OPNsense 17.7.5 released

Hello,

This update includes a larger number of security-related updates in third party software recently published. We do recommend a reboot to ensure all services are restarted correctly.

Here are the full patch notes:

system: always return unique list of active DNS servers

system: remove obsolete fast forwarding sysctl usage

gateways: appropriate use of link local scope gateway targets

interfaces: start rtsold in directly send SOLICIT case as well

firewall: improve virtual IP VHID edit handling

firmware: prevent submit of empty crash reports

web proxy: fix ICAP username header usage (contributed by Alexander Shursha)

plugins: os-c-icap 1.2 local squid authentication (contributed by Alexander Shursha)

plugins: os-collectd 1.1 graphite post and prefix (contributed by Michael Muenz)

plugins: os-intrusion-detection-content-et-pro 1.0

plugins: os-quagga 1.4.2 OSPF router ID support (contributed by Fabian Franz)

ports: dnsmasq 2.78[1]

ports: kerberos 1.15.2[2]

ports: openvpn 2.4.4[3]

ports: perl 5.24.3[4]

ports: php 7.0.24[5]

ports: python 2.7.14[6]

Stay safe,

Your OPNsense team

—

[1] http://www.thekelleys.org.uk/dnsmasq/CHANGELOG

[2] https://web.mit.edu/kerberos/krb5-1.15/#announcement

[3] https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24

[4] http://search.cpan.org/dist/perl-5.24.3/pod/perldelta.pod

[5] http://php.net/ChangeLog-7.php#7.0.24

[6] https://raw.githubusercontent.com/python/cpython/84471935e/Misc/NEWS