BSD Release: pfSense 2.3.1

Datetime:2016-08-22 21:46:44          Topic: OpenSSL  Encryption and Decryption           Share
Recent Related News
2016-04-13 BSD Release: pfSense 2.3
Chris Buechler has announced the availability ofpfSense 2.3. The new release of this FreeBSD-based firewall operating system includes a number of new changes to its web interface and fixes several bugs from previous releases. " We are happy to announce the release of pfSense software version 2.3. The most significant changes in this release are a rewrite of the webGUI using Bootstrap, and the underlying system, including the base system and kernel, being converted entirely to FreeBSD pkg. The pkg conversion enables us to update pieces of the system individually going forward, rather than the monolithic updates of the past. The webGUI rewrite brings a new responsive look and feel to pfSense requiring a minimum of resizing or scrolling on a wide range of devices from desktop to mobile phones. For the highlights, check out the features and highlights video . Past blog posts have covered some of the changes, such as the performance improvements from tryforward and the webGUI update . " Further information can be found on the project's features and changes page. Download : pfSense-CE-2.3-RELEASE-amd64.iso.gz (296MB, SHA256 ).
2016-04-01 Development Release: pfSense 2.3 RC
Chris Buechler has announced the launch of a release candidate forpfSense 2.3. The development snapshot is available for testing and features a number of important changes, particularly with regards to package management: " We are proud to announce pfSense software version 2.3 Release Candidate is now available! The most significant changes in this release are a rewrite of the webGUI utilizing Bootstrap, and the underlying system being converted entirely to FreeBSD pkg (including the base system and kernel). The pkg conversion enables us to update pieces of the system individually going forward, rather than the monolithic updates of the past. Further information can be found in the project's release announcement and Features and Changes document. Download : pfSense-CE-2.3-RC-amd64.iso.gz (296MB, SHA256 ).
2015-12-22 BSD Release: pfSense 2.2.6
Chris Buechler has announced the release ofpfSense 2.2.6, an updated build of the project's FreeBSD-based operating system made for firewalls and routers. This release is largely a security update to fix issues with the software's browser-based user interface and several recent OpenSSL vulnerabilities, while it also upgrades the base system to the latest FreeBSD version: " pfSense software version 2.2.6 is now available. This release includes a few bug fixes and security updates. Security fixes and errata: webgui - local file inclusion vulnerability in the pfSense WebGUI; captiveportal - SQL injection vulnerability in the pfSense captive portal logout; webgui - multiple XSS and CSRF vulnerabilities in the pfSense WebGUI; updated to FreeBSD 10.1-RELEASE-p25; openssl - multiple vulnerabilities in OpenSSL; updated strongSwan to 5.3.5; includes fix for CVE-2015-8023 authentication bypass vulnerability in the eap-mschapv2 plugin. As always, you can upgrade from any previous version straight to 2.2.6. For those already running any 2.2.x version, this is a low-risk upgrade. For those on 2.1.x or earlier versions, there are a number of significant changes which may impact you. Pay close attention to the 2.2 upgrade notes for the details. " Read the full release announcement for further details. Download : pfSense-LiveCD-2.2.6-RELEASE-amd64.iso.gz (99.2MB, SHA256 ).
2015-11-06 BSD Release: pfSense 2.2.5
Chris Buechler has announced the release of a new version ofpfSense, an operating system designed for use in firewalls. The new release, pfSense 2.2.5, arrives on the project's 11th birthday and contains mostly bug fixes for previous versions. " pfSense software version 2.2.5 is now available. This release includes a number of bug fixes and some security updates. Today is also the 11 year birthday of the project. While work started in late summer 2004, the domains were registered and the project made public on November 5, 2004. Thanks to everyone that has helped make the project a great success for 11 years. Things just keep getting better, and the best is yet to come. Security fixes and errata: webgui - multiple stored XSS vulnerabilities in the pfSense WebGUI. The complete list of affected pages and fields is listed in the linked SA. " People who were running an earlier version of pfSense in the 2.2.x series should be able to upgrade smoothly to the latest version. " As always, you can upgrade from any previous version straight to 2.2.5. For those already running any 2.2.x version, this is a low risk upgrade. For those on 2.1.x or earlier versions, there are a number of significant changes which may impact you. " Further information can be found in the project's release announcement . Download : pfSense-LiveCD-2.2.5-RELEASE-amd64.iso.gz (99.2MB, SHA256 ).
