IPFire is een opensourcefirewall voor i586-, x86_64- en Arm-systemen. Het bevat onder andere een intrusion detection/prevention system, deelt het netwerk op in zones, doet stateful packet inspection en biedt vpn-mogelijkheden. Voor meer informatie verwijzen we naar deze pagina. De ontwikkelaars hebben versie 2.27 Core Update 181 uitgebracht, een stabiele uitgave voor productiesystemen. De bijbehorende aantekeningen zien er als volgt uit:
IPFire 2.27 - Core Update 181 releasedToday, we are releasing the latest update for IPFire as our special Black Friday gift for you. It comes with a large number of security updates in OpenSSL, Suricata, Apache & Samba as well as a number of kernel fixes.
Under The HoodThis update features yet another kernel update based on Linux 6.1.61. It brings various security & stability fixes as well as improving IOMMU handling on ARM. To improve security, we have followed Google and disabled io_uring for the time being as it seems to have a lot of security issues. We have also switched from eudev to the upstream udev which is now part of systemd as eudev is no longer maintained and was lagging behind upstream.
Security UpdatesMisc.
- OpenSSL 3.1.4: The OpenSSL project announced a security vulnerability (CVE-2023-5363)
- suricata 6.0.15: This update patches a potential denial-of-service vulnerability in the MIME decoder
- Apache 2.4.58 patches a number of security issues in the HTTP/2.0 engine (CVE-2023-45802, CVE-2023-43622 & CVE-2023-31122)
- Samba 4.19.2: Various security issues have been fixed which could be exploited to cause data loss and elevate privileges (CVE-2023-3961, CVE-2023-4091, CVE-2023-4154, CVE-2023-42669 & CVE-2023-42670)
- A long standing issue in OpenVPN has been fixed where the web UI offered to download a configuration package in an incorrect format when no password was configured (#11048)
- Other package updates: lynis 3.0.9, Postfix 3.8.2, sysvinit 3.08, Tor 0.4.8.7, Zabbix Agent 6.0.22
:fill(white):strip_exif()/i/2004006994.jpeg?f=thumbmedium)