Agenda
- Core Updates
- Core Update 185 - Feedback on Testing
- Core Update 186 - Planning
- Roadmap
- #13642
- IP Address Blocklists
- AlienVault list has not been updated since at least Nov 2021, probably much earlier
- List is still available for download on AT&T Security website but no longer mentioned in any web entry
- Proposal to remove this list from the sources file
- Addons
- sslh was updated from 1.7a(2013) to 1.22c in Sep 2021
- 5 days ago a user identified that the package will not start
- Between 1.7a and 1.22c the configuration format was change significantly and sslh does not recognise the current options
- Is this worth still keeping in the addon list?
- OpenVPN
- Whirlpool TLS hash algorithm has been moved to the legacy set by OpenSSL-3
- What action to take. Users currently selecting it get a failed TLS connection with a log message saying "Message hash algorithm 'whirlpool' not found"
Attendees
- Michael
- Arne
- Adolf
- Daniel
- Peter
Log
Core Update 185
- Some serious issues regarding Suricata have been discovered and fixed
- The update will remain in testing for at least another week, but urgent changes are included so a release should happen as soon as possible
Core Update 186
- A kernel update is included and has received good testing
- Since there are not many changes in the queue, this update might only include the kernel and some smaller bits
- Icinga will be finally removed as previously announced
- Presentation of the changes that have happened so far
- Support for legacy ciphers/hashes might be removed quickly as it already not working and there don't seem to be any users - thankfully
IPFire Location
- Lua Bindings
- DNS is a new, experimental feature
Misc.
- AlienVault will be removed
- sslh will be removed as there are only very few users not justifying adjusting all the changes required to make it work well