Software-update: OPNsense 24.7.8
Het pakket OPNsense is een firewall met uitgebreide mogelijkheden. Het is gebaseerd op het besturingssysteem FreeBSD en is oorspronkelijk een fork van m0n0wall en pfSense. Het pakket kan volledig via een webinterface worden ingesteld en heeft onder andere ondersteuning voor mfa, OpenVPN, IPsec, CARP en captive portal. Daarnaast kan het packetfiltering toepassen en beschikt het over een traffic shaper. De ontwikkelaars hebben OPNsense 24.7.8 uitgebracht en de releasenotes voor die uitgave kunnen hieronder worden gevonden.
OPNsense 24.7.8 releasedMinor update with FreeBSD security advisories and a number of stable branch patches for various Intel drivers. Two problems with the RRD rework are herby fixed as well.
Here are the full patch notes:system: add missing MinProtocol in OpenSSL config template from trust settingssystem: add SignatureAlgorithms option and fix minor form glitch in trust settingssystem: bring CRLs into bundles as wellsystem: sync certctl to FreeBSD 14.1 base code et alreporting: isset() vs. empty() on RRD enablereporting: fix regression in RRD temperature readingsinterfaces: parse part of SFP module information in legacy_interfaces_details()firewall: add a note about stateless TCP during syncookie usefirewall: enhance validation that group name can not start or end with a digitfirmware: improve health script and use config.shfirmware: rework CRL check in config.shfirmware: use the trust store for CRL verificationlang: update available translationsipsec: add swanctl.conf download button to settings pageipsec: add description field to pre-shared-keysisc-dhcp: safeguard output type for json_decode() in leases pageunbound: allow RFC 2181 compatible names in overridesmvc: fix UpdateOnlyTextField incompatibility with DependConstraint (contributed by kumy)plugins: os-bind 1.33plugins: os-caddy 1.7.4plugins: os-etpro-telemetry lowers log level of collection invoke (contributed by doktornotor)plugins: os-iperf fixes JS TypeError when parsing result (contributed by Leo Huang)plugins: os-tinc removes "pipes" Python module dependency (contributed by andrewhotlab)src: multiple issues in the bhyve hypervisorsrc: unbounded allocation in ctl(4) CAM Target Layersrc: XDG runtime directory file descriptor leak at loginsrc: assorted FreeBSD stable patches for Intel ixgbe, igb, igc and e1000 driverssrc: cxgb: register ifmedia callbacks before ether_ifattachsrc: enc: use new KPI to create enc interfacesrc: ifconfig: fix wrong indentation for the status of pfsyncsrc: iflib: simplify iflib_legacy_setupsrc: iflib: use if_alloc_dev() to allocate the ifnetsrc: netmap: make memory pools NUMA-awaresrc: vlan: handle VID conflictsports: libpfctl 0.14ports: nss 3.106ports: php 8.2.25
system: add missing MinProtocol in OpenSSL config template from trust settingssystem: add SignatureAlgorithms option and fix minor form glitch in trust settingssystem: bring CRLs into bundles as wellsystem: sync certctl to FreeBSD 14.1 base code et alreporting: isset() vs. empty() on RRD enablereporting: fix regression in RRD temperature readingsinterfaces: parse part of SFP module information in legacy_interfaces_details()firewall: add a note about stateless TCP during syncookie usefirewall: enhance validation that group name can not start or end with a digitfirmware: improve health script and use config.shfirmware: rework CRL check in config.shfirmware: use the trust store for CRL verificationlang: update available translationsipsec: add swanctl.conf download button to settings pageipsec: add description field to pre-shared-keysisc-dhcp: safeguard output type for json_decode() in leases pageunbound: allow RFC 2181 compatible names in overridesmvc: fix UpdateOnlyTextField incompatibility with DependConstraint (contributed by kumy)plugins: os-bind 1.33plugins: os-caddy 1.7.4plugins: os-etpro-telemetry lowers log level of collection invoke (contributed by doktornotor)plugins: os-iperf fixes JS TypeError when parsing result (contributed by Leo Huang)plugins: os-tinc removes "pipes" Python module dependency (contributed by andrewhotlab)src: multiple issues in the bhyve hypervisorsrc: unbounded allocation in ctl(4) CAM Target Layersrc: XDG runtime directory file descriptor leak at loginsrc: assorted FreeBSD stable patches for Intel ixgbe, igb, igc and e1000 driverssrc: cxgb: register ifmedia callbacks before ether_ifattachsrc: enc: use new KPI to create enc interfacesrc: ifconfig: fix wrong indentation for the status of pfsyncsrc: iflib: simplify iflib_legacy_setupsrc: iflib: use if_alloc_dev() to allocate the ifnetsrc: netmap: make memory pools NUMA-awaresrc: vlan: handle VID conflictsports: libpfctl 0.14ports: nss 3.106ports: php 8.2.25
Source:
Tweakers.net