OPNsense Forum

Administrative => Announcements => Topic started by: franco on July 31, 2015, 05:16:22 pm

Title: OPNsense 15.7.6 released
Post by: franco on July 31, 2015, 05:16:22 pm
Hello everyone,

this is 15.7.6 due to several security advisories for FreeBSD as well as OpenSSH and Bind problems. Reference links are provided for external issues as always. More crash reports came in for issues that date back to as much as a few years long before we started OPNsense. We are very happy for the chance to finally flush them out of the code base. :)

The update requires a reboot. Here are the full patch notes:

o src: shell injection vulnerability in patch(1) [1]
o src: resource exhaustion in TCP reassembly [2]
o src: OpenSSH multiple vulnerabilities [3]
o ports: phalcon 2.0.6 [4], openssh 6.9p1 [5], bind 9.10.2P3 [6], dnsmasq 2.74 [7]
o opnsense-update: can now replace mirror locations
o crash reporter: fixed numerous remotely-submitted warnings and bugs
o universal plug and play: fixed concurrent enable for UPnP and NAT-PMP (Contributed by Chong Cheung)
o intrusion detection: reload general settings after download
o intrusion detection: revised rule and ruleset toggle
o firmware: better upgrade reboot detection
o proxy: fix service start when IPv6 was disabled via system settings
o system: revised the VLAN acceleration disable option to properly unset the interface flags

Stay safe,
Your OPNsense team
[1] https://www.freebsd.org/security/advisories/FreeBSD-SA-15:14.bsdpatch.asc
[2] https://www.freebsd.org/security/advisories/FreeBSD-SA-15:15.tcp.asc
[3] https://www.freebsd.org/security/advisories/FreeBSD-SA-15:16.openssh.asc
[4] https://github.com/phalcon/cphalcon/releases/tag/phalcon-v2.0.6
[5] http://www.openssh.com/txt/release-6.9
[6] https://kb.isc.org/article/AA-01280/81/BIND-9.10.2-P3-Release-Notes.html
[7] http://www.thekelleys.org.uk/dnsmasq/CHANGELOG