OPNsense Bugfix Release 20.7.8

Die Open-Source Firewall, OPNsense, erhielt am 19. Januar das Bugfix Release 20.7.8. Nachfolgend die wesentlichen Änderungen.

• system: allow to recover from bad TLS certificate and/or bad settings in console interface assign
• system: display destination port number in firewall log widget (contributed by Team Rebellion)
• system: keep compatible TLS 1 defaults for web GUI on 20.7 series
• system: set default certificate lifetime to 397 days
• firewall: add type 128 to outgoing IPv6 RFC4890 requirements
• firewall: add manual refresh button to live log
• firewall: fix typo in ICMPv6 validation
• firewall: fix minor regression in maintaining target alias file
• firewall: fix all state value in pfTop (contributed by Lucas Held)
• firewall: remove duplicated destination field in live log
• firewall: add readonly actions to aliases permission (contributed by Manuel Faux)
• firewall: category selector missing caption
• reporting: add top talkers to revamped traffic graph page
• reporting: fix name resolution filter change in insight
• reporting: persist interface selection on traffic graph page
• captive portal: disable faulty TLS on HTTP since lighttpd 1.4.56
• dhcp: fix sorting of IPv6 static mappings (contributed by vnxme)
• dhcp: fix incorrect parsing of DUID (contributed by Matt Holgate)
• firmware: opnsense-code now updates the current directory if nothing was specified
• firmware: opnsense-code now uses flexible make.conf target from tools.git
• firmware: opnsense-update now supports snapshot access via -z option
• firmware: opnsense-update now fixes missing dependencies on the fly
• firmware: fix some issues with missing repository on server
• firmware: add version output and date to audit logs
• ipsec: display remote host in status overview (contributed by garlic17)
• opendns: add standalone mode
• openssh: honour MAX_LISTEN_SOCKS
• openvpn: set default certificate lifetime to 397 days in wizard
• unbound: generate all configuration files in service controller
• unbound: fix broken lines in large files (contributed by kulikov-a)
• web proxy: lock ACL download to prevent duplicate execution
• mvc: allow underscore in filter string (contributed by kulikov-a)
• plugins: os-haproxy 2.26[1]
• plugins: os-hw-probe 1.0 (contributed by Michael Muenz)
• plugins: os-maltrail fixes sensor start without server (contributed by Julio Camargo)
• plugins: os-nginx 1.20[2]
• plugins: os-tinc fixes for latest version (contributed by vnxme)
• src: fix OpenSSL NULL pointer de-reference[3]
• src: fix partial scrub of multicast packages
• src: free full mbuf chains in iflib when draining transmit queues
• src: initialize oifp to avoid bogus results/panics in edge cases
• src: 10Gigabit Ethernet driver for AMD SoC
• ports: libressl 3.2.3[4][5]
• ports: nss 3.60.1
• ports: php 7.3.26[6]
• ports: pkg fix for shell keyword by opening root file descriptor
• ports: radvd 2.19[7]
• ports: sudo 1.9.5p1[8]

Quelle: OPNsense 20.7.8 released

JARVIS

Interessiert in verschiedenste IT Themen, schreibe ich in diesem Blog über Software, Hardware, Smart Home, Games und vieles mehr. Ich berichte z.B. über die Installation und Konfiguration von Software als auch von Problemen mit dieser. News sind ebenso spannend, sodass ich auch über Updates, Releases und Neuigkeiten aus der IT berichte. Letztendlich nutze ich Taste-of-IT als eigene Dokumentation und Anlaufstelle bei wiederkehrenden Themen. Ich hoffe ich kann dich ebenso informieren und bei Problemen eine schnelle Lösung anbieten. Wer meinen Aufwand unterstützen möchte, kann gerne eine Tasse oder Pod Kaffe per PayPal spenden – vielen Dank.