Recent OpenSSL vulnerabilities do not affect any VyOS versions
Many people are concerned about recently announced OpenSSL vulnerabilities (CVE-2022-3786 and CVE-2022-3602). However, none of the VyOS versions ever released a...
Category: VyOS Platform Blog | security (2)
The future of VyOS image signature verification
There's one thing about our releases that we introduced quietly and neglected to explain to those unfamiliar with it: minisign signatures. Let's discuss why we ...
The post categories:
security
VyOS 1.3.1-S1 security release
Hello Community! VyOS 1.3.1-S1 security release is now available to customers and contributors to download, and everyone can build it from the source. It fixes ...
CVE-2022-0778: remote DoS in OpenSSL, VyOS 1.3.0 is affected
Hello Community! Yesterday the OpenSSL team disclosed a remote DoS vulnerability in OpenSSL versions 1.0.2, 1.1.1, and 3.0. You can find a complete description ...
Log4Shell vulnerability
Hello Community! Everyone is talking about the CVE-2021-44228 vulnerability recently found in the Log4j logging library, which was nicknamed Log4Shell because i...
VyOS 1.2.6-S1 security release
VyOS 1.2.6 release was found to be suspectible to CVE-2020-10995. It's a low-impact vulnerability in the PowerDNS recursor that allows an attacker to cause perf...
CVE-2019-11477 (TCP SACK panic) and an Intel i40e driver issue
Recently discovered vulnerability in the Linux kernel's TCP selective acknowledgement processing code potentially allows a remote attacker to cause a kernel pan...
The "operator" level is proved insecure and will be removed in the next releases
The operator level in VyOS is a legacy feature that was inherited from the forked Vyatta Core code. It was always relatively obscure, and I don't think anyone r...
On security of GRE/IPsec scenarios
As we've already discussed, there are many ways to setup GRE (or something else) over IPsec and they all have their advantages and disadvantages. Recently an is...
