IPFire 2.13 Core Update 76 released
The IPFire Project
ipfire-announce at lists.ipfire.org
Wed Apr 16 12:08:56 CEST 2014
this is the official release announcement for *IPFire 2.13 - Core Update
76*. It comes with a security fix for the strongswan package which is
responsible for IPsec VPN connections. The vulnerability has got the
number CVE-2014-2338 . It was possible to bypass the authentication
and therefore to overtake a VPN connection whilst the original peers are
rekeying. IKEv1 connections are not vulnerable, but IKEv2. Check out the
blog post by the strongswan team .
Please update as soon as possible.
I would also like to draw your attention towards the upcoming release of
IPFire 2.15. The first release candidate has been released a couple of
weeks ago and we are searching for testers  to find any last-minute
bugs. We are also already thinking about the releases past that and
raising funds to implement Single Sign-On Authentication for the Web
proxy against Windows Active Directory  So please check this out,
too. Your support is very much appreciated!
More information about the IPFire-Announce