diff --git a/source/CE_releases.rst b/source/CE_releases.rst index 260f1e7d..c457ea9c 100644 --- a/source/CE_releases.rst +++ b/source/CE_releases.rst @@ -8,7 +8,7 @@ Community Edition :width: 600px :align: center -As of January 2015 there have been *251* releases leading to the latest version *23.1.6* +As of January 2015 there have been *252* releases leading to the latest version *23.1.7* named "Quintessential Quail". diff --git a/source/releases/CE_23.1.rst b/source/releases/CE_23.1.rst index 6754b4c8..567b6f3a 100644 --- a/source/releases/CE_23.1.rst +++ b/source/releases/CE_23.1.rst @@ -29,6 +29,65 @@ can be found below as well. * Full mirror list: https://opnsense.org/download/ +-------------------------------------------------------------------------- +23.1.7 (May 04, 2023) +-------------------------------------------------------------------------- + + +Today we switch to OpenVPN 2.6 including deferred authentication which we +know some people have been waiting for. The routing subsystem received a +refactor to integrate default gateway switching into the actual routing +code. + +Suricata was finally updated to a newer release since the Netmap (IPS) stall +bug inside their code had been found and fixed while we were still using an +older code base that did not have the error. + +Please also note that OpenVPN does no longer support the XOR feature due to +FreeBSD ports blocking these types of out-of-project contributions and OpenVPN +itself was never interested in supporting it natively. We have been keeping +this alive since 2015, but several alternatives exist now that were not +available back then. + +Here are the full patch notes: + +* system: restructure routing to carry out default gateway switching and address family specific reconfig +* system: prevent PHP session garbage collection from running early (contributed by lin-xianming) +* system: finish simplifying plugins_run() +* firewall: add missing scrub rules in dependency check for alias use +* firewall: usability improvements and cleanups in scheduler pages (contributed by kuya1284) +* interfaces: ensure single PPP netgraph node has the proper name +* interfaces: reject invalid self-assignments in VLAN parent +* interfaces: migrate trace route page to MVC/API +* interfaces: migrate port probe page to MVC/API +* interfaces: remove indirection in PPP ports handling +* interfaces: exclude a few cases from PPPoEv6 negotiation +* reporting: fix incorrect interface index in NetFlow init (contributed by Nicolas Thumann) +* dhcp: restart radvd on config changes, otherwise keep SIGHUP +* dhcp: when cleaning up static leases do not remove entries where only a MAC address is set +* firmware: update size requirements for major upgrades from command line +* firmware: embed build metadata into package annotations for use in runtime remote queries +* firmware: fix execution of version queries when not possible +* firmware: revoke 22.7 fingerprint +* openvpn: fix two widget display issues +* openvpn: use CARP INIT state the same way as BACKUP state for client start/stop +* openvpn: enable deferred authentication (sponsored by m.a.x. it) +* unbound: minor improvements to handle "Dot" endpoints ambiguity +* web proxy: allow more signs for username and password (contributed by Bi0T1N) +* mvc: change Phalcon logging to omit type and date +* mvc: add strict option to NetworkField +* ui: prevent crashing out when endpoint does not return data for SimpleActionButton +* plugins: os-ddclient 1.13 `[1] `__ +* plugins: os-stunnel fix for missing OpenSSL CRL functions +* plugins: os-smart fix for highlighting result (contributed by Justin Horton) +* ports: libxml 2.10.4 `[2] `__ +* ports: openvpn 2.6.3 `[3] `__ +* ports: sqlite 3.41.2 `[4] `__ +* ports: suricata 6.0.11 `[5] `__ +* ports: syslog-ng 4.1.1 `[6] `__ + + + -------------------------------------------------------------------------- 23.1.6 (April 20, 2023) --------------------------------------------------------------------------