Results 1 to 1 of 1

Thread: IPFire 2.27 - Core Update 173 is available for testing

  1. #1
    g0d! Contributing Member siosios's Avatar
    Join Date
    Oct 2006
    Location
    In a cardboard box
    Age
    50
    HlStats

    HLStatsX Ranking for STEAM_0:1:13488560
    Posts
    13.538
    Blog Entries
    12
    Rep Power
    10

    Default IPFire 2.27 - Core Update 173 is available for testing

    The first Core Update in 2023 is ready for testing: IPFire 2.27 - Core Update 173. It introduces support for Qualcomm's MSM Interface (QMI), features a kernel fresh from the latest 6.1 stable series, as well as the usual plethora of package updates, security improvements and bug fixes.
    IPFire users running 32-bit ARM devices should note that support for this architecture will sunset on February 28, 2023, as announced previously, and are advised to migrate their installations to a hardware architecture supported by IPFire now.
    Introducing QMI support

    The Qualcomm MSM Interface is a proprietary interface increasingly used by 4G and 5G cellular modems. Commencing with this Core Update, IPFire supports interacting with such modems through libqmi, thus significantly expanding its hardware compatibility to QMI-only cellular modems, and providing a faster and more modern interface to cellular modems providing both a QMI interface and its legacy counterpart.
    Thanks to Michael for implementing this feature. On that occasion, he also refactored related networking code.
    Linux Kernel 6.1.11

    Arne has updated the Linux kernel to the most recent stable series, 6.1.x, which is expected to become a new long-term series. Aside from the usual improvements such major kernel updates bring - bug fixes, hardware support (which is accompanied by an update of linux-firmware in this Core Update) and security improvements, and so on -, we took the occasion to bring several new hardening changes to IPFire users:

    • System calls permitting processes to read or write other processes' memory are no longer provided by the kernel.
    • On EFI systems supporting it, the firmware is now instructed to wipe all memory when rebooting, to hamper cold boot attacks.
    • Landlock support has been enabled.
    • GCC's "latent entropy" plugin has been disabled, since it does not generate cryptographically secure entropy.
    • To cut attack surface, support for both the ACPI configuration file system and obsolete PCMCIA/CardBus subsystem has been removed.
    • On 64-bit ARM installations, direct memory access via malicious PCI devices is no longer possible.

    Miscellaneous


    • The OpenVPN 2FA authenticator will no longer enter an infinite loop if the socket connection to OpenVPN is lost (#12963).
    • A user group necessary for interaction between D-Bus and Avahi is now properly created while installing the latter add-on (#13017).
    • The OpenVPN GUI has seen minor improvements and cleanups (#13030).
    • A bug in the firewall engine permitting the creation of rules with invalid sources has been resolved.
    • Input like *.example.com is now properly treated as a wildcard domain by the web interface (#12937).
    • libtirpc is now part of the core system, since it is needed as a dependency by lsof (#13015).
    • The obsolete spandsp add-on has been dropped.
    • Updated packages: Apache 2.4.55, bind 9.16.37, curl 7.87.0, ethtool 6.1, file 5.44, fontconfig 2.14.1, fuse 3.13.0, grep 3.8, harfbuzz 6.0.0, iana-etc 20221226, iproute2 6.1.0, ipset 7.17, iptables 1.8.9, iputils 20221126, iw 5.19, jquery 3.6.3, json-c 0.16, keyutils 1.6.3, knot 3.2.4, krb5 1.20.1, lcms2 2.14, less 608, libarchive 3.6.2, libcap 2.66, libconfig 1.7.3, libffi 3.4.4, libgpg-error 1.46, libidn 1.41, libinih r56, libjpeg 2.1.4, libloc 0.9.16, libmpc 1.3.1, libpcap 1.10.3, libssh 0.10.4, libstatgrab 0.92.1, libtiff 4.5.0, libtool 2.4.7, libusb 1.0.26, libxslt 1.1.37, libyang 2.1.4, linux-firmware 20221214, logrotate 3.21.0, lz4 1.9.4, memtest86+ 6.01, mpfr 4.2.0, nano 7.2, ncurses 6.4, OpenSSH 9.2p1, OpenSSL 1.1.1t, pcre2 10.42, perl-HTML-Parser 3.78, pixman 0.42.2, poppler 23.01.0, psmisc 23.6, rust 1.65, sdl2 2.26.2, shadow 4.13, sqlite 3400100, squid-asnbl 0.2.4 (resolving #13023), strongswan 5.9.9, sudo 1.9.12p2, suricata 6.0.10, xfsprogs 6.1.1, xz 5.4.1
    • Updated add-ons: alsa 1.2.8, bird 2.0.11, borgbackup 1.2.3 (resolving #13032), ClamAV 1.0.1, dbus 1.14.4, dnsdist 1.7.3, ghostscript 10.0.0, haproxy 2.7.1, igmpproxy 0.4, iotop 1.22, iperf 2.1.8, iperf3 3.12, libcdada 0.4.0, libexif 0.6.24, libpciaccess 0.17, libshout 2.4.6, libtalloc 2.3.4, libusbredir 0.13.0, libvirt 8.10.0, mc 4.8.29, nfs 2.6.2, nqptp ad384f9, pcengines-apu-firmware 4.17.0.3, python3-packaging 23.0, samba 4.17.4, shairport-sync 4.1.1, strace 6.1, tcpdump 4.99.3, Tor 0.4.7.13

    As always, we thank all people contributing to this release in whatever shape and form. Please help testing this update, especially if you are using exotic hardware, uncommon network setups, or add-ons, and provide feedback - which is absolutely essential to us.


    More...
    Last edited by siosios; 05-13-2023 at 03:11 AM.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. IPFire 2.27 - Core Update 174 released
    By siosios in forum Ipfire
    Replies: 0
    Last Post: 05-13-2023, 03:08 AM
  2. Replies: 0
    Last Post: 05-13-2023, 03:08 AM
  3. Enabling IPFire for 5G
    By siosios in forum Ipfire
    Replies: 0
    Last Post: 05-13-2023, 03:08 AM
  4. IPFire 2.27 - Core Update 173 released
    By siosios in forum Ipfire
    Replies: 0
    Last Post: 05-13-2023, 03:08 AM
  5. Replies: 0
    Last Post: 03-04-2019, 11:59 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •