Die Open-Source Firewall OPNsense, wurde aktualisiert und steht in Version 18.7.8 bereit. Das Bugfix / Stable Release führt einige Verbesserungen durch und behebt kleinere Fehler. Weiterhin wurde die bereits angekündigte Authentifizierung mittels LDAP+TOTP hinzugefügt.
Weiterhin wurden einige Programme aktualisiert:
- OpenSSL 1.0.2q
- OpenSSH 7.9p1
- Sudo 1.8.26)
- Cyrus-Sasl 2.1.27
- Lighttpd 1.4.51
- PHP 7.1.24
Nach dem Upate ist kein Neustart notwendig.
OPNsense Release Notes 18.7.8
- system: show the actual validation messages for NextCloud backup constraints
- system: LDAP import button primary colour and prevent default page submit
- system: add LDAP+TOTP authentication variant (2FA)
- system: avoid silent fatal error when LDAP OUs could not be retrieved
- system: avoid duplicated cookies on login page by not closing session
- system: allow to fully disable misc. reboot failsafe backups
- system: switch default argument for return_gateways_status()
- system: add “Synchronize config to backup” button to HA status page
- system: disable help text expand when backup fields have no help text
- system: sort user and group lists alphabetically
- interfaces: add CARP info to legacy_interfaces_details()
- interfaces: removal of find_interface_subnet() and find_interface_subnetv6()
- interfaces: introduce find_interface_network() and find_interface_networkv6()
- interfaces: refactor find_interface_ip() and find_interface_ipv6()
- interfaces: fix and use ipaddr6_ll return value in find_interface_ipv6_ll()
- firewall: extend outbound NAT address source and destination with networks
- firewall: fix save error when alias name contains an underscore
- firewall: do not set days or hours when update frequency is empty
- firewall: increase resolve() performance for aliases
- firmware: change packaging to be able to place files in the root directory
- reporting: fix possible division by zero in NetFlow aggregator
- dhcp: reorder arguments of function services_dhcpd_configure()
- dhcp: consolidate service probe of IPv6 and router advertisement daemons
- dhcp: fix clear hook on log file delete
- importer: make clear that /conf/config.xml is required for any import to take place
- monit: add quotes and timeout to custom program path (contributed by Frank Brendel)
- monit: add SSL options to mail server connection (contributed by Frank Brendel)
- network time: improve GPS status parsing
- openvpn: add remote address as route when set during linkup
- shell: interface banner now only shows enabled interfaces
- unbound: do not clear statistics when querying them
- lang: updates for Chinese, Czech, French, German, Japanese, Portuguese and Russian
- mvc: fix toggleBase returning ‘failed’ result when using $enabled
- mvc: fix PortField validation and make well-known ports optional
- mvc: fix checking empty string in grid view (contributed by Smart-Soft)
- rc: make it more obvious in /boot/loader.conf that system tunables work as well
- ui: sidebar performance optimisation (contributed by Team Rebellion)
- ui: vertically center current menu item on visible screen when height is too small
- plugins: os-haproxy 2.10[1][2][3] (contributed by Frank Wall)
- plugins: os-igmp-proxy forces reinstall due to missing core function
- plugins: os-ntopng 1.1 adds HTTPS support (contributed by Michael Muenz)
- plugins: os-nut fix for config file generation (contributed by Michael Muenz)
- plugins: os-postfix fixes typo (contributed by Michael Muenz)
- plugins: os-telegraf 1.7.2 adds validation messages to tags (contributed by Michael Muenz)
- plugins: os-theme-cicada 1.9 (contributed by Team Rebellion)
- plugins: os-theme-tukan 1.8 (contributed by Team Rebellion)
- plugins: os-upnp removes unused function
- plugins: os-zabbix-agent 1.4[4] (contributed by Frank Wall)
- ports: cyrus-sasl 2.1.27[5]
- ports: lighttpd 1.4.51[6]
- ports: openssh 7.9p1[7]
- ports: openssl 1.0.2q[8]
- ports: php 7.1.24[9]
- ports: pkg minor upstream fixes
- ports: sudo 1.8.26[10]
Quelle: https://opnsense.org/opnsense-18-7-8-released/