Michael Tremer

IPFire 2.17 - Core Update 91 is available for testing
by Michael Tremer, June 11, 2015

IPFire 2.17 – Core Update 91 v2 has been pushed to the testing tree a couple of minutes ago. We are planning to release this version of IPFire in the next 24 hours as it comes with important security fixes for the OpenSSL library. Please help us testing this release.

OpenSSL security vulnerabilities

There are six security vulnerabilities that are fixed in version 1.0.2b of openssl.

Among these are fixes for the Logjam vulnerability and others that are filed under CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792, CVE-2015-1791, and CVE-2014-8176.

Short after uploading core91 into testing the OpenSSL team has released another hotfix update for an ABI brackage so we are forced to rebuild the update again. If you have installed core91 early check the OpenSSL version. If this is older than 1.0.2c install the core update again by reseting /opt/pakfire/db/core/mine to 90 and restart upgrade. (This ABI breack is the reason for hostapd fails and maybee more problems)

StrongSwan IPsec security vulnerability

In strongswan 5.3.1, a security vulnerability that is filed under CVE-2015-3991was fixed. A denial-of-service and potential code execution was possible with specially crafted IKE messages.

Other package updates

A number of other packages have been updated: libnet 1.16, libxml2 2.9.2, libxslt 1.1.28, newt 0.52.19, slang 2.3.0, pcre 8.37

Minor changes

You can either update to this testing release or download it from our main mirror server.

Posted: June 11, 2015 • 1487 views