IPFire 2.29 - Core Update 187 is available for testing
IPFire 2.29 - Core Update 187 is now available for testing, with improved protection against Distributed Denial-of-Service attacks and several security patches for OpenSSH, Suricata, and Apache2. The update enables IPFire to leverage TCP SYN cookies to protect infrastructure from SYN flood assaults, which is especially useful in high-bandwidth applications and cloud deployments. The IP Blocklist feature now supports two additional lists: 3CORESec and Abuse.ch Botnet C2. Vectorscan, a derivative of Intel's Hyperscan library, supports ARM64 architecture and is expected to increase the Intrusion Prevention System's performance. When configured in the most restrictive mode, the firewall generates more rules, and IPsec connections cannot be established using a FQDN as the Local/Remote ID. Unprivileged applications can no longer use the bpf() syscall, and OpenSSH has been updated to version 9.8p1 to address the privileges escalation attack known as regreSSHion.
IPFire 2.29 - Core Update 187 is available for testing
A new security article has been published: IPFire 2.29 - Core Update 187 is available for testing