pfSense 2.4.3 發佈,包含重要的安全修復補丁

  pfSense 2.4.3 已發佈,本次更新包含重要的安全修復和 bug 修復,還引入了一些新特性,具體以下。php

  值得關注的更新node

  包含一些重要的安全修復補丁:安全

  Kernel PTI mitigations for Meltdown (optional tunable) FreeBSD-SA-18:03.speculative_execution.asc網絡

  IBRS mitigation for Spectre V2 (requires updated CPU microcode) FreeBSD-SA-18:03.speculative_execution.ascide

  Fixes for FreeBSD-SA-18:01.ipsecui

  Fixed three potential XSS vectors, and two potential CSRF issuescode

  CSRF protection for all dashboard widgetsorm

  Updated several base system packages to address CVEsserver

  除了安全修復,pfSense 還包含重要的 bug 修復,如修復 pfSense PHP 模塊的內存泄露問題,具體以下:three

  Fixed hangs due to Limiters and pfsync in High Availability configurations

  Imported anetstatfix to improve performance and reduce CPU usage, especially on the Dashboard and ARM platforms

  Fixed a memory leak in the pfSense PHP module

  Fixed DHCPv6 lease display for entries that were not parsed properly from the lease database

  Fixed issues on assign_interfaces.php with large numbers of interfaces

  Fixed multiple issues that could result in an invalid ruleset being generated

  Fixed multiple Captive Portal voucher synchronization issues with HA

  Fixed issues with XMLRPC user account synchronization causing GUI inaccessibility on secondary HA nodes

  … and many more!

  重要的新特性:

  Changed IPsec Phase 1 to allow selecting both IPv4 and IPv6 so the local side can allow inbound connections to either address family

  Changed IPsec Phase 1 to allow configuration of multiple IKE encryption algorithms, key lengths, hashes, and DH groups

  Changed SMTP notifications handling so they are batched, to avoid sending multiple e-mail messages in a short amount of time

  Added options to RFC 2136 Dynamic DNS for server key algorithm and to change the source address used to send updates

  Added VLAN priority tagging for DHCPv6 client requests

  Hardware support for the new XG-7100 including C3000 SoC support, C3000 NIC support, and Marvell 88E6190 switch support (Factory installations only)

  … and more!

  詳細更新內容請查看發佈說明。

  下載地址:https://www.pfsense.org/download/(編輯:雷林鵬 來源:網絡)

相關文章
相關標籤/搜索