OPNsense 15.7.6 released

Franco Fichtner franco at opnsense.org
Fri Jul 31 17:18:21 CEST 2015

Hello everyone,

this is 15.7.6 due to several security advisories for
FreeBSD as well as OpenSSH and Bind problems.  Reference
links are provided for external issues as always. More
crash reports came in for issues that date back to as
much as a few years long before we started OPNsense.  We
are very happy for the chance to finally flush them out
of the code base. 

The update requires a reboot. Here are the full patch

o src: shell injection vulnerability in patch(1) [1]
o src: resource exhaustion in TCP reassembly [2]
o src: OpenSSH multiple vulnerabilities [3]
o ports: phalcon 2.0.6 [4], openssh 6.9p1 [5],
	bind 9.10.2P3 [6], dnsmasq 2.74 [7]
o opnsense-update: can now replace mirror locations
o crash reporter: fixed numerous remotely-submitted
	warnings and bugs
o universal plug and play: fixed concurrent enable for
	UPnP and NAT-PMP (Contributed by Chong Cheung)
o intrusion detection: reload general settings after
o intrusion detection: revised rule and ruleset toggle
o firmware: better upgrade reboot detection
o proxy: fix service start when IPv6 was disabled via
	system settings
o system: revised the VLAN acceleration disable option
	to properly unset the interface flags

Stay safe,
Your OPNsense team
[1] https://www.freebsd.org/security/advisories/FreeBSD-SA-15:14.bsdpatch.asc
[2] https://www.freebsd.org/security/advisories/FreeBSD-SA-15:15.tcp.asc
[3] https://www.freebsd.org/security/advisories/FreeBSD-SA-15:16.openssh.asc
[4] https://github.com/phalcon/cphalcon/releases/tag/phalcon-v2.0.6
[5] http://www.openssh.com/txt/release-6.9
[6] https://kb.isc.org/article/AA-01280/81/BIND-9.10.2-P3-Release-Notes.html
[7] http://www.thekelleys.org.uk/dnsmasq/CHANGELOG

More information about the announce mailing list