Dear friends and followers, For 3 and a half years now, OPNsense is driving innovation through modularising and hardening the open source firewall, with simple and reliable firmware upgrades, multi-language support, HardenedBSD security, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing. Another 6 months passed by ever so […]
Read moreHi there, This update ships a few minor bug fixes and several feature tweaks that were either wished for or contributed by the community. That is why we wholeheartedly love our community. <3 Here is the full list of changes: o system: improve local account expire cron job to also flush passwords and SSH keys […]
Read moreHi there, A small update ships several improvements and preparations for the upcoming version 18.7. We are also shipping a patch for the lazy FPU state restore information disclosure. Here are the full patch notes: o system: enforce full password policy check for local passwords including TOTP o system: add RFC 7919 DH parameter files […]
Read moreGood morning,This update ships with the optional gateway monitoring tool dpinger and anew config backup option onto Nextcloud. SSL crypto libraries have beenupdated to address CVE-2018-0732 along with other updates to assorted thirdparty software.Here are the full patch notes:o system: provide default for user languageo system: do not allow spaces in group nameso system: dpinger […]
Read moreGood day to all,This update is going forward with a larger batch of firmware updateimprovements that are important for 18.7 and beyond, addressing theformer lack of error handling, check for update speed and API checkcapabilities for major upgrades.Intrusion detection syslog behaviour changes slightly after a numberof good discussions, meaning that now syslog is always on, […]
Read moreHi there,This update to 18.1.8 contains several improvements, kernel adjustments and third party software updates.Highlights include boot support on an otherwise installed ZFS. The default route handling was improved to minimise issues with unstable links. A NUT plugin is now available as well as a second optional theme.Here are the full patch notes:o system: improve […]
Read moreHello, hello, hello!It has been a while and judging by the extensive list of changes below one can easily see why. The impact footprint of this update, however, is relatively small. With this update we are also moving into the 18.7-BETA phase where avid users are invited to flip their release version from production to […]
Read moreDear friends and followers, For more than 3 years now, OPNsense is driving innovation through modularising and hardening the code base, quick and reliable firmware upgrades, multi-language support, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing. We are happy to announce the immediate availability of the renewed OPNsense […]
Read moreHowdy partners, With Meltdown and Spectre just behind us here comes another round of security advisories and assorted changes. Three mentionable changes are included: We are switching back to single-source NAT on the primary IP instead of using all additional VIPs on the interface. The hardware-assisted VLAN capability check was removed from the system enabling e.g. XEN users to […]
Read moreDear all, Today ships Meltdown and Spectre V2 mitigation for amd64, the latter only effective with the corresponding microcode update. However, the combating of speculative execution security issues remains an ongoing quest for the unforeseeable future. To avoid surprises HardenedBSD has enabled Meltdown mitigation (PTI) by default even for AMD CPUs who have not yet […]
Read more