IPFire 2.25 - Core Update 147 is available for testing

by Michael Tremer, July 2, 2020, Updated July 6, 2020

Do you like what you are reading? Subscribe to our newsletter and don't miss out on the latest...   Join Now

With this week's release of Core Update 146, we already have made the next one available for testing. It contains a vast amount of package updates and brings some security updates.

Security Updates

The squid web proxy had a number of security vulnerabilities that have been patched in version 4.12. Those are:

There was a third vulnerability in the TLS component of squid which is not activated in IPFire and therefore IPFire is not vulnerable (CVE-2020-14058).

Misc.

  • The Linux firmware package was updated to version 20200519 and brings various improvements to hardware components and adds support for more hardware.
  • A long-standing issue with forwarding GRE connections has been resolved. It was absolutely impossible to get such connections through the firewall, because IPFire's internal connection tracking refused to handle them.
  • Amazon Web Services: The firewall will now configure all zones to use jumbo frames by default. Since Amazon's network allows packets with up to 9001 bytes, this will increase bandwidth in the cloud. The RED interface is exempt, because the Internet still defaults to only 1500 bytes per packet.
  • Updated packages: bind 9.11.20, dhcpcd 9.1.2, GnuTLS 3.6.14, gmp 6.2.0, iproute2 5.7.0, libassuan 2.5.3, libgcrypt 1.8.5, libgpg-error 1.38, OpenSSH 8.3p1, squidguard 1.6.0

Add-ons

Updates

  • Bacula, a backup solution, was updated to version 9.6.5 by Adolf Belka
  • borgbackup 1.1.13
  • haproxy 2.1.7
  • Joe 4.6

Although this update is rather small in number of changes, it is rather large on disk due to the many Linux firmware files that we are shipping. Please help us testing this release to make sure it won't introduce any new regressions into IPFire.