Results 1 to 1 of 1

Thread: IPFire 2.27 - Core Update 173 released

  1. #1
    g0d! Contributing Member siosios's Avatar
    Join Date
    Oct 2006
    Location
    In a cardboard box
    Age
    51
    HlStats

    HLStatsX Ranking for STEAM_0:1:13488560
    Posts
    13.568
    Blog Entries
    12
    Rep Power
    10

    Default IPFire 2.27 - Core Update 173 released

    The first Core Update in 2023 has been released: IPFire 2.27 - Core Update 173. It introduces support for 4G and 5G modems that use the QMI interface, features a kernel fresh from the latest 6.1 stable series, as well as the usual plethora of package updates, security improvements and bug fixes.
    IPFire users running 32-bit ARM devices should note that support for this architecture will sunset at the end of this month, and are advised to migrate their installations to a hardware architecture supported by IPFire now. Consequently, this will be the last update released for this architecture.
    Introducing QMI support

    The Qualcomm MSM Interface is a proprietary interface increasingly used by 4G and 5G cellular modems. Commencing with this Core Update, IPFire supports interacting with such modems, thus significantly expanding its hardware compatibility to QMI-only cellular modems, and providing a faster and more modern interface.
    Thanks to Michael for implementing this feature. On that occasion, he also refactored related networking code.
    Linux Kernel 6.1.11

    Arne has updated the Linux kernel to the most recent stable series, 6.1.11, which has become the new long-term series. Aside from the usual improvements such major kernel updates bring like bug fixes, improved hardware support and security improvements, we took the occasion to bring several new hardening changes to IPFire users:

    • System calls permitting processes to read or write other processes' memory are no longer provided by the kernel.
    • On EFI systems supporting it, the firmware is now instructed to wipe all memory when rebooting, to hamper cold boot attacks.
    • Landlock support has been enabled.
    • GCC's "latent entropy" plugin has been disabled, since it does not generate cryptographically secure entropy.
    • To cut attack surface, support for both the ACPI configuration file system and obsolete PCMCIA/CardBus subsystem has been removed.
    • On 64-bit ARM installations, direct memory access via malicious PCI devices is no longer possible.

    Miscellaneous


    • The OpenVPN 2FA authenticator will no longer enter an infinite loop if the socket connection to OpenVPN is lost (#12963).
    • A user group necessary for interaction between D-Bus and Avahi is now properly created while installing the latter add-on (#13017).
    • The OpenVPN GUI has seen minor improvements and cleanups (#13030).
    • A bug in the firewall engine permitting the creation of rules with invalid sources has been resolved.
    • Input like *.example.com is now properly treated as a wildcard domain by the web interface (#12937).
    • libtirpc is now part of the core system, since it is needed as a dependency by lsof (#13015).
    • The obsolete spandsp add-on has been dropped.
    • Updated packages: Apache 2.4.55, bind 9.16.37, curl 7.87.0, ethtool 6.1, file 5.44, fontconfig 2.14.1, fuse 3.13.0, grep 3.8, harfbuzz 6.0.0, iana-etc 20221226, iproute2 6.1.0, ipset 7.17, iptables 1.8.9, iputils 20221126, iw 5.19, jquery 3.6.3, json-c 0.16, keyutils 1.6.3, knot 3.2.4, krb5 1.20.1, lcms2 2.14, less 608, libarchive 3.6.2, libcap 2.66, libconfig 1.7.3, libffi 3.4.4, libgpg-error 1.46, libidn 1.41, libinih r56, libjpeg 2.1.4, libloc 0.9.16, libmpc 1.3.1, libpcap 1.10.3, libssh 0.10.4, libstatgrab 0.92.1, libtiff 4.5.0, libtool 2.4.7, libusb 1.0.26, libxslt 1.1.37, libyang 2.1.4, linux-firmware 20221214, logrotate 3.21.0, lz4 1.9.4, memtest86+ 6.01, mpfr 4.2.0, nano 7.2, ncurses 6.4, OpenSSH 9.2p1, OpenSSL 1.1.1t, pcre2 10.42, perl-HTML-Parser 3.78, pixman 0.42.2, poppler 23.01.0, psmisc 23.6, rust 1.65, sdl2 2.26.2, shadow 4.13, sqlite 3400100, squid-asnbl 0.2.4 (resolving #13023), strongswan 5.9.9, sudo 1.9.12p2, suricata 6.0.10, xfsprogs 6.1.1, xz 5.4.1
    • Updated add-ons: alsa 1.2.8, bird 2.0.11, borgbackup 1.2.3 (resolving #13032), ClamAV 1.0.1, dbus 1.14.4, dnsdist 1.7.3, ghostscript 10.0.0, haproxy 2.7.1, igmpproxy 0.4, iotop 1.22, iperf 2.1.8, iperf3 3.12, libcdada 0.4.0, libexif 0.6.24, libpciaccess 0.17, libshout 2.4.6, libtalloc 2.3.4, libusbredir 0.13.0, libvirt 8.10.0, mc 4.8.29, nfs 2.6.2, nqptp ad384f9, pcengines-apu-firmware 4.17.0.3, python3-packaging 23.0, samba 4.17.4, shairport-sync 4.1.1, strace 6.1, tcpdump 4.99.3, Tor 0.4.7.13

    As always, we thank all people contributing to this release in whatever shape and form. Please note IPFire is backed by volunteers, maintaining and improving this distribution in their spare time - should you like what we are doing, please donate to keep the lights on, an consider becoming engaged in development to distribute the load over more shoulders.


    More...
    Last edited by siosios; 05-13-2023 at 03:11 AM.

Thread Information

Users Browsing this Thread

There are currently 2 users browsing this thread. (0 members and 2 guests)

Similar Threads

  1. IPFire 2.27 - Core Update 174 released
    By siosios in forum Ipfire
    Replies: 0
    Last Post: 05-13-2023, 03:08 AM
  2. Replies: 0
    Last Post: 05-13-2023, 03:08 AM
  3. Enabling IPFire for 5G
    By siosios in forum Ipfire
    Replies: 0
    Last Post: 05-13-2023, 03:08 AM
  4. Replies: 0
    Last Post: 03-04-2019, 11:59 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •