Security vulnerabilities in ARP-GUARD
In the recent months and years there have been several security problems, and in some cases, our product ARP-GUARD was affected.
The current state is always visible for customers and partners under https://www.arp-guard.com/management/admin/help/knowledge_base/arp-guard-knowledge-base-2010-12.4.pdf.
Meltdown and Spectre
Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715) are security issues in modern microprocessors which have been published on Jan 3, 2018. Although ARP-GUARD appliances are in principle vulnerable for both attacks, the severity is somewhere between moderate and low because there is no foreign software running on the appliances. The software on the appliances is thoroughly checked by the CentOS team, the SECUDOS team and the ARP-GUARD team and only signed packages are accepted for updates.
DOMOS 4.10 and DOMOS 5.3 will soon be available for the 64 bits operating systems; the 32 bits appliances are discontinued. It is recommended to install the updates.