OPNsense 16.7.1 releasedby RSS News

Hi everyone,

Here are the full patch notes:

• system: default config now disables hardware offloading features
• system: prevent carp demotion on sender and pfsync failures
• firewall: removed obsolete reflection timeout value
• firewall: added logging option for outbound NAT
• firewall: fix interface address IPv6 outbound NAT
• firewall: fix one-to-one copy feature
• firewall: execute custom scrub rules before auto-generated rules
• firmware: fixed race on base / kernel fetch
• firmware: revoke the obsoleted 16.1 update fingerprint
• interfaces: allow default route on multi-WAN PPPoE
• interfaces: allow to set txpower for WiFi adapters
• interfaces: allow backwards-compatible interface enable
• vpn: fix faulty IPSec authenticator selection in phase 1
• mvc: add missing CRL type in certificates cache
• mvc: set robots meta to nofollow, noindex
• mvc: always show logout button in menu
• src: fix bspatch heap overflow vulnerability[1]
• src: fix ICMP translation in pf
• src: revert extended descriptor format for em(4)[2]
• src: lower spurious log notice to debug in rtsold
• plugins: os-haproxy 1.4 (contributed by Frank Wall)
• ports: libressl 2.3.7[3]

Stay safe,
Your OPNsense team

—
[1] https://www.freebsd.org/security/advisories/FreeBSD-SA-16:25.bspatch.asc
[2] https://github.com/opnsense/src/commit/b0f7ff3
[3] http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.3.7-relnotes.txt

Het bericht OPNsense 16.7.1 released verscheen eerst op OPNsense, Your Next Open Source Firewall.

Source: OPNsense