pfSense® CE 2.1.5 note di rilascio
La versione 2.1.5 di pfSense® CE è una versione 2.1.4 .
Che racchiude aggiornamenti di sicurezza.
Aggiornamenti di sicurezza
- pfSense-SA-14_14.openssl
- See http://www.openssl.org/news/secadv_20140806.txt
- Updated to OpenSSL 0.9.8zb and 1.0.1i
- pfSense-SA-14_15.webgui
- pfSense-SA-14_16.webgui
- pfSense-SA-14_17.webgui
Altre correzioni
- Handle a missing DHCPD config section properly during a configuration upgrade
- Fix a regression that broke CARP+IP alias VIP functionality
- Fix the Pass, Block, Reject and Interface filters in the Firewall Logs Widget #3725
- Use HTTPS for dyndns providers that support it
- Avoid resetting the firewall hostname from a WAN DHCP server #3746
- Add missing qlimit keyword in some shaper rules
- Change Cancel button to call history.back() when editing firewall aliases to fix issues with IE 11 #3728
- Allow hostnames in bulk import since they are valid entries in a network type alias
- Fix input validation logic on diag_testport.php, escape more shell arguments for good measure
- Escape the individual dnsmasq advanced/custom options
- Encode the detail field of an alias entry before displaying its contents back to the user
- Encode interface/VIP descriptions before displaying them on the NTP daemon settings, and GIF/GRE interfaces
- Per the dhcpd.conf man page and other documentation from ISC, mclt must not be defined on the secondary
- Shorten the wait at “reload” in startup wizard to 5 seconds from 60
- Do not execute DNS lookups on GET, only pre-fill Host box so the user can press the button to execute
- Turn alias creation links from DNS lookups into submit buttons for POST
- Remove javascript alert DNS resolution action from the firewall log view. It was already removed from 2.2, and it’s better not to allow a GET action to perform that action
- Require click-through POST confirmation when restoring or deleting a configuation from the backup history page
- Avoid a “Cannot use string offset as an array” error if the packages section of the config is missing
- Avoid generating an invalid IPsec (racoon) config if the user specified a mobile pool that is too small
- IPsec phase 2 pinghost was not used if the source IP was a virtual IP address #3798
- Move dhcp6c log to dhcpd.log #3799
- Do not reset source and destination port range values when it’s an associated rule created by NAT port forward. #3778
- Added filter.so to list of extensions loaded for filter_var() support.
- The pfSense® CE PHP module was setting the subnet mask of lo0 to /0, which could break some routes and cause other unintended routing side effects.
Questo documento è stato preso dal sito pfSense® CE e l’originale si trova
a questo indirizzo.