June 09, 2020
pfSense software version 2.4.5-p1 is now available.
This update includes security fixes and stability fixes.
In this article, we take a look at the highlights of this update.
The major security updates are as follows:
- Addressed the issue with large pf tables causing system instability and high CPU usage.
- Fixed an issue on SSHGuard package which prevent it from protecting correctly against brute force attacks.
- Update Unbound to address CVE-2020-12662 and CVE-2020-12663 ; theses vulnerabilities are classified as “High” ; Unbound is the DNS resolver including in pfSense.
- Update json-c to address CVE-2020-12762 ; this vulnerability is classified as “High” ; json-c is a implementation of JSON in C.
- Added protection against misconfigured group privileges.
- Addressed FreeBSD Security Advisories & Errata Notices
Several important bugs have also been fixed.
- Fixed language selection for Chinese (Taiwan) / HK Translations.
- Added support for Intel iwm wireless cards (which works in client mode only).
- Added support for QLogic qlxgb 10Gbit/s Ethernet interfaces.
- Updated DNS Resolver EDNS buffer sizes for DNS flag day 2020.
- Squid : fixed an issue on LDAP filters containing an accent.
This update is available for upgrade or new install.
If the update system does not offer an upgrade to 2.4.5-p1, refresh the repository configuration by running the following commands from the console or shell:
pkg-static clean -ay; pkg-static install -fy pkg pfSense-repo pfSense-upgrade
In any case, remember to make a backup before launching the upgrade, and follow our complete tutorial: [pfSense] Upgrading pfSense (how-to).
Finally, you can consult the complete list of changes by visiting the following page: 2.4.5-p1 New Features and Changes.