Michael Tremer announced today the general availability of Core Update 143 of the IPFire 2.25 open-source Linux firewall distribution.
The monthly Core Updates for the IPFire 2.25 Linux firewall distribution continue with version 143, which ships with an updated toolchain based on GNU C Library 2.31, GCC (GNU Compiler Collection) 9.3.0, and GNU Binutils 2.34.
IPFire 2.25 Core Update 143 also optimizes the build system to take advantage of large amounts of memory on computers to use less I/O resources by no longer writing large temporary files to disk.
The built-in IPS (Intrusion Prevention System) has received some attention in this release to be more secure and faster than ever before. Changes include the addition of new firewall rules, the disablement of the DNS flood trigger, and handling of HTTP proxy from and to the web proxy by the HTTP preprocessor.
Among other improvements, users will be able to again set the IKE lifetime to up to 24 hours, OpenVPN will no properly stop Net-to-Net connections when the user deletes them, and the Linux kernel was hardened against unauthorized access to symlinked or hardlinked files.
Moreover, the boot process was improved when searching for sensors, which is now being done in the background, support for implicit TLS was added to the internal mail agent, the Net Traffic page was updated to display recent data on some systems, and the German translation was improved.
Updated packages include Bind 9.11.17, Cairo 1.16.0, GNU Coreutils 8.31, DHCP 4.4.2, DMA 0.12, libtool 2.4.6, Logwatch 7.5.3, Ncurses 6.2, NTP 4.2.8p14, OpenSSH 8.2p1, OpenSSL 1.1.1f, Smartmontools 7.1, StrongSwan 5.8.4, Unbound 1.10.0, and XZ 5.2.5.
Updated add-ons include amazon-ssm-agent 2.3.930.0, Keepalived 2.0.20, libssh 0.9.3, GNU nano 4.9, nginx 1.17.8, Postfix 3.5.0, pcengines-apu-firmware 188.8.131.52, spectre-meltdown-checker 0.43, Tor 0.4.2.7, and TShark 3.2.2.
This release also removes the Bluetooth add-ons as there’s no application available in IPFire to use them. You can download IPFire 2.25 Core Update 143 right now from the official website or update your installations.