From 5720b0e47aaad6586a7f289c7d2d5d95e9363a72 Mon Sep 17 00:00:00 2001 From: Ad Schellevis Date: Wed, 16 Aug 2023 13:56:12 +0200 Subject: [PATCH] release notes --- source/CE_releases.rst | 2 +- source/releases/CE_23.7.rst | 54 +++++++++++++++++++++++++++++++++++++ 2 files changed, 55 insertions(+), 1 deletion(-) diff --git a/source/CE_releases.rst b/source/CE_releases.rst index d056b6f..cc201d6 100644 --- a/source/CE_releases.rst +++ b/source/CE_releases.rst @@ -8,7 +8,7 @@ Community Edition :width: 600px :align: center -As of January 2015 there have been *260* releases leading to the latest version *23.7* +As of January 2015 there have been *261* releases leading to the latest version *23.7.1* named "Restless Roadrunner". diff --git a/source/releases/CE_23.7.rst b/source/releases/CE_23.7.rst index ef6ff43..7a6eaab 100644 --- a/source/releases/CE_23.7.rst +++ b/source/releases/CE_23.7.rst @@ -26,6 +26,60 @@ can be found below as well. * Full mirror list: https://opnsense.org/download/ +-------------------------------------------------------------------------- +23.7.1 (August 08, 2023) +-------------------------------------------------------------------------- + + +23.7 looks pretty good so far but no reason not to make it better. +The MVC changes for DHCP, firewall groups, OpenVPN and Unbound receive +several required fixes and the latest FreeBSD security advisories were +added as well. + +Here are the full patch notes: + +* system: close boot file after probing to avoid lock inheritance +* system: fix lock() inheriting the lock state +* system: give more context in process kill error case since we operate PID numbers only +* firewall: groups were not correctly parsed for menu post-migration +* firewall: hide row command buttons for internal groups +* firewall: add "ipv6-icmp" to protocol list in shaper +* firewall: fix PHP warnings on the rules pages +* dhcp: check if manufacturer exists for IPv4 lease page to prevent error +* dhcp: use base16 for iaid_duid decode for IPv6 lease page to prevent error +* dhcp: fix validation for static entry requirement +* firmware: revoke 23.1 fingerprint +* network time: support pool directive and maxclock (contributed by Kevin Fason) +* openvpn: fix static key delete +* openvpn: fix "mode" typo and push auth "digest" into export config +* openvpn: fix race condition when using CRLs in instances +* openvpn: remove arbitrary upper bounds on some integer values in instances +* unbound: migration of empty nodes failed from 23.1.11 to 23.7 +* unbound: fix regression when disabling first domain override +* mvc: fix empty item selection issue in BaseListField +* plugins: os-ddclient 1.14 `[1] `__ +* plugins: os-acme-client 3.19 `[2] `__ +* src: bhyve: fully reset the fwctl state machine if the guest requests a reset `[3] `__ +* src: frag6: avoid a possible integer overflow in fragment handling `[4] `__ +* src: amdtemp: Fix missing 49 degree offset on current EPYC CPUs +* src: libpfctl: ensure the initial allocation is large enough +* src: pf: handle multiple IPv6 fragment headers +* ports: curl 8.2.1 `[5] `__ +* ports: nss 3.92 `[6] `__ +* ports: openssl 1.1.1v `[7] `__ +* ports: perl 5.34.1 `[8] `__ +* ports: py-dnspython 2.4.1 +* ports: strongswan 5.9.11 `[9] `__ +* ports: syslog-ng 4.3.1 `[10] `__ + +A hotfix release was issued as 23.7.1_3: + +* firewall: do not clone "associated-rule-id" +* network time: fix "Soliciting pool server" regression (contributed by Allan Que) +* dhcp: fix IPv4 lease removal + + + -------------------------------------------------------------------------- 23.7 (July 31, 2023) --------------------------------------------------------------------------