2015-07-27 BSD Release: pfSense 2.2.4
Chris Buechler has announced the release ofpfSense 2.2.4, a FreeBSD-based firewall solution. The new release mostly includes bug fixes and security updates. The bug fixes include patches to prevent cross-site scripting attacks against the web interface, a fix for a TCP resource exhaustion attack and enhancements to prevent file corruption during unclean shutdowns. Buechler points out that a recent patch to FreeBSD's OpenSSL implementation was not needed as pfSense did not ship the vulnerable version of the OpenSSL software. " As always, you can upgrade from any previous version straight to 2.2.4. For those already running any 2.2.x version, this is a low risk upgrade. This is a high priority upgrade for those using IPsec on 2.2.x versions. For those on 2.1.x or earlier versions, there are a number of significant changes which may impact you. " The release announcement has more details and a full list of changes since the last version of pfSense can be found in the New Features and Changes document. Download : pfSense-LiveCD-2.2.4-RELEASE-amd64.iso.gz (99MB, SHA256 ).
2015-06-25 BSD Release: pfSense 2.2.3
Chris Buechler has announced the release ofpfSense 2.2.3, a security and bug-fix update of the specialist operating system designed for firewalls and routers, based on FreeBSD: " pfSense software version 2.2.3 release is now available, bringing a number of bug fixes and some security updates. Security fixes: multiple XSS vulnerabilities in the pfSense WebGUI, the complete list of affected pages and fields is large and all are listed in the linked SA; multiple OpenSSL vulnerabilities (including Logjam). The bug fixes and changes in this release are detailed here . As always, you can upgrade from any previous version straight to 2.2.3. For those already running any 2.2x version, this is a low-risk upgrade. This is a high-priority upgrade for those using IPsec on 2.2x versions. For those on 2.1.x or earlier versions, there are a number of significant changes which may impact you. Pay close attention to the 2.2 upgrade notes for the details. " Here is the brief release announcement . Download links: pfSense-LiveCD-2.2.3-RELEASE-amd64.iso.gz (83.2MB, SHA256 ), pfSense-LiveCD-2.2.3-RELEASE-i386.iso.gz (78.5MB, SHA256 ).
2015-04-16 BSD Release: pfSense 2.2.2
Chris Buechler has announced the release ofpfSense 2.2.2, the latest update of the FreeBSD-based operating system made for firewalls and routers, providing several security fixes: " pfSense software version 2.2.2 release is now available, bringing a number of bug fixes and a couple low-risk security updates that don't apply to most users. This release includes two low-risk security updates. FreeBSD-SA-15:09.ipv6 - denial of Service with IPv6 router advertisements. Where a system is using DHCPv6 WAN type, devices on the same broadcast domain as that WAN can send crafted packets causing the system to lose IPv6 Internet connectivity. FreeBSD-SA-15:06.openssl - multiple OpenSSL vulnerabilities. Most aren't applicable, and the worst impact is denial of service. As always, you can upgrade from any previous version straight to 2.2.2. For those already running any 2.2x version, this is a low-risk upgrade. This is a high priority upgrade for those using IPsec on 2.2x versions. " See the release announcement for full details. Download : pfSense-LiveCD-2.2.2-RELEASE-amd64.iso.gz (83.2MB, SHA256 ), pfSense-LiveCD-2.2.2-RELEASE-i386.iso.gz (78.4MB, SHA256 ).
2015-03-18 BSD Release: pfSense 2.2.1
Chris Buechler has announced the release ofpfSense 2.2.1, a security and bug-fix update of the project's FreeBSD-based specialist operating system for firewalls and routers: " pfSense software 2.2.1 release is now available, bringing a number of bug fixes and some security fixes. Security fixes: pfSense-SA-15_02.igmp - integer overflow in IGMP protocol; pfSense-SA-15_03.webgui - multiple XSS vulnerabilities in the pfSense WebGUI; pfSense-SA-15_04.webgui - arbitrary file deletion vulnerability in the pfSense WebGUI; FreeBSD-EN-15:01.vt - vt(4) crash with improper ioctl parameters; FreeBSD-EN-15:02.openssl - update to include reliability fixes from OpenSSL. A note on the OpenSSL 'FREAK' vulnerability: does not affect the web server configuration on the firewall as it does not have export ciphers enabled. pfSense 2.2 already included OpenSSL 1.0.1k which addressed the client-side vulnerability. If packages include a web server or similar component, such as a proxy, an improper user configuration may be affected. Consult the package documentation or forum for details. " See the complete release announcement for further information. Download : pfSense-LiveCD-2.2.1-RELEASE-amd64.iso.gz (83.1MB, SHA256 ), pfSense-LiveCD-2.2.1-RELEASE-i386.iso.gz (78.4MB, SHA256 ).




About List