Es gibt ein neues Update für die Open Source Firewall OPNsense auf V22.1.4. Es wurde u.a. eine Schwachstelle in LibreSSL unter FreeBSD gefixt.
Changelog
- system: prefer configured IP address family use earlier on boot
- system: allow boot tperform generic UFS/ZFS grow using the /.probe.for.growfs marker file
- system: import ZFS pools before mounting ZFS datasets
- reporting: use asynchronous DNS resolver for reverse lookups on traffic page
- interfaces: loopback “lo0” exists for VIPs
- interfaces: only strip addresses on configured IP types
- interfaces: use new ifctl utility for DHCPv6 IP type and add manual page
- interfaces: adjust MTU configuration when parent alsrequires MTU changes
- interfaces: VLAN MVC conversion with API and QinQ support
- interfaces: cleanup surrounding LAGG function use
- firewall: constrain default CARP allow rules tthose defined in RFC 5798
- firewall: make sure that rule use of gateways (route-to) and reply-tare mutually exclusive
- firewall: tighten alias FQDN validation tavoid accepting mistypes such as “192.168.01.1”
- firmware: revoke the 21.7 fingerprint
- intrusion detection: improve row count on alerts page
- backend: consolidate configctl utility intone location and add manual page
- plugins: os-ddclient 1.4[1]
- plugins: os-theme-cicada 1.29
- plugins: os-theme-vicuna 1.41
- src: openssl: fix a bug in BN_mod_sqrt() that can cause it tloop forever[2]
- src: zfs: fix handling of errors from dmu_write_uio_dbuf()[3]
- src: debugnet: remove spurious message on boot
- ports: ca_root_nss fix for faulty upstream file linking
- ports: libressl 3.3.6[4]
- ports: openssl 1.1.1n[5]
- ports: openvpn 2.5.6[6]