From: The IPFire Project <ipfire-announce@lists.ipfire.org>
To: ipfire-announce@lists.ipfire.org
Subject: IPFire 2.17 - Core Update 94 released
Date: Tue, 27 Oct 2015 21:31:56 +0000 [thread overview]
Message-ID: <mailman.97.1445981631.930.ipfire-announce@lists.ipfire.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 2266 bytes --]
http://www.ipfire.org/news/ipfire-2-17-core-update-94-released
This is the official release announcement for IPFire 2.17 – Core Update
94 which is a release with smaller security fixes and a maintenance
release in general.
OpenSSH
OpenSSH was updated to version 7.1p1. With that we added support for
elliptic curves (ECDSA and ED25519) and removed support for DSA which
is considered broken. Too small RSA keys are removed as well and
regenerated. These changes may require to import the keys of the IPFire
system on your admin computer again.
Internal mail agent
An internal mail agent was added that is used by internal services
to send out reports or alerts. So far only a few services use this
(like the squid accounting add-on), but we expect to add more things
in the future.
This is a very simple and lightweight mail agent that can be
configured on the web user interface and will usually require an
upstream mail server.
IPsec MOBIKE
A new checkbox in the advanced settings page of an IPsec connections
has been added. It allows to force using MOBIKE, a technology for IPsec
to traverse NAT better. Sometimes when behind faulty routers, IPsec
connections can be established, but no data can be transferred and the
connection breaks very quickly (some routers have difficulties with
forwarding DPD packets). MOBIKE circumvents that by using UDP port 4500
for IKE messages.
Misc
* Required fields are now marked with a star. Previously this was
the other way round so that optional fields where marked with a star,
which is not seen anywhere on the web any more.
* A monthly forced ddns update is removed since ddns is taking care
itself of keeping all records up to date and refreshing them after 30
days if necessary.
* fireinfo: Some crashes were fixed with IDs that only contain 0xff
Updated packages
bind 9.10.2-P4, coreutils 8.24, dnsmasq got the latest changes
imported, file 5.24, glibc (security fixes), hdparm 9.48, iproute2
4.2.0, libgcrypt 1.6.4, libgpg-error 1.20, pcre (fixes for more buffer
overflows), rrdtool 1.5.4, squid 3.4.14
This update does not require a reboot, though it is recommended.
Please help us to sustain the work on IPFire Project with your donation
[1].
[1] http://www.ipfire.org/donate
reply other threads:[~2015-10-27 21:31 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=mailman.97.1445981631.930.ipfire-announce@lists.ipfire.org \
--to=ipfire-announce@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox