SSL:openssl library version

Why is there following error message? I thought SSL is in all versions of OS up to date.

2024-10-17 19:27:58: (…/src/mod_openssl.c.3141) SSL:openssl library version is outdated and has reached end-of-life. As of 11 Sep 2023, only openssl 3.0.0 and later continue to receive security patches from openssl.org

Seen in last update of MOX OS 7.1 HBK today, repeated number of times in many previous updates…

1 Like

Cruel true.

Wait to TOS 9 baseon on OpenWrt 24.10.

actually TOS8 will be based on currently maintained openwrt 23.05 where openssl 3.0 is used (current LTS version)
see https://downloads.openwrt.org/releases/23.05.5/packages/arm_cortex-a9_vfpv3-d16/base/libopenssl-afalg_3.0.15-1_arm_cortex-a9_vfpv3-d16.ipk

Hi,

becoming aware of this - kindly asking if this can compromise the sentinel network. Sentinel has to communicate through a secure protocol with ZeroMG messages, which in itself is providing the structure of deploying not securing communications. Or am I totally misunderstanding?

Thx,
Vienna

I’d say we’re fine using 1.1.1 for now - no major vulnerability AFAIK

TOS9? :scream: 20 characters…

i see none worth a worry - do you know of one @viktor ?

@victor knows 0-days the world never heard about easy

1 Like