This relates to the recent news that OpenSSL in certain version is compromised. And that FortiOS uses OpenSSL code.

Look for yourself...https://www.openssl.org/news/vulnerabilities.html

OMG that's a LOT of bugs this year alone. Good to know but bad to use.

 

@Waleed:

AFAIK you cannot determine the code version used. No sense in asking Support because if I were FTNT I wouldn't tell for obvious reasons.

 

'Upgrading' is done by FTNT by recompiling the code against a safe version and publishing that as a patch release.

Follow the release notes and upgrades  to stay  update to best security and functions.

 

at first many thanks for u all , after follow release notes i know that openssl issues solved in some patches so i will upgrade to solve our issues

 

but i want to know if can i use any thing instead openssl through fortimail ?

Waleed Wardany wrote:

at first many thanks for u all , after follow release notes i know that openssl issues solved in some patches so i will upgrade to solve our issues

 

but i want to know if can i use any thing instead openssl through fortimail ?

It cant be fixed in the latest FortiMail release.

The OpenSSL fix release is newer than the latest FortiMail release.

OpenSSL released their fixes on 22 September 2016 and FortiMail 5.3.5 has been released on 20 September 2016.

by using

# fnsysctl ls usr/lib/x86_64-linux-gnu/

freerdp gssntlmssp.so ld-linux-x86-64.so.2 

libblkid.so.1 libc.so.6 libcairo.so.2 

libcom_err.so.2 libcom_err.so.3 libcrypt.so.1 

libcrypto.so.1.1  libdl.so.2 libe2p.so.2 

libext2fs.so.2 libffi.so.6 libfosrt.so 

libfreerdp-client.so.1.2 libfreerdp.so.1.2 libfreetype.so.2.8 

libgcc_s.so.1 libgd.so.3 libglib-2.0.so.0 

libgmp.so.10 libgobject-2.0.so.0 libgomp.so.1 

libgssapi_krb5.so.2 libguac-client-rdp.so libguac-client-vnc.so 

libguac-common.so libguac.so libiconv.so 

libjpeg.so.9 libk5crypto.so.3 libklib.so 

libkrb5.so.3 libkrb5support.so.0 liblasso.so.3 

liblber-2.4.so.2 libldap-2.4.so.2 liblmdb.so 

libltdl.so.7 libm.so.6 libpixman-1.so.0 

libpng.so.3 libpng12.so.0 libpth_pthread.so 

libpthread.so.0 libresolv.so.2 librt.so.1 

libsegfault.so libssl.so.1.1 libstdc++.so.6 

libunistring.so.2 libunwind.so.8 libusb-1.0.so.0 

libusb-cx.so libutil.so.1 libuuid.so.1 

libvncclient.so.1 libwinpr.so.1.1 libxml2.so.2 

libxmlsec1-openssl.so libxmlsec1-openssl.so.1 libxmlsec1.so.1 

libxslt.so.1 libz.so.1 x86_64-linux-gnu 

 We could deduce based on that lib that it is an openssl 1.1(?) and because my FortiOS version supports TLS 1.3 it must be 1.1.1(something)