Das Update 22.1.7 der Open-Source Firewall, OPNsense, behebt ein paar Fehler, schließt bekannte Lücken in OpenSSL und ist ein geplantes Release.

OPNsense 22.1.7 Release Notes

• system: tunables without hierarchy are just “environment” variables
• system: use PHP random_bytes() builtin (contributed by oittaa)
• system: support cd9660 file system in opnsense-importer
• reporting: fix validation in NetFlow settings
• interfaces: interface_ppps_configure() remove boot-time side effect
• interfaces: include VIPS for primary IPv4 detection
• interfaces: DHCPv6 advanced has a different flag to disable NA
• firewall: add missing range validation to alias host type
• firewall: make rule parsing more consistent as x:any and any:y are valid port options
• captive portal: simplify the voucher generation code (contributed by oittaa)
• firmware: list locked packages in health audit
• ipsec: mark non-sortable columns
• openvpn: change filetype of export to text/ovpn
• unbound: updated no coin list (contributed by Luis Nachtigall)
• unbound: change overrides grid label when no results are returned
• unbound: restore duplicate domain behaviour in overrides
• mvc: safeguard multi_sort in searchRecordsetBase()
• mvc: prevent silent crashes in legacy XML attribute emulation
• mvc: Phalcon 5 migration layer to reduce dependencies on Phalcon builtins
• mvc: fix two regressions and deprecate __items
• plugins: os-acme-client 3.10[1]
• plugins: os-bind 1.23[2]
• plugins: os-dnscrypt-proxy 1.12[3]
• plugins: os-frr 1.28[4]
• plugins: os-relayd 2.7 adds listen address and port range to virtual servers
• plugins: os-zabbix-agent 1.12[5]
• plugins: os-zabbix-proxy 1.8[6]
• ports: curl 7.83.0[7]
• ports: nss 3.78[8]
• ports: openssl 1.1.1o[9]
• ports: pcre2 10.40[10]
• ports: php 7.4.29[11]
• ports: pkg 1.17.5[12]
• ports: suricata 6.0.5[13]

A hotfix release was issued as 22.1.7_1

• mvc: add missing URL validator class
• plugins: os-nginx fix for validation class