OPNsense Logo

OPNsense 20.1.7 Bugfix Update

Die Entwickler der Open-Source Firewall, OPNsense, veröffentlichten das Bugfix Update 20.1.7. Dieses aktualisiert die PHP Version auf 7.3, enthält einige Bugfixes, u.a. einen Patch gegen Kernel Crashes die auftreten können wenn Interfaces aus der Konfiguration kurzfristig entfernt werden.

OPNsense 20.1.7 Release Notes

  • system: default net.inet.icmp.reply_from_interface to 1
  • system: fix static gateway wizard handing
  • firewall: allow outbound NAT source and destination port ranges
  • interfaces: use interfaces_primary_address6() inside get_interface_ipv6()
  • dhcp: add AdvLinkMTU to router advertisements settings (contributed by Ilteris Eroglu)
  • unbound: prevent wildcard domains for the local system domain
  • backend: suppress inconsequential IDNA warnings for aliases
  • backend: add option to return a key value list for TLS ciphers
  • mvc: reference constraint pointing validation results to the wrong field
  • plugins: os-acme-client 1.32 adds Acmeproxy DNS support (contributed by Maarten den Braber)
  • src: added Novatel Wireless MiFi 8800/8000 support (contributed by rootless4real)
  • src: fix pf shared forwarding on non-existing interfaces
  • src: patch in tty 3wire autologin support
  • src: fix insufficient packet length validation in libalias[1]
  • src: fix memory disclosure vulnerability in libalias[2]
  • src: fix improper checking in SCTP-AUTH shared key update[3]
  • src: fix use after free in cryptodev module[4]
  • src: update to tzdata 2020a[5]
  • ports: ca_root_nss 3.52
  • ports: curl 7.70.0[6]
  • ports: dhcp6c v20200512
  • ports: hyperscan 5.2.1[7]
  • ports: openldap 2.4.50[8]
  • ports: pcre2 10.35[9]
  • ports: php 7.3.18[10]

Stay safe and healthy,
Your OPNsense team


[1] https://www.freebsd.org/security/advisories/FreeBSD-SA-20:12.libalias.asc
[2] https://www.freebsd.org/security/advisories/FreeBSD-SA-20:13.libalias.asc
[3] https://www.freebsd.org/security/advisories/FreeBSD-SA-20:14.sctp.asc
[4] https://www.freebsd.org/security/advisories/FreeBSD-SA-20:15.cryptodev.asc
[5] https://www.freebsd.org/security/advisories/FreeBSD-EN-20:08.tzdata.asc
[6] https://curl.haxx.se/changes.html
[7] https://github.com/intel/hyperscan/releases/tag/v5.2.1
[8] https://www.openldap.org/software/release/changes.html
[9] https://www.pcre.org/changelog.txt
[10] https://www.php.net/ChangeLog-7.php#7.3.18

Schreibe einen Kommentar

Diese Website verwendet Akismet, um Spam zu reduzieren. Erfahre mehr darüber, wie deine Kommentardaten verarbeitet werden.