Software-update: OPNsense 25.7.5
Het pakket OPNsense is een firewall met uitgebreide mogelijkheden. Het is gebaseerd op het besturingssysteem FreeBSD en is oorspronkelijk een fork van m0n0wall en pfSense. Het pakket kan volledig via een webinterface worden ingesteld en heeft onder andere ondersteuning voor mfa, OpenVPN, IPsec, CARP en captive portal. Daarnaast kan het packetfiltering toepassen en beschikt het over een traffic shaper. De ontwikkelaars achter OPNsense hebben de vijfde update voor versie 25.7 uitgebracht en de releasenotes voor die uitgave kunnen hieronder worden gevonden.
OPNsense 25.7.5 releasedThis updates provides for a new GeoIP database source by IPinfo, stability fixes for several network drivers and the recent OpenSSL security update amongst others.
Here are the full patch notes:system: add the pfsync "defer" option to high availabilitysystem: return both interfaces in a single call for get_nameservers()system: safeguard legacy local_sync_accounts() against malformed user entriesfirewall: support IPinfo format for GeoIPfirewall: adapt default table size calculationfirewall: fix flags not showing on GeoIP selectioncaptive portal: case insensitive MAC parsingcaptive portal: remove stale dir-listing.activate from web serverdnsmasq: refine the selection of automatic DHCP rules for eligible interfacesfirmware: switch business mirror layoutipsec: dots are not allowed in pool nameskea-dhcp: expose lease expiration settings to the GUI (contributed by Konstantinos Spartalis)kea-dhcp: support DHCP option 121 (classless static routes)mvc: protect JSON response against UFT-8 encoding failuresmvc: HTML-decode select element valuesplugins: os-etpro-telemetry 1.8 now shows more status responses in widgetplugins: os-shadowsocks 1.3src: bnxt: fix the request length in bnxt_hwrm_func_backing_store_cfg()src: iflib: set the get counter routine prior to attaching the interfacesrc: ifnet: defer detaching address family dependent datasrc: ixgbe: fix incomplete speed coverage in link status loggingsrc: ixl: fix queue MSI and legacy IRQ rearmingsrc: openssl: fix multiple vulnerabilitiessrc: re: add PNP info for modulesrc: re: make sure re_rxeof() is called in net epoch contextsrc: vfs: fix copy_file_range() failing to set output parametersports: curl 8.16.0ports: expat 2.7.3ports: nss 3.117ports: openssl 3.0.18ports: pcre2 10.46ports: phpseclib 3.0.47
system: add the pfsync "defer" option to high availabilitysystem: return both interfaces in a single call for get_nameservers()system: safeguard legacy local_sync_accounts() against malformed user entriesfirewall: support IPinfo format for GeoIPfirewall: adapt default table size calculationfirewall: fix flags not showing on GeoIP selectioncaptive portal: case insensitive MAC parsingcaptive portal: remove stale dir-listing.activate from web serverdnsmasq: refine the selection of automatic DHCP rules for eligible interfacesfirmware: switch business mirror layoutipsec: dots are not allowed in pool nameskea-dhcp: expose lease expiration settings to the GUI (contributed by Konstantinos Spartalis)kea-dhcp: support DHCP option 121 (classless static routes)mvc: protect JSON response against UFT-8 encoding failuresmvc: HTML-decode select element valuesplugins: os-etpro-telemetry 1.8 now shows more status responses in widgetplugins: os-shadowsocks 1.3src: bnxt: fix the request length in bnxt_hwrm_func_backing_store_cfg()src: iflib: set the get counter routine prior to attaching the interfacesrc: ifnet: defer detaching address family dependent datasrc: ixgbe: fix incomplete speed coverage in link status loggingsrc: ixl: fix queue MSI and legacy IRQ rearmingsrc: openssl: fix multiple vulnerabilitiessrc: re: add PNP info for modulesrc: re: make sure re_rxeof() is called in net epoch contextsrc: vfs: fix copy_file_range() failing to set output parametersports: curl 8.16.0ports: expat 2.7.3ports: nss 3.117ports: openssl 3.0.18ports: pcre2 10.46ports: phpseclib 3.0.47
Source:
Tweakers.net