Palo Alto Networks has updated two Security Advisories https://securityadvisories.paloaltonetworks.com/.
PAN-SA-2018-0012–Information about FragementSmack findings
· Severity = Medium
· Fixed in PAN-OS 7.1.20 and PAN-OS 6.1.22. We will update the security advisory as soon as fixes are available for PAN-OS 8.0 and PAN-OS 8.1.
· Only affects the Management Plane of PAN-OS
· CVE-2018-5391
· Update: Fix for 6.1.22 is available
PAN-SA-2018-0015 – OpenSSL Vulnerabilities in PAN-OS
· Severity = Medium
· Fixed in PAN-OS 8.1.4 and later, and WF-500 running WF-500 software version 8.1.4 and later. Security Advisory will be updated as soon as fixes are available for PAN-OS 7.1 and PAN-OS 8.0.
· The OpenSSL library in use by PAN-OS is patched on a regular basis.
· CVE-2018-0732, CVE-2018-0737 and CVE-2018-0739
· Update: Affected products updated to reflect WF-500 appliances
Details of the issues, affected versions, and any mitigation information can be found in the Security Advisories.
Please visit our Security Advisories website to learn more at https://securityadvisories.paloaltonetworks.com/
If you have questions, please contact support https://www.paloaltonetworks.com/company/contact-support
Regards
Product Security Incident Response Team
Palo Alto Networks