OPNsense 24.1.9 released

Started by franco, June 18, 2024, 10:25:14 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 18, 2024, 10:25:14 AM
 Hello,

This is the last bit of preparation for the upcoming 24.7 series reimplementing
one-to-one NAT using MVC/API and a number of plumbing changes.  IPv6 has also
been improved with the dhcp6c client having received a number of new fixes
and features.

Here are the full patch notes:

o system: do not create an interface route without an address
o system: add pluginctl -x/-X modes for digesting XMLRPC options
o system: replace rand() with random_int() in remote backup script
o firewall: migrate one-to-one NAT to MVC/API
o interfaces: make SLAAC flush a feature of ifctl for incoming reuse
o interfaces: in SLAAC tracking prevent accepting our own radvd configuration
o interfaces: move SLAAC tunables to system requirements
o interfaces: disable IPv6 interface modes when IPv6 is disabled globally
o interfaces: avoid pluginctl giving out IPv4 info for non-interfaces
o dhcrelay: add logging into its own space
o firmware: change default fetch of changelog to 30 seconds
o firmware: dump TLS information for firmware server(s) in use
o isc-dhcp: allow root domain input as "." (contributed by Skyler Mantysaari)
o kea-dhcp: support static DNS mappings (contributed by Markus Reiter)
o mvc: refactored and improved checkAndThrowSafeDelete() as checkAndThrowValueInUse()
o ui: prevent word break for top level menu items
o plugins: os-caddy 1.5.7[1]
o curl 8.8.0[2]
o dhcp6c v20240607 additions for WAN tracking, interface ID specification, etc.
o nss 3.100[3]
o openldap 2.6.8[4]
o openssl 3.0.14[5]
o php 8.2.20[6]
o py-duckdb 1.0.0[7]
o py-netaddr 1.3.0[8]
o sqlite 3.46.0[9]


Stay safe,
Your OPNsense team

--
[1] https://github.com/opnsense/plugins/blob/stable/24.1/www/caddy/pkg-descr
[2] https://curl.se/changes.html#8_8_0
[3] https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_100.html
[4] https://www.openldap.org/software/release/changes.html
[5] https://www.openssl.org/news/cl30.txt
[6] https://www.php.net/ChangeLog-8.php#8.2.20
[7] https://github.com/duckdb/duckdb/releases/tag/v1.0.0
[8] https://netaddr.readthedocs.io/en/latest/changes.html#release-1-3-0
[9] https://sqlite.org/releaselog/3_46_0.html
June 19, 2024, 06:00:27 PM #1
A hotfix release was issued as 24.1.9_1:

o firewall: "natreflection" rule attribute missed in MVC/API migration
June 20, 2024, 09:25:19 AM #2
A hotfix release was issued as 24.1.9_3:

o firewall: typo in "destination" migration for one-to-one NAT
o firewall: one-to-one NAT default reflection setting was ignored
June 21, 2024, 12:28:29 PM #3
A hotfix release was issued as 24.1.9_4:

o system: proper HA sync for new one-to-one NAT section
Print
Go Up Pages1
User actions