Skip to content
☰
  • Home
  • About
  • Status
  • Services
    .--.
   |o_o |
   |:_/ |
  //   \ \
 (|     | )
/'\_   _/`\
\___)=(___/

:: c0urier.net

                ____             _                        __ 
   _ _    _____/ __ \__  _______(_)__  _____  ____  ___  / /_
  (_)_)  / ___/ / / / / / / ___/ / _ \/ ___/ / __ \/ _ \/ __/
 _ _    / /__/ /_/ / /_/ / /  / /  __/ /  _ / / / /  __/ /_  
(_)_)   \___/\____/\__,_/_/  /_/\___/_/  (_)_/ /_/\___/\__/  
                                                             
If speed kills, Windows users may live forever

  • Home
  • About
  • Status
  • Services
 
OPNsense 16.1.11 released

OPNsense 16.1.11 released


 Hi everyone,

We are skipping a bit ahead with 16.1.11 to address a CSRF vulnerability, which shows us the good path we have been on since we started[1] and we will surely continue this security-aware trend.

In other news, this update includes native GeoIP alias support, captive portal voucher customisations requested by many and the last batch of Russian, effectively bringing it to 100% completed. Wow!

Here is the full change log:

  • services: fix CSRF vulnerability in status_services.php[2]
  • dhcp: bring back usage of the authoritative directive
  • system: allow periodic backups of RRD and DHCP for non-MFS
  • captive portal: add option for less secure passwords, password and username length
  • firewall: add GeoIP aliases feature
  • openvpn: status page would not show the correct process status
  • languages: completed Russian translation (contributed by Smart-Soft Ltd.)
  • languages: updated French

Stay safe,
Your OPNsense team

—
[1]
https://forum.opnsense.org/index.php?topic=2837.0
[2] https://cxsecurity.com/issue/WLB-2016040106

Het bericht OPNsense 16.1.11 released verscheen eerst op OPNsense, Your Next Open Source Firewall.


Source: OPNsense news


 
 
 
Proudly powered by WordPress and RetroGeek-Theme