[prev in list] [next in list] [prev in thread] [next in thread]
List: pfsense-announce
Subject: [Announce] pfSense release 2.1.2 is now available.
From: Jim Thompson <jim () netgate ! com>
Date: 2014-04-10 19:24:11
Message-ID: 6C3E5EE9-6DE4-408F-A295-550574A59680 () netgate ! com
[Download RAW message or body]
https://blog.pfsense.org/?p=1253
pfSense release 2.1.2 is now available. pfSense release 2.1.2 follows less than a \
week after pfSense release 2.1.1, and is primarily a security release.
The Heartbleed OpenSSL bug and another OpenSSL bug which enables a side-channel \
attack are both covered by the following security announcements: • \
pfSense-SA-14_04.openssl • FreeBSD-SA-14:06.openssl
• CVE-2014-0160 (Heartbleed)
• CVE-2014-0076 (ECDSA Flaw)
Packages also have their own independent fixes and need updating. During the firmware \
update process the packages will be properly reinstalled. If this fails for any \
reason, uninstall and then reinstall packages to ensure that the latest version of \
the binaries is in use.
Other Fixes
• On packages that use row_helper, when user clicks on an add or delete button, the \
page scrolls to top. #3569 • Correct a typo on function name in Captive Portal \
bandwidth allocation. • Make extra sure that we do not start multiple instances of \
dhcpleases if, for example, the PID is stale or invalid, and there is still a running \
instance. • Fix for CRL editing. Use an alphanumeric test rather than purely \
is_numericint because the ID is generated by uniqid and is not purely numeric. #3591
You will want to perform a full security audit of your pfSense installations, \
renewing any passwords, generating or fitting new certificates, placing the old \
certificates on a CRL, etc. _______________________________________________
Announce mailing list
Announce@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/announce
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic