Software Update: OPNsense 21.1.2

Spread the love

The package OPNsense is a firewall with extensive opportunities. It is based on the FreeBSD operating system and is originally a fork of m0n0wall and pfSense. The package can be set up completely via a web interface and has support for 2fa, openvpn, ipsec, carp and captive portal, among others. In addition, it can apply packet filtering and has a traffic shaper. The developers have released OPNsense 21.1.2 with the following announcement:

OPNsense 21.1.2 released

Please do enjoy this round of timely crypto library updates and other reliability fixes. Work has so far been focused on the firmware update process to ensure its safety around edge cases and recovery methods for the worst case. To that end 21.1.3 will likely receive the full revamp including API and GUI changes for a swift transition after thorough testing of the changes now available in the development package of this release.

Here are the full patch notes:

  • system: do not trim string fields in upstream XMLRPC library
  • system: fix export API keys reload issue on Safari
  • system: retain index after tunables sorting in 21.1.1
  • system: fix firewall log widget update on small fixed number of entries
  • system: replace traffic graphs in widget using chart.js
  • system: make StartTLS work when retrieving LDAP authentication containers (contributed by Christian Brueffer)
  • system: fix IPv6 route deletion on status page
  • interfaces: work around slow manufacturer lookups in py-netaddr 0.8.0
  • firewall: fix off-by-one error in alias utility listing
  • firewall: fix live log matching with ‘or’ and empty filter (contributed by kulikov-a)
  • reporting: prevent NetFlow crash when interface number is missing
  • firmware: opnsense-update -t ​​option executes after -p making it possible to run them at once
  • firmware: opnsense-update -t ​​option now also uses recovery code introduced recently for -p
  • firmware: opnsense-update -vR no longer emits “unknown” if no version was found
  • firmware: opnsense-verify -l option lists enabled package repositories
  • firmware: add crypto package to health check
  • firmware: fix two JS tracker bugs
  • firmware: assorted non-breaking changes for upcoming firmware revamp
  • intrusion detection: prevent flowbits:noalert from being dropped
  • intrusion detection: fix policies not matching categories
  • ipsec: phase2 local/remote network check does not apply on VTI interfaces
  • web proxy: fix ownership issue on template directory
  • rc: opnsense-beep utility wrapper including manual page
  • plugins: increase revision number for all plugins to force installation of metadata added in 21.1.1
  • plugins: os-acme-client 2.4
  • plugins: os-postfix 1.18
  • plugins: os-rspamd 1.11
  • plugins: os-theme-cicada 1.27 (contributed by Team Rebellion)
  • plugins: os-theme-tukan 1.24 (contributed by Team Rebellion)
  • plugins: os-theme-vicuna 1.3 (contributed by Team Rebellion)
  • ports: curl 7.75.0
  • ports: libressl 3.2.4
  • ports: openssl 1.1.1j
  • ports: php 7.3.27
  • ports: squid 4.14
  • ports: unbound 1.13.1

Version number 21.1.2
Release status Final
Operating systems Linux, BSD
Website OPNsense
Download https://opnsense.org/download/
License type Conditions (GNU/BSD/etc.)
You might also like