pfSense 2.4.3 发布,包含重要的安全修复补丁

pfSense 2.4.3 已发布,本次更新包含重要的安全修复和 bug 修复,还引入了一些新特性,具体如下。   值得关注的更新   包含一些重要的安全修复补丁:   Kernel PTI mitigations for Meltdown (optional tunable) FreeBSD-SA-18:03.speculative_execution.asc   IBRS mitigation for Spectre V2 (requires updated CPU microcode) FreeBSD-SA-18:03.speculative_execution.asc   Fixes for FreeBSD-SA-18:01.ipsec   Fixed three potential XSS vectors, and two potential CSRF issues   CSRF protection for all dashboard widgets   Updated several base system packages to address CVEs   除了安全修复,pfSense 还包含重要的 bug 修复,如修复 pfSense PHP 模块的内存泄露问题,具体如下:   Fixed hangs due to Limiters and pfsync in High Availability configurations   Imported anetstatfix to improve performance and reduce CPU usage, especially on the Dashboard and ARM platforms   Fixed a memory leak in the pfSense PHP module   Fixed DHCPv6 lease display for entries that were not parsed properly from the lease database   Fixed issues on assign_interfaces.php with large numbers of interfaces   Fixed multiple issues that could result in an invalid ruleset being generated   Fixed multiple Captive Portal voucher synchronization issues with HA   Fixed issues with XMLRPC user account synchronization causing GUI inaccessibility on secondary HA nodes   … and many more!   重要的新特性:   Changed IPsec Phase 1 to allow selecting both IPv4 and IPv6 so the local side can allow inbound connections to either address family   Changed IPsec Phase 1 to allow configuration of multiple IKE encryption algorithms, key lengths, hashes, and DH groups   Changed SMTP notifications handling so they are batched, to avoid sending multiple e-mail messages in a short amount of time   Added options to RFC 2136 Dynamic DNS for server key algorithm and to change the source address used to send updates   Added VLAN priority tagging for DHCPv6 client requests   Hardware support for the new XG-7100 including C3000 SoC support, C3000 NIC support, and Marvell 88E6190 switch support (Factory installations only)   … and more!   详细更新内容请查看发布说明。   下载地址:https://www.pfsense.org/download/(编辑:雷林鹏 来源:网络)
posted @ 2018-08-30 10:08  雷林鹏  阅读(182)  评论(0编辑  收藏  举报