05-06-2022 11:54 AM
I am still looking/waiting on 5.2.13 to address the most recent security vulnerabilities. A couple of weeks ago they updated the bulletin to indicate the issue was not present in 5.2.13, but there is no 5.2.13 that I can find on Palo's site or on the actual firewall's software page. Surprised to see that 6.0.1 was released this week to address these security defects when I don't think anyone should be using any Palo 6.0 release.
Has anyone heard about the updated release? Or have I missed something and we are supposed to upgrade to an unstable 6.0.1 product as we always wait months after a new release?
05-07-2022 04:07 AM
Hi Eddie,
Which vulnerability you are looking to get a fix for ? the link below shows the known vulnerabilities and affected /unaffected version if you haven't check it already.
https://security.paloaltonetworks.com/?product=GlobalProtect+App&sort=-date
05-07-2022 11:11 AM
He is referring to the OpenSSL infinity loop vulnerability, CVE-2022-0778. PA released the PANOS patch, but has not yet released the GP client patch. Was scheduled to be released "April 2022". Now saying the ETA is May 2022 for 5.x versions:
05-09-2022 08:28 AM
05-09-2022 09:47 PM
Yeah, the 6.0.1 has the fix for emergency use and 5.2.12 with the fix is expected sometime in May. Exact ETA will likely be not available since this will be subject to lots of QA processes before it is ready for release.
05-10-2022 08:05 AM
Thanks for sharing the new target date is this month. The info is in the security bulletin under the Solution section and is up to date as of 5/4/22.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
