Hi folks,

the new config system had a number of issues, but thanks to your help we’ve ironed them out in the two days following the release. The trend continues with this small stable update fixing the last batch of visible issues while also pulling in PHP 5.6.7, which isn’t currently available in FreeBSD ports.

Here is the full change log:

  • ports: PHP was updated to 5.6.7 addressing CVE-2015-0231, CVE-2015-2305, etc.
  • captive portal: service now restarts correctly when triggered from the GUI
  • ipsec: multiple config system replacement regression fixes
  • dhcp: fixed the flushing of v6 settings while applying them
  • user manager: fixed a bug that would remove groups
  • firewall rules: prevent delete rule from deleting all rules
  • core: ignore empty tags in configs generated by frontend code

The update is available for both of the crypto flavours OpenSSL and LibreSSL through the System/Firmware section of the GUI. If you are upgrading from pre- don’t forget to run “opnsense-update && reboot” on a root shell to bring in the latest base fixes afterwards as well. Installations of and higher can use the console firmware upgrade option 12 to run an adaptive update cycle (depending on how much needs to be updated the system may reboot).

As always, please back up your config and let us know if you run into any trouble. 🙂


Stay safe,
Your OPNsense team