Linux News Today: BSD-Based pfSense 2.2.6 Firewall Patches WebGUI and OpenSSL Security Issues
Electric Sheep Fencing LLC., through Chris Buechler, has been glad to announce the immediate availability for download of the sixth maintenance release of the stable pfSense 2.2 FreeBSD-based firewall distribution.
According to the release notes, which we’ve also attached at the end of the article for reference, pfSense 2.2.6 is mostly a bugfix release that patches several security issues discovered in the WebGUI, captive portal, eap-mschapv2, strongSwan, and the OpenSSL libraries. It also promises to fix multiple bugs that have been reported by users since the previous release of the project, pfSense 2.2.5, which was published two months ago.
“pfSense software version 2.2.6 is now available. This release includes a few bug fixes and security updates,” says Chris Buechler in the official release announcement. “As always, you can upgrade from any previous version straight to 2.2.6. For those already running any 2.2.x version, this is a low risk upgrade. For those on 2.1.x or earlier versions, there are a number of significant changes which may impact you.”
Here’s what’s new in pfSense 2.2.6
pfSense 2.2.6 patches a local file inclusion vulnerability, as well as multiple XSS and CSRF security issues in the WebGUI (web-based interface), addresses an SQL injection vulnerability in the captive portal logout, fixes an authentication bypass vulnerability discovered in the eap-mschapv2 plugin, patches multiple OpenSSL vulnerabilities, and updates strongSwan to version 5.3.5_2. Therefore, all users are urged to update to this release as soon as possible.
pfSense 2.2.6 has been synchronized with the upstream software repositories of the FreeBSD 10.1-RELEASE-p25 operating system, which means that it includes all the software updates and security patches that have been released as of December 21, 2015. Download pfSense 2.2.6 right now via Softpedia or directly from the project’s website, where you can also find all the information you need to get started with pfSense.