Software-update: IPFire 2.27 - Core Update 182

IPFire is een opensourcefirewall voor i586-, x86_64- en Arm-systemen. Het bevat onder andere een intrusion detection/prevention system, deelt het netwerk op in zones, doet stateful packet inspection en biedt vpn-mogelijkheden. Voor meer informatie verwijzen we naar deze pagina. De ontwikkelaars hebben versie 2.27 Core Update 182 uitgebracht, een stabiele uitgave voor productiesystemen. De bijbehorende aantekeningen zien er als volgt uit:

IPFire 2.27 - Core Update 182 released

The first update of the year 2024 is out: IPFire 2.27 - Core Update 182. Slightly behind schedule, as it has been a tough couple of weeks, but filled with even more good things! If you have not supported us yet, please consider making a donation today. Your support plays a pivotal role in collecting funds to make IPFire even more successful in 2024.

New Default Policy: Blocking Email Spammers

This release introduces a change in the default firewall policy for new installations: Blocking outgoing SMTP traffic from internal networks by default. We have recently seen that some installations have infected systems that send out large amounts of spam, resulting in unhappy consequences like having your firewall appear on blocklists and trouble logging into online banking.

We believe that this change that blocks any outgoing connections on port 25 (TCP) will stop this problem, as that port is only used for mailserver-to-mailserver communication. Client system will use Submission on port 578 or 465 instead and therefore this change should not cause any problems for almost all users, but block spam on the Internet. Existing installations won't see any changes.

Misc.

• GRUB, the boot loader is being updated in this release to version 2.12-rc1.
• Updated packages: dhcpcd 10.0.4, elfutils 0.190, gawk 5.3.0, harfbuzz 8.2.2, hwdata PCI 2023.09.22/USB 2023.11.0.8, IANA 20231026,iproute2 6.6.0, libsodium 1.0.19, jq 1.7, linux-firmware 20231114, Lua 5.4.6, man 2.12.0, mcelog 196, mdns-repeater 1.11, meson 1.2.3, OpenSSH 9.5p1, QPDF 11.6.1, SDL2 2.18.5, shadow 4.14.2, SQLite 3.44.1, Squid 6.6, strongSwan 5.9.12, sudo 1.9.15p2, texinfo 7.1, unbound 1.19.0, usbutils 017, xfsprogs 6.5.0, XZ 5.4.5
• The CA certificate bundle has been updated

Add-ons

• Tor: A deprecated configuration directive that used to log a warning message has been updated.
• Updated packages: ALSA 1.2.10, clamav 1.2.1, dbus 1.14.10, Git 2.42.1, Ghostscript 10.02.1, minicom 2.9, minidlna 1.3.3, mpd 0.23.14, nut 2.8.1, P11-Kit 0.25.2, Postfix 3.8.3, QEMU + Guest Agent 8.1.2, spectre-meltdown-checker 0.46, strace 6.6, Tor 0.4.8.9