OPNsense 17.7.7 released

Franco Fichtner franco at opnsense.org
Thu Oct 26 13:50:00 UTC 2017

Previous message (by thread): OPNsense 17.7.6 released
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi there,

OpenSSH is being updated to version 7.6, which means this change breaks
compatibility with SSH protocol version 1 and refuses RSA keys smaller
than 1024 bits.  Ideally, none of this should matter in a security-aware
deployment, but it is safer to double-check before the upgrade.

A new plugin for the Telegraf agent was released and we have reworked the
GeoIP alias configuration to be less cumbersome.  We would like to thank
everyone for the steady stream of ideas and constructive discussion and
ask for more!

The 18.1-BETA call for testing will be out in the next 24 hours as well
for all enthusiasts who want to test-drive the change from FreeBSD 11.0
to 11.1.  It has been an unconventional development cycle and this time
around there will be no images until 18.1-RC in late December or January.

And here are the full patch notes:

o firewall: GeoIP alias edit UX rework
o reporting: increase database timeout to 60 seconds
o firmware: add server in Frankfurt, DE courtesy of ieji.de
o firmware: base / kernel lock API
o firmware: details dialog for plugins
o firmware: assorted minor UI tweaks
o dhcp: improve sorting of DHCP leases (contributed by Larry Meaney)
o ipsec: add rightsourceip = %radius for eap-radius
o ipsec: moved firewall rule generation to plugin code
o web proxy: remove default value of visible_hostname
o mvc: translate navigation tabs (contributed by Alexander Shursha)
o mvc: prevent faulty child node removal in serializeToConfig()
o plugins: os-freeradius 1.2.0 adds EAP-TLS support (contributed by Michael Muenz)
o plugins: os-intrusion-detection-content-snort-vrt 1.0 (contributed by shonjir)
o plugins: os-telegraf 1.0 for amd64 only (contributed by Michael Muenz)
o plugins: os-tor 1.1 fixes VIP usage and initial setup
o ports: curl 7.56.1[1]
o ports: openssh 7.6p1[2]
o ports: suricata 4.0.1[3]


Stay safe,
Your OPNsense team

--
[1] https://curl.haxx.se/changes.html
[2] https://www.openssh.com/txt/release-7.6
[3] https://suricata-ids.org/2017/10/18/suricata-4-0-1-available/

Previous message (by thread): OPNsense 17.7.6 released
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the announce mailing list