The IPFire development team published details about a new update
for their open-source and independent firewall distribution based on
the Linux kernel, IPFire 2.17 Core Update 91, urging users to update as
soon as possible.
According to the release notes, IPFire 2.17 Core
Update 91 is a very important milestone for the stable version of the
firewall, which patches multiple security vulnerabilities for the
OpenSSL and StrongSwan IPsec software, and updates several other core
components and libraries.
Therefore, we can report that IPFire 2.17 Core
Update 91 updates the OpenSSL package to version 1.0.2b, which fixes six
security vulnerabilities, including the famous Logjam vulnerability,
and the strongSwan package to version 5.3.2, fixing two security
vulnerabilities. Also, there's updated packages like libnet 1.16,
libxslt 1.1.28, libxml2 2.9.2, newt 0.52.19, pcre 8.37, and slang 2.3.0.
"This update comes with various security fixes –
most notably fixes for six security vulnerabilities in the OpenSSL
library and two more vulnerabilities in strongSwan," reads the
announcement. "We strongly recommend to install this update as soon as
possible and reboot the system afterwards."
The P2P block feature has been disabled by default
Among other changes implemented in IPFire 2.17 Core
Update 91, we can mention that the P2P (Peer-to-Peer) block feature has
been disabled by default for all new installations of the firewall, but
users are informed that existing installations of IPFire won't be
changed, not even after a regular software update.
Last but not least, the built-in DHCP (Dynamic Host
Configuration Protocol) server received various improvements, such as
the ability to search the list of static leases, automatic addition of
newly created static leases from the list of dynamic leases, and support
for editing newly added static leases right from the user menu.
Comments
Post a Comment