IPFire 2.27 - Core Update 174 is available for testing

by Peter Müller, March 16, 2023, Updated April 7, 2023

Do you like what you are reading? Subscribe to our newsletter and don't miss out on the latest...   Join Now

The next Core Update is ready for testing: IPFire 2.27 - Core Update 174. It is a traditional spring clean release which updates major parts of the core system and comes with a large number of bug fixes throughout.

This update also comes with a number of security patches in Apache, cURL and more, but none of them have been assessed as being exploitable on IPFire. Nevertheless, we intend to bring those updates to all of our users as soon as possible, and encourage speedy installation of Core Update 174 after its testing phase has been completed successfully.

Updated Toolchain

The "toolchain" includes the most basic parts to build software and consists of GCC as the compiler, Binutils as the assembler and linker, and glibc as the C standard library. They have been updated to their latest versions improving performance for all generated code and fixing bugs.

Although they are not as exciting for our users, they are the building blocks IPFire is founded on and make it the modern, fast and secure distribution that it is.

Bug Fixes

Miscellaneous

  • rng-tools has been moved from the core system to an add-on (#12900).
  • Conversely, perl-TimeDate is now part of the core system, since it became a dependency of the OpenVPN CGI.
  • Arne has worked a lot on bringing the RISC-V build up to speed.
  • IPFire's trust store has been synced against Mozilla's current trusted CA certificate bundle.
  • Useless Qualcomm Bluetooth firmware files are no longer shipped (IPFire dropped Bluetooth support a long time ago due to security reasons), saving a couple of megabytes on new and existing IPFire installations alike.
  • Updated packages: apache 2.4.56, apr 1.7.2, bind 9.16.38, binutils 2.40, boost 1.81.0, curl 7.88.1, elinks 0.16.0, ethtool 6.2, freetype 2.13.0, gcc 12.2.0, glibc 2.37, gnutls 3.8.0, grep 3.9, harfbuzz 7.0.1, intel-microcode 20230214, iproute2 6.2.0, libtirpc 1.3.3, liburcu 0.14.0, linux-firmware 20230210, lmdb 0.9.30, logwatch 7.8, lsof 4.98.0, pango 1.50.13, poppler 23.03.0, poppler-data 0.4.12, qpdf 11.3.0, rust 1.67.0, squid 5.8, strongswan 5.9.10 (fixes CVE-2023-26463, which is not exploitable on IPFire unless heavily customized IPsec connections have been configured using the CLI rather than the IPsec web interface), sudo 1.9.13p3, tzdata 2022g, wireless-regdb 2023-02-12, zstd 1.5.4
  • Updated add-ons: cups 2.4.2, dbus 1.14.6, epson-inkjet-printer-escpr 1.7.23, fetchmail 6.4.36, HAProxy 2.7.4, htop 3.2.2, make 4.4.1, monit 5.33.0, pcengines-apu-firmware 4.19.0.1, python3-setuptools 67.5.1, samba 4.17.5

As always, we thank all people contributing to this release in whatever shape and form. Please help testing this update, especially if you are using exotic hardware, uncommon network setups, or add-ons, and provide feedback - which is absolutely essential to us.