Blog

OPNsense 19.1.8 released

mei 21, 2019

Good day to you all, This update addresses several privilege escalation issues in the access control implementation and new memory disclosure issues in Intel CPUs. We would like to thank Arnaud Cordier and Bill Marquette for the top-notch reports and coordination. Here are the full patch notes: o system: address CVE-2019-11816 privilege escalation bugs[1] (reported […]

Read more

OPNsense 19.1.7 released

mei 07, 2019

Hello, hello! This update features a number of improvements such as link-local support for bridges, HA sync consolidation, adding local CAs to the trusted SSL certificates for most of the system download capabilities, plugin-based PAM authentication rework for IPsec and the web proxy as well as third party fixes for hostapd / wpa_supplicant 2.8 and […]

Read more

OPNsense 19.1.6 released

apr 11, 2019

Hi there, This update brings a smaller number of fixes and improvements as well as the latest PHP version update. With a heavy heart we disable E_WARNING messages in the PHP error reporting. It was been implemented in 2015 to improve code quality and it did just that, but with the latest PHP 7.2 jump […]

Read more

OPNsense 19.1.5 released

apr 08, 2019

Hi all, After a longer pause we are back with considerable upgrades for IPsec, a new CSR feature for local CAs, PHP 7.2 migration and a number of other considerable third party updates. These are the full patch notes: o system: improve gateway status return when monitoring is off o system: warn user about future […]

Read more

OPNsense 19.1.4 released

mrt 13, 2019

Howdy, An UEFI boot panic scenario was debugged last week with the help of the community. This update includes a fix that will allow the ones affected by this 19.1 issue to upgrade or install (and boot of course) correctly. We are also including the IPsec VTI support and the latest Suricata 4.1.3 with stability […]

Read more

OPNsense 19.1.3 released

mrt 08, 2019

Hi all, This is a smaller stable update consisting of LDAPS authentication server improvements, Unbound host overrides alias support, OpenSSL 1.0.2r security update and the recent PAM rework for better privilege separation. We are currently focusing on IPsec VTI, third-party service PAM integration and investigating kernel boot crashes. In the latter case we are aware […]

Read more

OPNsense 19.1.2 released

feb 28, 2019

Good evening, This update is the sum of a few weeks of intense testing and debugging in areas such as WAN DHCP with very short lease times, Suricata IPS not working as expected, stacked 6RD setups that have overly long device names amongst others. The update may be a bit bumpy this time since the […]

Read more

OPNsense 19.1.1 released

feb 05, 2019

Hello, This is a security and reliability release: WAN DHCP will no longer trust the server MTU given. Uncoordinated cross site scripting issues have been fixed.  And the Python request library was patched due to CVE 2018-18074. Here are the full patch notes: o system: address XSS-prone escaping issues[1] o firewall: add port range validation […]

Read more

OPNsense 19.1 released

jan 31, 2019

Hi there, For more than four years now, OPNsense is driving innovation through modularising and hardening the open source firewall, with simple and reliable firmware upgrades, multi-language support, HardenedBSD security, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing. The 19.1 release, nicknamed “Inspiring Iguana”, consists of a total of 620 individual changes […]

Read more

OPNsense 19.1-RC1 released

jan 21, 2019

Hi there, For almost four years now, OPNsense is driving innovation through modularising and hardening the open source firewall, with simple and reliable firmware upgrades, multi-language support, HardenedBSD security, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing. We thank all of you for helping test, shape and contribute […]

Read more