Hi guys,

Today we are following up on the OpenSSL advisories. LibreSSL was not affected (surprise, surprise), but received a tiny fix to sync up with the deprecation of the high-severity SSL_OP_SINGLE_DH_USE option of its sibling.

In other news, we are shipping a few minor fixes along with all-new SSL-centric rulesets for the intrusion prevention courtesy of abuse.ch[3]. Protect your assets, they are worth it!

Without fuzz, here are the full patch notes:


Stay safe,
Your OPNsense team