IPFire 2.21 - Core Update 125 released

IPFire 2.21 – Core Update 125 released

Linux Updates

Finally, the next release of IPFire is available: IPFire 2.21 - Core Update 125
This update comes with various security and bug fixes as well as cleanups and
some new features.

IPFire 2.21 - Core Update 125 released

Thank you very much to all of you who have supported our Donations Challenge [1]
so far. We have received a lot of nice words and support from you, but we are
not there, yet! Please support our project and donate!
802.11ac WiFi

The IPFire Access Point add-on now supports 802.11ac WiFi if the chipset
supports it. This allows better coverage and higher network throughputs.
Although IPFire might not be the first choice as a wireless access point in
larger environments, it is perfect to run a single office or apartment.
Additionally, a new switch allows to disable the so called neighbourhood scan

where the access point will search for other wireless networks in the area. If
those are found, 40 MHz channel bandwidth is disabled leading to slower
throughput.
Misc.
strongswan 5.7.1: This updated fixes various security vulnerabilities filed
under CVE-2018-16151, CVE-2018-16152 and CVE-2018-17540. Several flaws in the
implementation that parsed and verified RSA signatures in the gmp plugin may
allow for Bleichenbacher-style low-exponent signature forgery in certificates
and during IKE authentication.
The IO graphs now support NVMe disks
The SFTP subsystem is enabled again in the OpenSSH Server
Swap behaviour has been changed so that the kernel will make space for a large
process when not enough physical memory is available. Before, sudden jumps in
memory consumption where not possible and the process requesting that memory
was terminated.
The backup scripts have been rewritten in Shell and now package all add-ons
backups with the main backup. Now, it is no longer required to save any add-on
configuration separately.
Updated packages: apache 2.4.35, bind 9.11.4-P2, coreutils 8.30, dhcpcd 7.0.8,
e2fsprogs 1.44.4, eudev 3.2.6, glibc 2.28, gnutls 3.5.19, json-c 0.13.1,
keyutils 1.5.11, kmod 25, LVM2 2.02.181, ntfs-3g 2017.3.23, reiserfsprogs
3.6.27, sqlite 3.25.2.0, squid 3.5.28, tzdata 2018g, xfsprogs 4.18.0
New Add-Ons
dehydrated - A lightweight client to retrieve certificates from Let's Encrypt
written in bash
frr, an IP routing protocol suite and BGP and OSPF are supported on IPFire.
Find out more on their website [2].
observium-agent - An xinet.d-based agent for Observium [3], a network
monitoring platform
Updated Add-Ons
clamav has been updated to 0.100.2 and the virus database files have been
moved to the /var partition. This makes more space available on the root
partition.
nfs 2.3.3, haproxy 1.8.14, hostapd 2.6, libvirt 4.6.0, tor 0.3.4.9
Thanks for the people who contributed to this Core Update.
Please help us to support everyone’s work with your donation [4]!
[1] https://blog.ipfire.org/post/donations-challenge
[2] https://frrouting.org/
[3] https://observium.org/
[4] https://www.ipfire.org/donateFinally, the next release of IPFire is available: IPFire 2.21 - Core Update 125This update comes with various security and bug fixes as well as cleanups andsome new features.Thank you very much to all of you who have supported our Donations Challenge [1]so far. We have received a lot of nice words and support from you, but we arenot there, yet! Please support our project and donate!802.11ac WiFiThe IPFire Access Point add-on now supports 802.11ac WiFi if the chipsetsupports it. This allows better coverage and higher network throughputs.Although IPFire might not be the first choice as a wireless access point inlarger environments, it is perfect to run a single office or apartment.Additionally, a new switch allows to disable the so called neighbourhood scanwhere the access point will search for other wireless networks in the area. Ifthose are found, 40 MHz channel bandwidth is disabled leading to slowerthroughput.Misc.* strongswan 5.7.1: This updated fixes various security vulnerabilities filed under CVE-2018-16151, CVE-2018-16152 and CVE-2018-17540. Several flaws in the implementation that parsed and verified RSA signatures in the gmp plugin may allow for Bleichenbacher-style low-exponent signature forgery in certificates and during IKE authentication.* The IO graphs now support NVMe disks* The SFTP subsystem is enabled again in the OpenSSH Server* Swap behaviour has been changed so that the kernel will make space for a large process when not enough physical memory is available. Before, sudden jumps in memory consumption where not possible and the process requesting that memory was terminated.* The backup scripts have been rewritten in Shell and now package all add-ons backups with the main backup. Now, it is no longer required to save any add-on configuration separately.* Updated packages: apache 2.4.35, bind 9.11.4-P2, coreutils 8.30, dhcpcd 7.0.8, e2fsprogs 1.44.4, eudev 3.2.6, glibc 2.28, gnutls 3.5.19, json-c 0.13.1, keyutils 1.5.11, kmod 25, LVM2 2.02.181, ntfs-3g 2017.3.23, reiserfsprogs 3.6.27, sqlite 3.25.2.0, squid 3.5.28, tzdata 2018g, xfsprogs 4.18.0New Add-Ons* dehydrated - A lightweight client to retrieve certificates from Let's Encrypt written in bash* frr, an IP routing protocol suite and BGP and OSPF are supported on IPFire. Find out more on their website [2].* observium-agent - An xinet.d-based agent for Observium [3], a network monitoring platformUpdated Add-Ons* clamav has been updated to 0.100.2 and the virus database files have been moved to the /var partition. This makes more space available on the root partition.* nfs 2.3.3, haproxy 1.8.14, hostapd 2.6, libvirt 4.6.0, tor 0.3.4.9Thanks for the people who contributed to this Core Update.Please help us to support everyone’s work with your donation [4]![1] https://blog.ipfire.org/post/donations-challenge[2] https://frrouting.org/[3] https://observium.org/[4] https://www.ipfire.org/donate

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.