Blog

OPNsense 19.1.4 released

mrt 13, 2019

Howdy, An UEFI boot panic scenario was debugged last week with the help of the community. This update includes a fix that will allow the ones affected by this 19.1 issue to upgrade or install (and boot of course) correctly. We are also including the IPsec VTI support and the latest Suricata 4.1.3 with stability […]

Read more

OPNsense 19.1.3 released

mrt 08, 2019

Hi all, This is a smaller stable update consisting of LDAPS authentication server improvements, Unbound host overrides alias support, OpenSSL 1.0.2r security update and the recent PAM rework for better privilege separation. We are currently focusing on IPsec VTI, third-party service PAM integration and investigating kernel boot crashes. In the latter case we are aware […]

Read more

OPNsense 19.1.2 released

feb 28, 2019

Good evening, This update is the sum of a few weeks of intense testing and debugging in areas such as WAN DHCP with very short lease times, Suricata IPS not working as expected, stacked 6RD setups that have overly long device names amongst others. The update may be a bit bumpy this time since the […]

Read more

OPNsense 19.1.1 released

feb 05, 2019

Hello, This is a security and reliability release: WAN DHCP will no longer trust the server MTU given. Uncoordinated cross site scripting issues have been fixed.  And the Python request library was patched due to CVE 2018-18074. Here are the full patch notes: o system: address XSS-prone escaping issues[1] o firewall: add port range validation […]

Read more

OPNsense 19.1 released

jan 31, 2019

Hi there, For more than four years now, OPNsense is driving innovation through modularising and hardening the open source firewall, with simple and reliable firmware upgrades, multi-language support, HardenedBSD security, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing. The 19.1 release, nicknamed “Inspiring Iguana”, consists of a total of 620 individual changes […]

Read more

OPNsense 19.1-RC1 released

jan 21, 2019

Hi there, For almost four years now, OPNsense is driving innovation through modularising and hardening the open source firewall, with simple and reliable firmware upgrades, multi-language support, HardenedBSD security, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing. We thank all of you for helping test, shape and contribute […]

Read more

OPNsense 18.7.10 released

jan 07, 2019

Happy new year everyone, 2019 means 19.1 is almost here. In the meantime accept this small incremental update with goodies such as Suricata 4.1, custom passwords for P12 certificate export as well as fresh fixes in the FreeBSD base. A lot of cleanups went into this update to make sure there will be a smooth […]

Read more

OPNsense 18.7.9 released

dec 13, 2018

Hello world! To keep it snappy: enclosed are assorted updates and fixes, a new dnscrypt-proxy plugin as well as security updates from FreeBSD and third parties. Happy patchday! Here are the full patch notes: o system: allow setting alternative names on CSR o system: add link-local routes with correct scope o system: fix LDAP import […]

Read more

OPNsense 18.7.8 released

nov 23, 2018

Hi everyone, This stable update finally brings you the promised LDAP+TOTP authentication, but also renewed language translations and several third party software updates for software such as OpenSSL, OpenSSH and Sudo.  A reboot is not required, but recommended. Here are the full patch notes: o system: show the actual validation messages for NextCloud backup constraints […]

Read more

OPNsense 18.7.7 released

nov 08, 2018

Dear all, Today we are addressing CVE-2018-18958 regarding an unenforced “deny config write” privilege.  The issue was reported by brainrecursion this Monday and subsequently fixed along with several related issues.  The “deny config write” privilege coupled with admin or user and group manager rights are affected combinations.  It is an uncommon way to configureaccess as […]

Read more