Hello everyone,
It almost looks like business as usual. But we all know it is not. We will get through this together.
Here are the full patch notes:
- system: add missing strtolower() in LDAP sync response
- system: fix /var/run/legacy_log socket creation race with Syslog-ng
- system: add info button to display privilege / ACL endpoints
- system: make IPsec tap tunables overwriteable
- firewall: floating means either all interfaces or more than one selected
- firewall: simplify group maintenance by only applying them on filter reload
- interfaces: use primary IPv6 and support VIP tracking
- interfaces: multiple changes in radvd.conf setup (contributed by maurice-w)
- dhcp: fix DDNS support in DHCPv6 (contributed by Wagner Sartori Junior)
- firmware: mirror opnsense.ieji.de renamed to opn.sense.nz
- openvpn: improve openvpn_port_used() logic
- unbound: minor cleanup in /api/unbound/diagnostics/stats endpoint
- unbound: remove 192.0.0.0/24 from rebinding prevention list (contributed by maurice-w)
- mvc: simplify reload of captive portal, cron, IDS, alias, loopback, VXLAN, web proxy, routes, syslog and shaper
- mvc: limit dropdown size to 10 if not specified
- mvc: support inheritance of the ArrayField type
- mvc: synchronize backup timestamps with revisions
- mvc: fixed width for timestamp column in logging
- mvc: init errorMessage to prevent crash reports
- shell: use interfaces_primary_address6() for correct IPv6 display
- shell: append a newline in pluginctl -g mode
- plugins: os-acme-client 1.30[1]
- plugins: os-bind 1.13[2]
- plugins: os-freeradius 1.9.6[3]
- plugins: os-haproxy 2.21[4]
- plugins: os-maltrail 1.5[5]
- plugins: os-nginx 1.19[6]
- plugins: os-nut 1.7[7]
- plugins: os-postfix 1.14[8]
- plugins: os-tayga 1.0 (contributed by Michael Muenz)
- plugins: os-telegraf 1.7.7[9]
- plugins: os-unbound-plus 1.0 (contributed by Michael Muenz and Petr Kejval)
- lang: multiple updates to supported languages
- lang: new Turkish translation (contributed by Aydin Yakar)
- src: work around PCI devices which return all zeros for reads of existing MSI-X table VCTRL registers
- src: fix incorrect checksum calculations with IPv6 extension headers[10]
- src: fix TCP IPv6 SYN cache kernel information disclosure[11]
- src: fix insufficient oce(4) ioctl(2) privilege checking[12]
- src: fix incorrect user-controlled pointer use in epair[13]
- src: fix kernel memory disclosure with nested jails[14]
- ports: curl 7.69.1[15]
- ports: krb5 1.18[16]
- ports: openssh 8.2p1[17]
- ports: openssl 1.1.1f[18]
- ports: perl 5.30.2[19]
- ports: php 7.2.29[20]
- ports: python 3.7.7[21]
- ports: strongswan 5.8.3[22]
- ports: sudo 1.8.31p1[23]
Stay safe and healthy,
Your OPNsense team