Software update: pfSense 2.2.1
An update for version 2.2 of pfSense has been released. This package is based on the FreeBSD operating system and focuses on router and firewall tasks. It started in 2004 as a fork of m0n0wall due to differing views among the developers and over the years has grown into a router and firewall package that can be deployed in both small and very large environments. For more information, please refer to this page† The changelog for pfSense 2.2.1 looks like this:
Security Fixes
- pfSense-SA-15_02.igmp: Integer overflow in IGMP protocol (FreeBSD-SA-15:04.igmp†
- pfSense-SA-15_03.webgui: Multiple XSS Vulnerabilities in the pfSense WebGUI
- pfSense-SA-15_04.webgui: Arbitrary file deletion vulnerability in the pfSense WebGUI
- FreeBSD-EN-15:01.vt: vt(4) crash with improper ioctl parameters
- FreeBSD-EN-15:02.openssl: Update to include reliability fixes from OpenSSL
A note on the OpenSSL “FREAK” vulnerability:
- Does not affect the web server configuration on the firewall as it does not have export ciphers enabled.
- pfSense 2.2 already included OpenSSL 1.0.1k which addressed the client-side vulnerability.
- If packages include a web server or similar component, such as a proxy, an improper user configuration may be affected. Consult the package documentation or forum for details.
Bug Fixes
- General
- Rules / NAT
- IPsec
- OpenVPN
- DNS Resolver
- Logging
- Traffic Shaping
- IPv6
- VIP/CARP
- Misc Binary/OS Changes
| Version number | 2.2.1 |
| Release status | Final |
| Operating systems | BSD |
| Website | pfSense Digest |
| Download | |
| License type | Conditions (GNU/BSD/etc.) |