
Die Open-Source Firewall, OPNsense, erhielt vor wenigen Tagen das Bugfix Release 20.1.8 und das Hotfix 20.1.8_1. Es werden diverse Fixes durchgeführt, Plugins aktualisiert und das Hotfix korrigiert auch 2 Fehler. Ein Neustart ist nicht notwendig.
OPNsense 20.1.8 Release Notes
- system: simpler get_interface_ip() usage in IPv4 renewal
- system: allow HA sync of network time settings
- system: download all filtered items in log export
- system: add support for upstream LDAP accounts in Nextcloud backup (contributed by Fabian Franz)
- interfaces: fix stateless DHCPv6 for track6 interfaces (contributed by Maurice Walker)
- firewall: fix missing address filter error by moving NAT targets to runtime resolve
- firewall: prevent gateway protocol mismatch from breaking the ruleset
- firewall: work around categories typeahead issue with recent jQuery libraries
- firewall: improve alias help text (contributed by Team Rebellion)
- firewall: switch from single log filter to one per attribute
- intrusion detection: when enabling rules prefixed with ‘# ‘ consume the extra space (contributed by Tra5is)
- intrusion detection: less sensitive rule parsing
- intrusion detection: compress stats.log backups
- ipsec: valid IPSec Phase 2 hash config warning raises GUI alert (contributed by Brett Merrick)
- unbound: add DNS64 support (contributed by Maurice Walker)
- web proxy: fix wrong button label for Download ACLs (contributed by 90er)
- mvc: add sort_flags optional parameter support (contributed by NOYB)
- rc: add full PATH to rc.syshook invoke
- plugins: os-acme-client[1][2]
- plugins: os-dnscrypt-proxy 1.8[3]
- plugins: os-dyndns 1.21 improves Cloudflare support (contributed by Andreas Rupper)
- plugins: os-freeradius 1.9.7[4]
- plugins: os-haproxy 2.23[5]
- plugins: os-intrusion-detection-content-snort-vrt 1.1
- plugins: os-stunnel 1.0[6] (sponsored by Incenter Technology)
- plugins: os-tayga 1.1[7]
- plugins: os-theme-rebellion 1.8.4[8]
- ports: ca_root_nss 3.53
- ports: curl 7.71.0[9]
- ports: hostapd / wpa_supplicant UPnP SUBSCRIBE advisory[10]
- ports: krb5 1.18.2[11]
- ports: ntp 4.2.8p15[12]
- ports: pcre 8.44[13]
- ports: perl 5.30.3[14]
- ports: php 7.3.19[15]
- ports: python CVE-2019-18348 and CVE-2020-8492
- ports: sqlite 3.32.2[16]
- ports: sudo 1.9.1[17]
- ports: unbound 1.10.1[18]
OPNsense Hotfix 20.1.8_1
- ipsec: fix status page display after third party library update
- plugins: os-dyndns fix for TTL validation (contributed by Andreas Rupper)