Hi there,

With a bit of delay we bring to you the usual mix of security and reliability updates. It is of note that the OpenVPN advisory tracked as CVE-2020-15078 does not affect the provided version 2.4.11, but the security audit will falsely flag it as vulnerable because the source of the audit is FreeBSD where OpenVPN was migrated to 2.5 series already.

Plans for upcoming 21.1.x versions include a swift Phalcon 4 migration as well as Python 3.8 and PHP 7.4 updates.

Here are the full patch notes:


Stay safe,
Your OPNsense team