pfSense 2.2.1 发布,防火墙和路由软件
pfSense是源自于m0n0wall的操作系统。它使用的技术包括Packet Filter,FreeBSD 6.x(或DragonFly BSD,假如ALTQ和CARP完成了的话)的ALTQ(以出色地支持分组队列),集成的包管理系统(以为其环境扩展新的特性)。
pfSense是一个FreeBSD下的免费开源的防火墙和路由器软件。
pfSense 2.2.1 发布,此版本包括大量的 bug 修复和安全修复,现已提供下载。
更新内容如下:
安全修复:
-
pfSense-SA-15_02.igmp: Integer overflow in IGMP protocol (FreeBSD-SA-15:04.igmp)
-
pfSense-SA-15_03.webgui: Multiple XSS Vulnerabilities in the pfSense WebGUI
-
pfSense-SA-15_04.webgui: Arbitrary file deletion vulnerability in the pfSense WebGUI
-
FreeBSD-EN-15:01.vt: vt(4) crash with improper ioctl parameters
-
FreeBSD-EN-15:02.openssl: Update to include reliability fixes from OpenSSL
需要关注的 OpenSSL“FREAK”漏洞:
-
Does not affect the web server configuration on the firewall as it does not have export ciphers enabled.
-
pfSense 2.2 already included OpenSSL 1.0.1k which addressed the client-side vulnerability.
-
If packages include a web server or similar component, such as a proxy, an improper user configuration may be affected. Consult the package documentation or forum for details.
BUG 修复:
来自:http://distrowatch.com/?newsid=08852