Download OPNsense 22.7.2

Spread the love

The OPNsense package is a firewall with extensive opportunities. It is based on the FreeBSD operating system and is originally a fork of m0n0wall and pfSense. The package can be fully configured via a web interface and includes support for 2fa, openvpn, ipsec, carp and captive portal. In addition, it can apply packet filtering and has a traffic shaper. The developers have released OPNsense 22.7.2 and this version is accompanied by the following notes:

OPNsense 22.7.2 released

This update comes a little earlier than expected due to FreeBSD security advisories. Of special interest is the new firewall alias BGP ASN type and notices system which can also be implemented from plugins in the future.

Here are the full patch notes:

  • system: replace static notices system with a shared one based on MVC/API code
  • system: use new _setup script feature where setup.sh exists
  • system: PHP 8 issue when ldap_get_entries() returns false
  • system: wrong variable in scope addition on manual DNS server via link-local gateway
  • system: “passwordarea” support for sensitive backup values
  • interfaces: fix wireless clone assignment regression in 22.7.1
  • interfaces: update ifctl utility to latest version
  • firewall: add BGP ASN type to aliases
  • dhcp: extend search list pull from DHCPv6 in router advertisements DNS option
  • dhcp: improve UI for disabling DNS part of router advertisements (contributed by Patrick M. Hausen)
  • dhcp: pushed wrong server to zone definition on local DNS selection
  • firmware: opnsense-patch: only remove “.sh” suffix for installer and update repos
  • firmware: opnsense-update: only set packages marker after successful upgrade
  • firmware: opnsense-bootstrap: set correct packages marker
  • firmware: revoke 22.1 fingerprint
  • plugins: os-radsecproxy is no longer available on LibreSSL due to upstream build issues
  • plugins: os-acme-client 3.13
  • plugins: os-bind 1.24
  • plugins: os-haproxy 3.11
  • plugins: os-git-backup hides SSH keys by default
  • plugins: os-postfix disables GSSAPI for the time being
  • src: lib9p: Remove potential buffer overwrite in l9p_puqids()
  • src: vm_fault: Shoot down shared mappings in vm_fault_copy_entry()
  • src: elf_note_prpsinfo: handle more failures from proc_getargv()
  • src: pam_exec: fix segfault when authtok is null
  • src: kevent: Fix an off-by-one in filt_timerexpire_l()
  • src: cam: leep periph_links when restoring CCB in camperiphdone()
  • src: pfctl: fix FOM_ICMP/POM_STICKYADDRESS clash
  • src: restrict default /root permissions to 750
  • src: rc: add ${name}_setup script support
  • ports: lighttpd 1.4.66
  • ports: phalcon 5.0.0RC4
  • ports:php 8.0.22[14]

Version number 22.7.2
Release status Final
Operating systems Linux, BSD
Website OPNsense
Download
License type Prerequisites (GNU/BSD/etc.)
You might also like