Jump to content

OpenSSL versions update.


Guest Killhippie

Recommended Posts

Guest Killhippie

I was wondering if the Netduma team will push Netgear to update to the least version of OpenSSL? Currently the XR500 is running 1.0.2n released in Dec 2017 (not bad for Netgear) the latest is 1.0.2o released in March 2018 which patches CVE-2018-0739  I mention this because If left to their own devices Netgear will not fix this on their own. The R7800 is still on version 1.0.2h which is from the 3rd of May 2016 and has many vulnerabilities. Hence my concerns.

 I assume (hate doing that)  Netduma have access to the XR500's GPL source code. If nobody updates the GPL packages ( there are many) Netgear wont, so they need a good swift kick in the Brazil nuts. Voxel on smallnetbuilder is the only other person I know who uses firmware based on stock with updated packages put in place and published on Github and released for download via smallnetbuilder. Netgear just cant be bothered it seems to keep their code up to date. Hence I am hoping Netduma's team can push to keep the XR500 up to date even on Netgears side?

Link to comment
Share on other sites

Guest Killhippie

Sure, I'll bring it up this week with the Netgear Development team and see if there is a plan of action for this.

Really glad to hear that, Fraser. Having Netgear keep up to date will probably make your lives easier as you are dealing with the latest GPL code and not some weird out of date code base with more security holes than swiss cheese and also making the security of the router so much better at the same time.  :) 

Link to comment
Share on other sites

Guest Killhippie

Looks like they've pushed the latest GPL for the next release so you'll have to let me know if thats correct once released.

okay I shall keep a look out. Netgear sometimes don’t publish the GPL code as fast as they should and on occasion skip it which they shouldn’t do, but I’ll check definitely
Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...