OPNsense Forum

Administrative => Announcements => Topic started by: franco on March 28, 2024, 12:42:49 pm

Title: OPNsense 23.10.3 business edition released
Post by: franco on March 28, 2024, 12:42:49 pm

This business release is based on the OPNsense 23.7.12 community version
with additional reliability improvements.

Here are the full patch notes:

o system: fix handling of empty "serialusb" node set during import
o system: fix assorted PHP deprecation warnings
o system: add issuer and logo to OTP link
o system: prevent empty "user" node to crash during boot
o system: allow 0 length voucher passwords in authentication server
o reporting: update traffic graph colors to be contrast and consistent (contributed by brotherla)
o interfaces: add missing ACL entries for ARP/NDP tables
o interfaces: prevent modal x-axis overflow on packet capture page
o firewall: add optional advanced property "State policy" to influence state creation on a per rule base
o firewall: change default traffic normalization behavior and choose "in" as standard direction for manual rules
o firewall: refactor schedule matching and fix an end-of-the-month bug
o firewall: fix incorrect packet counters statistics collection
o firewall: fix virtual IP API use with subnet/subnet_bits usage
o firewall: fix floating rule display (contributed by lin-xianming)
o firewall: fix display of ICMP tooltip (contributed by lin-xianming)
o firewall: make select width more consistent on alias diagnostics table selection
o ipsec: show EAP-RADIUS settings only when legacy tunnels are being used
o unbound: prevent os.write() on None when another thread closed the pipe in Python module
o unbound: make atomic copies of root.hints file to hopefully appease Unbound startup problems
o unbound: fix missing /lib nullfs mount in chroot
o unbound: add aggressive-nsec option toggle (contributed by kulikov-a)
o mvc: fix PHP_FLOAT_MIN being unreliable
o ui: replace all > and < occurrences in treeview (contributed by lin-xianming)
o ui: fix epoch support as number in bootgrid
o plugins: os-OPNProxy 1.0.4 removes ident support
o plugins: os-OPNWAF 1.3 adds SSLVerifyDepth
o ports: curl 8.6.0[1]
o ports: suricata 6.0.17[2]
o ports: unbound 1.19.3[3]


Stay safe,
Your OPNsense team

--
[1] https://curl.se/changes.html#8_6_0
[2] https://suricata.io/2024/03/19/suricata-7-0-4-and-6-0-17-released/
[3] https://nlnetlabs.nl/projects/unbound/download/#unbound-1-19-3