Hello all,

This small update swiftly follows 18.1.3 with security updates to DHCP and strongSwan and assorted fixes including multi-WAN failover cases.

Here are the full patch notes:

o system: improved default route handling
o system: improved gateway switching
o system: cleanse username on LDAP import
o system: increase maximum size of firmware reports
o firewall: shaper backend refactor
o interfaces: improved reconfigure phase
o reporting: fix sporadic “non-numeric value encountered” error
o captive portal: add voucher expiry (contributed by Stephanowicz)
o intrusion detection: use latest ET Open rules for Suricata version 4
o intrusion detection: proper syslog with drops, requires log file reset
o intrusion detection: backend refactor
o plugins: os-frr 1.2 adds OSPF interface type (contributed by Marius Halden)
o plugins: os-haproxy 2.6[1] (contributed by Frank Wall)
o ports: isc-dhcp 4.3.6P1[2]
o ports: krb5 1.16[3]
o ports: pkg 1.10.5
o ports: strongswan 5.6.2[4]

Stay safe,
Your OPNsense team

—
[1] https://github.com/opnsense/plugins/pull/575
[2] https://kb.isc.org/article/AA-01570/0/DHCP-4.3.6-P1-Release-Notes.html
[3] https://web.mit.edu/kerberos/krb5-1.16/
[4] https://wiki.strongswan.org/versions/68