
Sign in to follow this  
Killhippie

OpenSSL versions update.

Recommended Posts

I was wondering if the Netduma team will push Netgear to update to the least version of OpenSSL? Currently the XR500 is running 1.0.2n released in Dec 2017 (not bad for Netgear) the latest is 1.0.2o released in March 2018 which patches CVE-2018-0739  I mention this because If left to their own devices Netgear will not fix this on their own. The R7800 is still on version 1.0.2h which is from the 3rd of May 2016 and has many vulnerabilities. Hence my concerns.

 I assume (hate doing that)  Netduma have access to the XR500's GPL source code. If nobody updates the GPL packages ( there are many) Netgear wont, so they need a good swift kick in the Brazil nuts. Voxel on smallnetbuilder is the only other person I know who uses firmware based on stock with updated packages put in place and published on Github and released for download via smallnetbuilder. Netgear just cant be bothered it seems to keep their code up to date. Hence I am hoping Netduma's team can push to keep the XR500 up to date even on Netgears side?

Share this post


Link to post
Share on other sites

Sure, I'll bring it up this week with the Netgear Development team and see if there is a plan of action for this.

Really glad to hear that, Fraser. Having Netgear keep up to date will probably make your lives easier as you are dealing with the latest GPL code and not some weird out of date code base with more security holes than swiss cheese and also making the security of the router so much better at the same time.  :) 

Share this post


Link to post
Share on other sites

Looks like they've pushed the latest GPL for the next release so you'll have to let me know if thats correct once released.

okay I shall keep a look out. Netgear sometimes don’t publish the GPL code as fast as they should and on occasion skip it which they shouldn’t do, but I’ll check definitely

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×