Home
Help
Search
Login
Register
OPNsense Forum
»
Administrative
»
Announcements
»
OPNsense 23.7.1 released
« previous
next »
Print
Pages: [
1
]
Author
Topic: OPNsense 23.7.1 released (Read 14573 times)
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
OPNsense 23.7.1 released
«
on:
August 08, 2023, 02:03:31 pm »
Hello,
23.7 looks pretty good so far but no reason not to make it better.
The MVC changes for DHCP, firewall groups, OpenVPN and Unbound receive
several required fixes and the latest FreeBSD security advisories were
added as well.
Here are the full patch notes:
o system: close boot file after probing to avoid lock inheritance
o system: fix lock() inheriting the lock state
o system: give more context in process kill error case since we operate PID numbers only
o firewall: groups were not correctly parsed for menu post-migration
o firewall: hide row command buttons for internal groups
o firewall: add "ipv6-icmp" to protocol list in shaper
o firewall: fix PHP warnings on the rules pages
o dhcp: check if manufacturer exists for IPv4 lease page to prevent error
o dhcp: use base16 for iaid_duid decode for IPv6 lease page to prevent error
o dhcp: fix validation for static entry requirement
o firmware: revoke 23.1 fingerprint
o network time: support pool directive and maxclock (contributed by Kevin Fason)
o openvpn: fix static key delete
o openvpn: fix "mode" typo and push auth "digest" into export config
o openvpn: fix race condition when using CRLs in instances
o openvpn: remove arbitrary upper bounds on some integer values in instances
o unbound: migration of empty nodes failed from 23.1.11 to 23.7
o unbound: fix regression when disabling first domain override
o mvc: fix empty item selection issue in BaseListField
o plugins: os-ddclient 1.14[1]
o plugins: os-acme-client 3.19[2]
o src: bhyve: fully reset the fwctl state machine if the guest requests a reset[3]
o src: frag6: avoid a possible integer overflow in fragment handling[4]
o src: amdtemp: Fix missing 49 degree offset on current EPYC CPUs
o src: libpfctl: ensure the initial allocation is large enough
o src: pf: handle multiple IPv6 fragment headers
o ports: curl 8.2.1[5]
o ports: nss 3.92[6]
o ports: openssl 1.1.1v[7]
o ports: perl 5.34.1[8]
o ports: py-dnspython 2.4.1
o ports: strongswan 5.9.11[9]
o ports: syslog-ng 4.3.1[10]
Stay safe,
Your OPNsense team
--
[1]
https://github.com/opnsense/plugins/blob/stable/23.7/dns/ddclient/pkg-descr
[2]
https://github.com/opnsense/plugins/blob/stable/23.7/security/acme-client/pkg-descr
[3]
https://www.freebsd.org/security/advisories/FreeBSD-SA-23:07.bhyve.asc
[4]
https://www.freebsd.org/security/advisories/FreeBSD-SA-23:06.ipv6.asc
[5]
https://curl.se/changes.html#8_2_1
[6]
https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_92.html
[7]
https://www.openssl.org/news/openssl-1.1.1-notes.html
[8]
https://perldoc.perl.org/5.34.1/perldelta
[9]
https://github.com/strongswan/strongswan/releases/tag/5.9.11
[10]
https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.3.1
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: OPNsense 23.7.1 released
«
Reply #1 on:
August 09, 2023, 08:13:03 am »
A hotfix release was issued as 23.7.1_3:
o firewall: do not clone "associated-rule-id"
o network time: fix "Soliciting pool server" regression (contributed by Allan Que)
o dhcp: fix IPv4 lease removal
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Administrative
»
Announcements
»
OPNsense 23.7.1 released