siosios
03-16-2024, 11:10 PM
We are celebrating the next release of IPFire: Version 2.29 - Core Update 184. This release comes with a number of improvements around the entire operating system and a large number of packages updates. Although this change log isn't the longest, this update packs a lot of important changes and we recommend to install while it is still hot!
If you like to support the developers, please donate (https://www.ipfire.org/donate). It really helps a lot to keep you bringing these updates and making IPFire a little bit better every day!
What's in it?
Intrusion Prevention System: Suricata has been updated to version 6.0.16 which fixes a number of vulnerabilities
It is now possible to individually enable logging for packets from and to hostile networks. This allows for easier monitoring of compromised systems on the local network without a lot of noise from portscans and similar things from the Internet. They are also graphed individually in the firewall hits graph.
A bug has been fixed in the installer: The process now fails if the boot loader could not be installed, when before, the installation completed successfully but left a newly installed system unbootable.
Updated packages: acl 2.3.2, attr 2.5.2, bash 5.2.26, BIND 9.16.48, dhcpcd 10.0.6, diffutils 3.10, dmidecode 3.5, ed 1.20, expat 2.6.0 (CVE-2023-52425 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-52425), CVE-2023-52426 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-52426)), file 5.45, fmt 10.2.1, gettext 0.22.4, GnuTLS 3.8.3 (CVE-2024-0553 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-0553), CVE-2024-0567 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-0567)), help2man 1.49.3, iana-etc 20240125, iproute2 6.7.0, ipset 7.19, iputils 20240117, libhtp 0.5.46, libidn 1.42, libpng 1.6.41, libtalloc 2.4.1, libyang 2.1.148, lvm2 2.03.23, lzip 1.24, memtest86+ 7.0.0, PAM 1.6.0, pixman 43.0, poppler 24.01.0, readline 8.2.10, shadow 4.14.3, SQLite 3.45.1, squid 6.7, suricata 6.0.16, unbound 1.19.1 (CVE-2023-50387 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-50387) & CVE-2023-50868 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-50868)), vnstat 2.12, xz 5.4.6, zlib 1.3.1
Add-ons
Updated add-ons: bird 2.14, borgbackup 1.2.7 (CVE-2023-36811 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-36811)), FRR 9.1 (CVE-2023-47235 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-47235), CVE-2023-47235 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-47235)), HAProxy 2.9.2, libvirt 10.0.0 (CVE-2023-3750 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-3750)), lshw B.02.00, mc 4.8.31, stunnel 5.71, transmission 4.0.5, VDR 2.6.6 + Plugins, wavemon 0.9.5
mympd (https://www.ipfire.org/docs/addons/mympd) is a new package which provides a web user interface to mpd
More... (https://www.ipfire.org/blog/ipfire-2-29-core-update-184-released)
If you like to support the developers, please donate (https://www.ipfire.org/donate). It really helps a lot to keep you bringing these updates and making IPFire a little bit better every day!
What's in it?
Intrusion Prevention System: Suricata has been updated to version 6.0.16 which fixes a number of vulnerabilities
It is now possible to individually enable logging for packets from and to hostile networks. This allows for easier monitoring of compromised systems on the local network without a lot of noise from portscans and similar things from the Internet. They are also graphed individually in the firewall hits graph.
A bug has been fixed in the installer: The process now fails if the boot loader could not be installed, when before, the installation completed successfully but left a newly installed system unbootable.
Updated packages: acl 2.3.2, attr 2.5.2, bash 5.2.26, BIND 9.16.48, dhcpcd 10.0.6, diffutils 3.10, dmidecode 3.5, ed 1.20, expat 2.6.0 (CVE-2023-52425 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-52425), CVE-2023-52426 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-52426)), file 5.45, fmt 10.2.1, gettext 0.22.4, GnuTLS 3.8.3 (CVE-2024-0553 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-0553), CVE-2024-0567 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-0567)), help2man 1.49.3, iana-etc 20240125, iproute2 6.7.0, ipset 7.19, iputils 20240117, libhtp 0.5.46, libidn 1.42, libpng 1.6.41, libtalloc 2.4.1, libyang 2.1.148, lvm2 2.03.23, lzip 1.24, memtest86+ 7.0.0, PAM 1.6.0, pixman 43.0, poppler 24.01.0, readline 8.2.10, shadow 4.14.3, SQLite 3.45.1, squid 6.7, suricata 6.0.16, unbound 1.19.1 (CVE-2023-50387 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-50387) & CVE-2023-50868 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-50868)), vnstat 2.12, xz 5.4.6, zlib 1.3.1
Add-ons
Updated add-ons: bird 2.14, borgbackup 1.2.7 (CVE-2023-36811 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-36811)), FRR 9.1 (CVE-2023-47235 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-47235), CVE-2023-47235 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-47235)), HAProxy 2.9.2, libvirt 10.0.0 (CVE-2023-3750 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-3750)), lshw B.02.00, mc 4.8.31, stunnel 5.71, transmission 4.0.5, VDR 2.6.6 + Plugins, wavemon 0.9.5
mympd (https://www.ipfire.org/docs/addons/mympd) is a new package which provides a web user interface to mpd
More... (https://www.ipfire.org/blog/ipfire-2-29-core-update-184-released)