OPNsense 16.1.9 released
Hi guys,
>>This blog post should have been posted last week but wasn’t. Sorry for that. Appropriate measures have been taken 🙂
We expect all of you are doing well? It has been a longer while since the last update so 16.1.9 has got a bit of everything to keep the spirits high. 🙂
There is tremendous progress in the translations. It just so happens that we now have a comprehensive Russian translation as well which is going to be completed in the upcoming weeks. Many thanks to Smart-Soft Ltd. for making this happen. The contender is Japanese through the work of Chie Taguchi, who did most of the translation that we have had for a year. It is going to be a close race to the finish line for both languages. Then again, the whole translation team is doing an amazing job.
As polarising as it may be, we have added HTTPS support in the proxy server. Another noteworthy item is StrongSwan 5.4.0, which helps to address IPSec status page hangs that some have observed with complex setups. We are looking for feedback for these items, please do write in.
Here are the full patch notes:
- src: tzdata updated to 2016c[1]
- src: prevent kernel panic on ipfw/dummynet module unload
- src: let ng_ether_attach() only attach to supported types to avoid kernel panics
- ports: curl 7.48.0[2], strongswan 5.4.0[3], pcre 8.38 (patched CVE-2016-1283)[4], php 5.6.20[5]
- languages: added Russian to the release, now 60% complete (contributed by Smart-Soft Ltd.)
- languages: updated Japanese, now 70% complete (contributed by Chie Taguchi)
- languages: updated German, now 81% complete
- languages: updated French, now 50% complete
- firewall: allow editing of up to 5000 aliases
- firewall: remove link to associated filter rule edit as edit is not allowed
- firewall: add port range check to aliases edit
- firewall: when alias URL SSL verification is off, do not verify the hostname either
- firewall: condense alias pages into a single view
- firewall: remember scrolling position to return to the previous position after edit
- firewall: alias import now supports type selection (network and host types)
- firmware: added German-based mirror (contributed by Alexander Lauster)
- system: load modules before setting tunables to support settings for modules
- system: fix boot issue that prevented SSH from starting up in some instances
- interface: do not show wireless parents on the assignment page as it cannot be assigned
- ipsec: individual collapse/expand for status page
- dhcp: allow backwards-compatibility with imported configs
- captive portal: fix missing busyTimeout on voucher database access
- openvpn: remember scrolling position to return to the previous position after edit
- proxy: HTTPS support added
- proxy: added ability to change the hostname and admin email (contributed by Frederic Lietart)
- proxy: avoid race condition on cache dir creation (contributed by Frederic Lietart)
- development: allow hiding of menu entries using the Visibility=”delete” attribute
-
Stay safe,
Your OPNsense team
—
[1] http://mm.icann.org/pipermail/tz-announce/2016-March/000037.html
[2] https://curl.haxx.se/changes.html
[3] https://wiki.strongswan.org/projects/strongswan/wiki/Changelog54
[4] https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1283
[5] http://php.net/ChangeLog-5.php#5.6.20