Today, we are releasing the 62nd Core Update for IPFire 2.11. This update fixes some security problems and also adds some new functionality.

We recommend that you update your IPFire installations as soon as possible if you are using the outgoing firewall in mode 1.

Fixed: Outgoing firewall permits hosts on BLUE to access the internet

In earlier releases, it was possible for hosts on the BLUE network to access resources on the internet which are allowed by the outgoing firewall although no permission has been granted to the host (blue access). This is a moderate risk.

The connection overview on the web user interface now shows return paths. This means you are now able to see which host on the local and NATted network opened the connections.

php has been update to version 5.3.16, which fixes a number of security problems and various bugs of other types as well.

IPFire comes now with a script which lets you create VLAN interfaces for GREEN, BLUE and/or ORANGE. However, it is only possible to configure this from the command line. Check /var/ipfire/ethernet/vlans for the configuration.

There are also updates to the usual set of databases: GeoIP, USB modeswitch, and PCI/USB devices.

Recent posts on the planet and IPFire 2.13

On the IPFire Planet, there are some posts which are very interesting. Please take a minute to read them and consider subscribing to the Planet RSS feed.

There are some addons in the testing tree which are not being released today because we haven’t received enough feedback on them to release them to the general public. If you have the ability to test any of these, please do so! The sooner we can get them thoroughly tested, the sooner we can go ahead and release them to the general public.

We recommend that everyone updates to this current version as soon as possible. Without a doubt, this is the best version of IPFire that has ever been released. If you think so as well, please consider donating to the project. If you can’t afford to donate, there are some other ways you can help and get involved as well.

Michael Tremer - September 11, 2012 at 2:00 am