25.7.3 / 25.7.3_3 Rel_Notes

Started by BrandyWine, September 11, 2025, 03:28:07 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 11, 2025, 03:28:07 AM Last Edit: September 11, 2025, 03:30:29 AM by BrandyWine
Quote from: OPNsenseHowdy!

The Tabulator introduction into MVC grid views was a major success with virtually no complaints. Did you notice? Maybe you will now that more features have been unlocked: Dnsmasq grids group by interfaces, firewall automation rules now can show folders using categories and row count default and selections have been increased. A few performance and UX tweaks were carried out as well while at it.

StrongSwan moves to version 6.0.1 now after elaborate testing. The "make_before_break" value was flipped from off to on in their version jump, but the settings will still default to off for everyone unless already otherwise configured.

Here are the full patch notes:

    system: properly check request type on HA status page in restartAllAction() (reported by Stanislav Fort of Aisle Research)
    system: prevent misconfigurations with the automatic user creation option
    system: add pluginctl hook for cache_flush
    system: rewrite wwwonly bootstrap procedure
    system: allow authentication events from wwwonly user
    interfaces: moved get_real_interface() to util.inc
    firewall: add "quick" mode in alias update to skip table size comparison during schedules
    firewall: adjust firewall_rule_lookup to open correct interface and rule from firewall live log
    firewall: add port alias selection to source_port and destination_port
    firewall: implement alias description tooltip and other UX tweaks
    firewall: add optional Tabulator tree view to show categories as rule folders in automation
    firewall: put sequence and sort_order in advanced mode of automation rules
    firewall: front-end table rendering performance improvement for alias diagnostics
    firewall: also set groups for special IPv6 interfaces
    firewall: ignore empty lines for pf table counting
    firewall: support tags in source NAT automation rules
    firewall: allow alias nesting for URL tables
    captive portal: move backend scripts directory
    captive portal: various style cleanups
    captive portal: restyle default login template
    dnsmasq: add Tabulator "groupBy" functionality to group by interfaces
    dnsmasq: add leases widget that shows latest leases
    firmware: add US east coast mirror for business edition
    firmware: opnsense-patch: fix cache flush using new hook
    firmware: add vuxml.freebsd.org to CRL handling hostnames
    intrusion detection: fix downloads tab not loading with Tabulator
    ipsec: add default value to "make_before_break" that retains disabled default
    monit: move backend scripts directory
    mvc: BaseModel: minor non-functional cleanups
    mvc: ModelRelationField: keep array structure in memory to avoid reinitiating object construction
    mvc: tweaked model definitions, especially descriptions and validation message style
    mvc: slightly adjust two getOption() calls in constraints
    mvc: BaseListField: always map values in getDescription()
    mvc: BaseListField: account for option container and passthrough value
    mvc: remove getCurrentValue() compatibility wrapper
    mvc: Backend: always return strings in configdRun() and configdpRun()
    mvc: improve replaceInputWithSelector() to support an empty placeholder
    mvc: stream output not properly cleansed when used in widget (reported by Stanislav Fort of Aisle Research)
    ui: bootgrid: add tabulatorOptions to translateCompatOptions()
    ui: bootgrid: raise rowCount default to 50 and adjust selections accordingly for most pages
    ui: bootgrid: simplify custom grid command additions
    plugins: os-caddy 2.0.3[1]
    plugins: os-frr 1.47[2]
    plugins: os-netbird 1.0 (contributed by Gauss23 and Bethuel Mmbaga)
    plugins: os-nginx 1.35[3]
    plugins: os-squid 1.3[4]
    src: libfetch: ignore leaf certificates missing CRL which in practice is not offered by most authorities
    src: assorted network stack fixes via stable/14
    src: if_ovpn: support IPv6 link-local addresses
    src: if_ovpn: support floating clients
    src: if_ovpn: fill out sin_len/sin6_len
    src: if_ovpn: destroy cloned interfaces via a prison removal callback
    src: ifconfig: support VLAN ID in static/deladdr
    ports: krb5 1.22.1[5]
    ports: nss 3.115.1[6]
    ports: perl 5.42.0[7]
    ports: php 8.3.25[8]
    ports: strongswan 6.0.1[9][10]

A hotfix release was issued as 25.7.3_3:

    system: fix two regressions due to stream output path safety addition
    firewall: fix interface_net aliases not being populated
    intrusion detection: revert "fix downloads tab not loading with Tabulator"


Stay safe and proud,
Your OPNsense team
Mini-pc N150 i226-V, GOD BLESS CHARLIE KIRK
September 11, 2025, 07:10:31 AM #1
The day was rather long yesterday, see https://github.com/opnsense/changelog/commit/45e62eb5d17
Print
Go Up Pages1
User actions