Michael Tremer

IPFire 2.19 - Core Update 112 is available for testing
by Michael Tremer, July 12

Hello Community,

the next Core Update is ready for testing. Unfortunately it is a little bit behind schedule since we had some last-minute changes which I have not been able to sort out in time because of loads of travelling. But now, everything is finally up to our standards and should be ready for shipment, but before we do that, we will of course have a time for our experienced testers to confirm that we did not introduce any other regressions.

This Core Update mainly comes with updates under the hood. Core system libraries have been updated to new major versions and the build toolchain got major updates. These are:

Misc.

Add-ons

Updated

Dropped


As always, we would like to ask all users to participate in testing which will highly improve the quality of this update.

Please report any bugs to our bug tracker and provide any feedback on our development mailing list.

Arne Fitzenreiter

IPFire 2.19 - Core Update 111 in testing tree updated
by Arne Fitzenreiter, June 11

The first build of core111 has a gzip related bug so gunzip and zcat are not working. (This affects also the logviewer which cannot display older/compressed logs)

If zcat prints this:

zcat: compressed data not written to a terminal. Use -f to force compression.

You need to install the update again:

echo 110 > /opt/pakfire/db/core/mine
pakfire upgrade

Michael Tremer

IPFire 2.19 - Core Update 111 is available for testing
by Michael Tremer, June 1

For the start of the second half of the year, we have a brand new Core Update available for everyone who wants to help testing. It comes with various packages from all areas and some new features.

WPA Enterprise Authentication in Client Mode

The firewall can now authenticate itself with a wireless network that uses Extensible Authentication Protocol (EAP). These are commonly used in enterprises and require a username and password in order to connect to the network.

IPFire supports PEAP and TTLS which are the two most common ones. They can be found in the configured on the “WiFi Client” page which only shows up when the RED interface is a wireless device. This page also shows the status and protocols used to establish the connection.

The index page also shows various information about the status, bandwidth and quality of the connection to a wireless network. That also works for wireless networks that use WPA/WPA2-PSK or WEP.

QoS Multi-Queueing

The Quality of Service is now using all CPU cores to balance traffic. Before, only one processor core was used which caused a slower connection on systems with weaker processors like the Intel Atom series, etc. but fast Ethernet adapters. This has now been changed so that one processor is no longer a bottle neck any more.

New crypto defaults

In many parts of IPFire cryptographic algorithms play a huge role. However, they age. Hence we changed the defaults on new systems and for new VPN connections to something that is newer and considered to be more robust.

IPsec

OpenVPN

Various markers have been added to highlight that certain algorithms (e.g. MD5 and SHA1) are considered broken or cryptographically weak.

Misc.

Add-ons

New Add-ons

Updated Add-ons

The samba addon has been patched for a security vulnerability (CVE-2017-7494) which allowed a remote code executing on writable shares.


As always, we would like to ask all users to participate in testing which will highly improve the quality of this update.

Please report any bugs to our bug tracker and provide any feedback on our development mailing list.

Arne Fitzenreiter

samba 3.6.25-65 in testing tree
by Arne Fitzenreiter, May 30

samba 3.6.25-65 has uploaded to testing trees. Please test and report to IPFire Mailinglist.

This contains an updated patchset from Red Hat to fix SambaCRY and some other issues.

Hottest posts 2017 2016 2015 2014 2013 2012 2011