IPFire 2.19 - Core Update 104
The IPFire Project
ipfire-announce at lists.ipfire.org
Tue Sep 20 20:52:59 CEST 2016
This is the official release announcement for IPFire 2.19 – Core Update 104.
This update brings you a new kernel under the hood and a from scratch rewritten
The Linux kernel has been updated to version 3.14.79 and brings you various bug-
fixes, stability improvements and supports more hardware.
Gurdian is an Intrusion-Prevention-System that is hooked into Snort, the
Intrusion Detection System. It reacts on reported events by blocking access for
hosts where malicious traffic was detected to originate from. That enables
IPFire to be a dynamic firewall and block any abuse or other unwanted behaviour
Since the old implementation was quite old and rather limited, Stefan Schantl
started a complete rewrite which is faster, more efficient in resource usage and
of course more reliable.
If you want to use Gurdian, you will have to install the guardian add-on
This Core Update updates Snort to version 22.214.171.124.
* The IPFire web user interface is hardened against a potential environment
variable injection attacked known under the name HTTPoxy. This was never
possible to exploit in IPFire.
* Dynamic DNS Updater
* Add support for DuckDNS
* Update URL for spdyn
* OpenSSH has been updated to 7.3p1 which fixes various security issues
* Updated packages: shadow 4.2.1, libarchive 3.2.1, libcap 2.25, acl 2.2.52,
iputils s20160308, curl 7.49.1, popt 1.16, pcre 8.39, acpid 2.0.26, which
2.21, libtiff 4.0.6, ntp 4.2.8p8, wget 1.18
* Correction of wrong spelled unit “bit”
* htop 2.0.2
* nano 2.6.1
* nginx 1.8.1
* p7zip fixes CVE-2016-2334, CVE-2016-2335
* Indepently from this Core Update, libvirt has been released as a new add-on.
Read all about it on its IPFire Planet post .
* freeradius, console configuration only
A note to all testers: Please reinstall the final update if you have not
installed it from the testing tree within the last few days. During the time of
testing this update, the image has been changed and additional bugs have been
We are currently crowdfunding a Captive Portal for IPFire  and would like you
to ask to check it out and support us!
Please help us to support the work on IPFire Project with your donation .
More information about the IPFire-Announce