OPNsense 15.1.11.4 released
Franco Fichtner
franco at opnsense.org
Fri Jun 12 15:21:21 CEST 2015
Hi there,
coincidentally, we scheduled 15.1.11.4 for today and have
found ourselves in the middle of an OpenSSL/LibreSSL update.
FreeBSD has been really quick and provided ports updates for
both of them. OpenSSL base updates, however, won’t be shipped
today. That isn’t so bad, because we build all ports against
the newer version by default. The base update will follow next
week.
There have been quite a few things happening apart from *SSL,
see the notes and links to individual updates. Another round
of stabilisation for the firmware GUI will make upgrading a bit
more consistent in the future. And, ironically, if you encounter
the update freezing up in the GUI, simply refresh the page and
look for new updates.
Here is the full list of changes:
o notable ports updates: pcre 8.37_1 [1], phalcon 2.0.2 [2],
strongswan 5.3.2 [3], sqlite 3.8.10.2 [4]
o more notable ports: openvpn 2.3.7 [5], openssl 1.0.2b [6],
libressl 2.1.7 [7], pkg 1.5.4 [8]
o opnsense-update: has gained the ability to do package
updates as well
o core: removed unused ssh_tunnel_shell and 3gstats utilities,
added sudo to the default utilities
o captiveportal/traffic shaper: better fix for localhost skip
o traffic shaper: added ICMP, IGMP, ESP, AH and GRE protocols
to selectable protocols
o core: fixed a bug that prevented our API from working properly
with Phalcon 2.0.1 and above
o backend: added configctl command utility launcher and improved
its logging capabilities
o backend: worked around a performance degradation bug in
Python 2.7 on FreeBSD
o gateways: monitoring via `apinger’ is now turned off by default
for all new gateways created (opt-out flipped to opt-in
for privacy reasons)
o firmware: refactored firmware code to use opnsense-update’s
new capabilities
o firmware: fix parsing of packages to be upgraded in fringe cases
o firmware: fix overzealous caching of available package upgrades
o users: user with group admins now have `wheel’ group associated
with them, allowing them to us `su’ or `sudo’ (if configured)
o users: do not copy root’s hidden files while creating a new user
home directory
Stay safe,
Your OPNsense team
[1] https://github.com/freebsd/freebsd-ports/commit/030adcf1d
[2] https://github.com/phalcon/cphalcon/releases
[3] https://wiki.strongswan.org/projects/strongswan/wiki/Changelog53
[4] https://www.sqlite.org/releaselog/3_8_10_2.html
[5] https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23#OpenVPN2.3.7
[6] http://marc.info/?l=openbsd-announce&m=143404058913441
[7] https://github.com/freebsd/freebsd-ports/commit/40365ab880101ee
[8] https://www.openssl.org/news/secadv_20150611.txt
More information about the announce
mailing list