IPFire 2.21 - Core Update 125 released
The IPFire Project
ipfire-announce at lists.ipfire.org
Mon Nov 26 11:14:51 GMT 2018
Finally, the next release of IPFire is available: IPFire 2.21 - Core Update 125
This update comes with various security and bug fixes as well as cleanups and
some new features.
Thank you very much to all of you who have supported our Donations Challenge 
so far. We have received a lot of nice words and support from you, but we are
not there, yet! Please support our project and donate!
The IPFire Access Point add-on now supports 802.11ac WiFi if the chipset
supports it. This allows better coverage and higher network throughputs.
Although IPFire might not be the first choice as a wireless access point in
larger environments, it is perfect to run a single office or apartment.
Additionally, a new switch allows to disable the so called neighbourhood scan
where the access point will search for other wireless networks in the area. If
those are found, 40 MHz channel bandwidth is disabled leading to slower
* strongswan 5.7.1: This updated fixes various security vulnerabilities filed
under CVE-2018-16151, CVE-2018-16152 and CVE-2018-17540. Several flaws in the
implementation that parsed and verified RSA signatures in the gmp plugin may
allow for Bleichenbacher-style low-exponent signature forgery in certificates
and during IKE authentication.
* The IO graphs now support NVMe disks
* The SFTP subsystem is enabled again in the OpenSSH Server
* Swap behaviour has been changed so that the kernel will make space for a large
process when not enough physical memory is available. Before, sudden jumps in
memory consumption where not possible and the process requesting that memory
* The backup scripts have been rewritten in Shell and now package all add-ons
backups with the main backup. Now, it is no longer required to save any add-on
* Updated packages: apache 2.4.35, bind 9.11.4-P2, coreutils 8.30, dhcpcd 7.0.8,
e2fsprogs 1.44.4, eudev 3.2.6, glibc 2.28, gnutls 3.5.19, json-c 0.13.1,
keyutils 1.5.11, kmod 25, LVM2 2.02.181, ntfs-3g 2017.3.23, reiserfsprogs
3.6.27, sqlite 184.108.40.206, squid 3.5.28, tzdata 2018g, xfsprogs 4.18.0
* dehydrated - A lightweight client to retrieve certificates from Let's Encrypt
written in bash
* frr, an IP routing protocol suite and BGP and OSPF are supported on IPFire.
Find out more on their website .
* observium-agent - An xinet.d-based agent for Observium , a network
* clamav has been updated to 0.100.2 and the virus database files have been
moved to the /var partition. This makes more space available on the root
* nfs 2.3.3, haproxy 1.8.14, hostapd 2.6, libvirt 4.6.0, tor 0.3.4.9
Thanks for the people who contributed to this Core Update.
Please help us to support everyone’s work with your donation !
More information about the IPFire-Announce