Palo Alto Networks has updated a Security Advisory https://securityadvisories.paloaltonetworks.com/.
PAN-SA-2018-0015 – OpenSSL Vulnerabilities in PAN-OS – Fix is available for 7.1.21
· Severity = Medium
· Fixed in PAN-OS 7.1.21 and later, PAN-OS 8.1.4 and later, and WF-500 running WF-500 software version 8.1.4 and later. Security Advisory will be updated as soon as fix is available for PAN-OS 8.0.
· The OpenSSL library in use by PAN-OS is patched on a regular basis.
· CVE-2018-0732, CVE-2018-0737 and CVE-2018-0739
· Update: A fix is available in PAN-OS 7.1.21
Details of the issues, affected versions, and any mitigation information can be found in the Security Advisories.
Please visit our Security Advisories website to learn more at https://securityadvisories.paloaltonetworks.com/
If you have questions, please contact support https://www.paloaltonetworks.com/company/contact-support
Regards
Product Security Incident Response Team
Palo Alto Networks