• Core Update 156 - Is it ready to go out?
  • Core Update 157
  • From April: Purifying IPFire: Drop addons that don't really belong to IPFire or to the functionality of a firewall and should perhaps be operated separately. Maybe as a VM on IPFire. eg Asterisk, VDR
  • Drop Python 2


  • Michael
  • Daniel
  • Stefan
  • Peter
  • Arne


Core Update 156

  • Ready to go, to be released Wednesday

Core Update 157

  • Updated packages galore
  • Kernel 4.14.x
  • Apache configuration has been cleaned up
  • Two minor bugs in fwhosts.cgi fixed, currently awaiting feedback from Alex
  • Awaiting an upstream fix for CVE-2021-29921

Future Core Updates

  • IDS with multiple providers
    • Some feedback missing, won't make it into C157
    • Stefan is working on tracing back DNS issues (hard-coded rate limit in Suricata?!)
  • Kernel 5.x
    • Some quirks on some x86_64 machines (stalling, reboot fails, ....)
    • Michael takes care of broken collectd (#12576)
    • Drives an DTB adjustments on ARM still missing
    • Help wanted on testing
    • ETA: C158?
  • IPsec with iOS and Windows
    • Daniel gives that a try
  • Toolchain updates (scheduled with new kernel due to ${reasons})
    • New ccache, GCC, etc.
    • Michael tested "gold linker", but that has some issues and does not seem to be actively maintained anymore
    • Michael enabled LTO, but glibc and GCC fail to build with it, performance improvements unclear

Purifying IPFire

  • We decided to drop
    • motion
    • Asterisk
    • SANE
    • intltool
    • miniupnpd
    • fbset
    • libshout et al.?
    • *-compat
    • perl-* and python-* (orphaned dependencies)
    • sendEmail

Drop Python 2

  • Fireinfo needs to be ported to Python 3
  • Aside from that, there is not much left to do
  • Does Kernel still require Python 2?
    • We probably won't remove it from the build system due to dependencies
  • Michael compiles a list of items still left to do