This is to announce the release of Core Update 60, which comes with a security fix for IPSec. We recommend to update as soon as possible.

This is a pure update because it does not make much sense to upload a whole set of images for a one-line fix. If you want to install IPFire, please download IPFire 2.11-C59 and apply all updates.

The provided security fix is in the strongswan package:
strongswan (4.6.4) – RSA signature verification vulnerability CVE-2012-2388

The recently announced OpenVPN changes that were planned for Core Update 60 have been postponed to Core Update 61.

Arne Fitzenreiter - June 2, 2012 at 2:00 pm