Archives
/
opensense-docs
mirror of https://github.com/opnsense/docs
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

changelogs: sync

Browse Source
pull/297/head
Ad Schellevis 4 years ago
parent 13458cf669
commit 8f8274a380
2 changed files with 148 additions and 1 deletions
Show Stats Download Patch File Download Diff File

2
source/releases.rst
Unescape Escape View File

@ -6,7 +6,7 @@ Releases
:width: 600px
:align: center
As of January 2015 there have been *187* releases leading to the latest version *20.7.2*
As of January 2015 there have been *190* releases leading to the latest version *20.7.5*
named "Legendary Lion".
The list below contains all releases, ordered by version number categorized by major version.

147
source/releases/20.7.rst
Unescape Escape View File

@ -26,6 +26,153 @@ can be found below as well.
* Full mirror list: https://opnsense.org/download/
--------------------------------------------------------------------------
20.7.5 (November 20, 2020)
--------------------------------------------------------------------------
We return briefly for a small patch set and plan to pin the 20.1 upgrade
path to this particular version to avoid unnecessary stepping stones. We
wish you all a healthy Friday. And of course: patch responsibly!
Here are the full patch notes:
* system: syslog-ng related fixes during package management based restart
* system: change dpinger syslog message to reflect correct RTT and RTTd unit (contributed by fhloston)
* web proxy: add toggle for pinger service (contributed by nowyouseeit)
* web proxy: add missing X-Forwarded-For header option
* mvc: new Base64Field type
* mvc: new VirtualIPField type
* plugins: os-acme-client 2.0 `[1] <https://github.com/opnsense/plugins/blob/master/security/acme-client/pkg-descr>`__
* plugins: os-bind 1.14 `[2] <https://github.com/opnsense/plugins/blob/master/dns/bind/pkg-descr>`__
* plugins: os-chrony 1.1 `[3] <https://github.com/opnsense/plugins/blob/master/net/chrony/pkg-descr>`__
* ports: monit 5.27.1 `[4] <https://mmonit.com/monit/changes/>`__
* ports: php 7.3.24 `[5] <https://www.php.net/ChangeLog-7.php#7.3.24>`__
* ports: pkg upstream fix for upgrade script hang `[6] <https://github.com/freebsd/pkg/pull/1893>`__
* ports: strongswan 5.9.0 `[7] <https://www.strongswan.org/blog/2020/07/29/strongswan-5.9.0-released.html>`__
--------------------------------------------------------------------------
20.7.4 (October 22, 2020)
--------------------------------------------------------------------------
This release finally wraps up the recent Netmap kernel changes and tests.
The Realtek vendor driver was updated as well as third party software cURL,
libxml2, OpenSSL, PHP, Suricata, Syslog-ng and Unbound just to name a couple
of them.
We would like to thank Sunny Valley Networks for their relentless efforts
to bring said Netmap fixes and improvements into FreeBSD.
If you are having trouble with a stuck update try the command sequence below
from the root shell or simply reboot from the GUI and rerun the update in
case it was not fully carried out yet.
.. code-block::
# pkill syslog-ng
# service syslog-ng restart
Here are the full patch notes:
* system: switch web GUI address selection to avoid server.bind in IPv6 first case
* system: fix defunct "use default" button on web GUI listen interfaces
* system: signal "auth user changed" when a user is modified via web GUI
* system: replace gateway widget and add proper API endpoint for it
* system: fix reading displayName attribute on LDAP search (contributed by ServiusHack)
* interfaces: change maximum MTU value to 65535 in accordance with RFC 791
* interfaces: update wireless device detection prefixes
* interfaces: lexical sort interface keys for assignments
* firewall: add support for network exclusions in network alias type
* firewall: add NAT information to pfInfo page (contributed by kulikov-a)
* firewall: associated NAT rules missed state keyword
* firewall: allow "or" conditions in live log
* firewall: use pfctl for alias IP check (contributed by kulikov-a)
* dnsmasq: regenerate resolv.conf on save
* dnsmasq: log queries option
* intrusion detection: ignore pkill exit status when performing update
* ipsec: add description to reconfigure action (contributed by Frank Wall)
* unbound: rebuild unbound blacklist download
* unbound: restructure reconfigure so that we always flush config
* backend: add new "config changed" event using syshook structure (sponsored by Modirum)
* mvc: add a few missing control widgets from log pages
* ui: upgrade moment.js to 2.27.0
* plugins: os-freeradius 1.9.8 `[1] <https://github.com/opnsense/plugins/blob/master/net/freeradius/pkg-descr>`__
* plugins: os-git-backup 1.0 `[2] <https://github.com/opnsense/plugins/issues/2049>`__ (sponsored by Modirum)
* plugins: os-haproxy 2.25 `[3] <https://curl.haxx.se/changes.html>`__
