Downloads

Software update: pfSense 2.4.3-p1/ 2.3.5-p2

By admin
Spread the love

The pfSense project started in 2004 as a fork of m0n0wall due to differing views among the developers, and over the years has evolved into a router and firewall package that can be deployed in both small and very large environments. For more information, please refer to this page. The development team has released pfSense 2.4.3-p1 and 2.3.5-p2 with the following changes:

pfSense 2.4.3-RELEASE-p1 and 2.3.5-RELEASE-p2 now available

Highlights

This release includes several important security patches, including the issues discussed last week:

  • FreeBSD Security Advisory for CVE-2018-8897 FreeBSD-SA-18:06.debugreg
  • FreeBSD Errata Notice for CVE-2018-6920 and CVE-2018-6921 FreeBSD-EN-18:05.mem
  • Fixed a potential LFI in pkg_mgr_install.php #8485 pfSense-SA-18_04.webgui
  • Fixed a potential XSS in pkg_mgr_install.php #8486 pfSense-SA-18_05.webgui

Additionally, 2.3.5-p2 includes corrections for items already addressed in the 2.4.x release branch:

  • Fixed a potential XSS vector in RRD error output encoding #8269 pfSense-SA-18_01.packages
  • Fixed a potential XSS vector in diag_system_activity.php output encoding #8300 pfSense-SA-18_02.webgui
  • Changed sshd to use delayed compression #8245
  • Added encoding for firewall schedule range descriptions #8259

Aside from security updates, the new versions include a handful of beneficial bug fixes for various minor issues. For a complete list of changes, see the 2.4.3-p1 Release Notes and 2.3.5-p2 Release Notes.

Important Information

At this time, pfSense 2.3.x is a Security and Errata maintenance branch only. pfSense 2.4.x is the primary stable supported branch. If the firewall hardware is capable of running pfSense 2.4.x, consider upgrading to that release instead. If you have not yet upgraded to pfSense version 2.4.0 or later, read the information in the 2.4.0 Release Announcement before updating for important information that may impact the ability of a firewall to upgrade to pfSense version 2.4.x. If either by choice or by hardware limitations a firewall cannot be upgraded to pfSense 2.4.x, see the pfSense 2.3.5-RELEASE announcement for information on obtaining the latest 2.3.x release.

Version number 2.4.3-p1/ 2.3.5-p2
Release status Final
Operating systems BSD
Website pfSense
Download
License type GPL
You might also like
News

Android 14 beta brings support for a desktop mode

News

Good news for TSMC: its 3nm node will take flight in 2024 thanks to the push of these…

News

The most boring technology of the 21st century: Intel has only grown 5% since 2000

News

Google Password Manager can start sharing passwords with partners or children

News

PlayStation 5 beta update improves audio from DualSense controller

News

Rumor: Android 15 puts apps in ‘edge-to-edge’ mode by default