* plugins: os-stunnel 1.0.2 adds service protocol selector (contributed by fhloston)
* src: extended netmap update and driver fixes
* src: netmap tun and lagg support (contributed by Sunny Valley Networks)
* src: update Realtek re driver to upstream version 1.96.04 (contributed by Laurent Dinclaux)
* ports: curl 7.73.0 `[3] <https://curl.haxx.se/changes.html>`__
* ports: libxml2 fixes for CVE-2019-20388, CVE-2020-7595 and CVE-2020-24977
* ports: nss 3.58 `[4] <https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes>`__
* ports: openssl 1.1.1h `[5] <https://www.openssl.org/news/changelog.html#openssl-111>`__
* ports: php 7.3.23 `[6] <https://www.php.net/ChangeLog-7.php#7.3.23>`__
* ports: pkg 1.15.10
* ports: radvd patch for dynamic interface shifting index
* ports: sudo 1.9.3p1 `[7] <https://www.sudo.ws/stable.html#1.9.3p1>`__
* ports: suricata 5.0.4 `[8] <https://suricata-ids.org/2020/10/08/suricata-4-1-9-and-5-0-4-released/>`__
* ports: syslog-ng 3.29.1 `[9] <https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-3.29.1>`__
* ports: unbound 1.12.0 `[10] <https://nlnetlabs.nl/projects/unbound/download/>`__
--------------------------------------------------------------------------
20.7.3 (September 24, 2020)
--------------------------------------------------------------------------
Today is the day for a number of FreeBSD security advisories and a few
reliability fixes.
We are still testing a batch of Netmap improvement patches with a separate
kernel. This and the Realtek vendor driver update will likely follow in
the next kernel update. All feedback is welcome.
Here are the full patch notes:
* system: use different shell gateway name to appease wizard
* system: simplify CARP hook
* interfaces: phase out netaddr.eui.ieee.OUI_REGISTRY_PATH usage
* firewall: add MAC type to top right filter selection
* firewall: fix two scrub rule parsing bugs
* firewall: omit group type interfaces in filter selection
* intrusion detection: re-create rule cache after rule deployment
* unbound: add "unbound-plus" section to XMLRPC sync
* dhcp: adding DDNS values of each additional pool to the $ddns_zones array (contributed by Mathieu St-Pierre)
* dhcp: add static interface mode to router advertisements
* rc: fix ssh key permissions on MSDOS import
* rc: support service identifier in pluginctl -s mode
* plugins: os-bind download link changes (contributed by gap579137)
* plugins: os-chrony 1.0 (contributed by Michael Muenz)
* plugins: os-dnscrypt-proxy blocklist script fixes (contributed by Mark Keisler)
* plugins: os-frr 1.17 `[1] <https://github.com/opnsense/plugins/blob/master/net/frr/pkg-descr>`__
* plugins: os-postfix 1.17 `[2] <https://github.com/opnsense/plugins/blob/master/mail/postfix/pkg-descr>`__
* plugins: os-rspamd 1.10 `[3] <https://github.com/opnsense/plugins/blob/master/mail/rspamd/pkg-descr>`__
* plugins: os-theme-cicada 1.25 (contributed by Team Rebellion)
* plugins: os-theme-tukan 1.23 (contributed by Team Rebellion)
* plugins: os-theme-vicuna 1.1 (contributed by Team Rebellion)
* plugins: os-wireguard 1.3 `[4] <https://github.com/opnsense/plugins/blob/master/net/wireguard/pkg-descr>`__
* plugins: os-zabbix-agent 1.8 `[5] <https://github.com/opnsense/plugins/blob/master/net-mgmt/zabbix-agent/pkg-descr>`__
* src: fix FreeBSD Linux ABI kernel panic `[6] <https://www.freebsd.org/security/advisories/FreeBSD-EN-20:17.linuxthread.asc>`__
* src: fix SCTP socket use-after-free `[7] <https://www.freebsd.org/security/advisories/FreeBSD-SA-20:25.sctp.asc>`__
* src: fix dhclient heap overflow `[8] <https://www.freebsd.org/security/advisories/FreeBSD-SA-20:26.dhclient.asc>`__
* src: fix ure device driver susceptible to packet-in-packet attack `[9] <https://www.freebsd.org/security/advisories/FreeBSD-SA-20:27.ure.asc>`__
* src: fix bhyve privilege escalation via VMCS access `[10] <https://www.freebsd.org/security/advisories/FreeBSD-SA-20:28.bhyve_vmcs.asc>`__
* src: fix bhyve SVM guest escape `[11] <https://www.freebsd.org/security/advisories/FreeBSD-SA-20:29.bhyve_svm.asc>`__
* src: fix ftpd privilege escalation via ftpchroot `[12] <https://www.freebsd.org/security/advisories/FreeBSD-SA-20:30.ftpd.asc>`__
* src: set PAX_HARDENING_NOSHLIBRANDOM in the RTLD by default
* src: fix kernel panic while trying to read multicast stream
* ports: mpd 5.9 `[13] <http://mpd.sourceforge.net/doc5/mpd4.html#4>`__
* ports: nss 3.57 `[14] <https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.57_release_notes>`__
* ports: php 7.3.22 `[15] <https://www.php.net/ChangeLog-7.php#7.3.22>`__
* ports: pkg 1.15.6 `[16] <https://github.com/freebsd/freebsd-ports/commit/fd4f5566aea>`__
--------------------------------------------------------------------------
20.7.2 (September 02, 2020)
--------------------------------------------------------------------------

Write Preview
Loading…
Cancel
Save