If you like to support the developers, please donate. It really helps a lot to keep you bringing these updates and making IPFire a little bit better every day!
But before we start talking about the changes in detail, we would like to take a moment and ask for your donation. We put a lot of effort into building and testing this update and could not do any of this without your donation. Please, donate to the project helping us to put more resources to bring you more and better updates. It is very much appreciated by all of us here!
The new look of IPFire is not only coming to our brand new website - it is also coming to IPFire itself. Refreshed with new colors, a fresh font, and many smaller touches to make the web user interface, making IPFire easy to use and allows finding the options that you need at the first glance. On top of this, some smaller usability improvements have been implemented across the web user interface.
IPFire is now based on Linux 6.6.15. Since the last rebase from 6.1, a lot of new features have arrived in Linux which are now available on IPFire, too. The kernel developers have been very busy improving performance throughout the entire kernel.
cpio
2.14, fontconfig
2.15.0, GnuTLS 3.8.2, iptables
1.8.10, iputils
20231222, kmod
31, libgcrypt
1.10.3, libhtp
0.5.46, libnl-3
3.9.0, libseccomp
2.5.5, libssh
0.10.6, libxml2
2.12.3, lmdb
0.9.31, lsof
4.99.3, meson
1.3.1, OpenSSH 9.6p1, p11-kit
0.25.3, qpdf
11.7.0, strongSwan 5.9.13, sudo
1.9.15p5, Suricata 6.0.16mympd
13.0.6: a bootstap based webgui to control mpdcifs-utils
7.0, Git 2.43.0, haproxy
2.8.5, htop
3.3.0, iperf3
3.16, libplist
2.3.0, nfs
4.6.4, nqptp
1.2.4, Postfix 3.8.4, Samba 4.19.3, shairport-sync
4.3.2, Tor 0.4.8.10icinga
package: The version that is being shipped is based on the 1.x branch which has reached its EOL in 2018. As there are not enough users to make an upgrade to Icinga 2.x worthwhile, we are now deprecating this package and planning a removal with Core Update 185.The new look of IPFire is not only coming to our brand new website - it is also coming to IPFire itself. Refreshed with new colors, a fresh font, and many smaller touches to make the web user interface, making IPFire easy to use and allows finding the options that you need at the first glance. On top of this, some smaller usability improvements have been implemented across the web user interface.
IPFire is now based on Linux 6.6.15. Since the last rebase from 6.1, a lot of new features have arrived in Linux which are now available on IPFire, too. The kernel developers have been very busy improving performance throughout the entire kernel.
cpio
2.14, fontconfig
2.15.0, GnuTLS 3.8.2, iptables
1.8.10, iputils
20231222, kmod
31, libgcrypt
1.10.3, libnl-3
3.9.0, libseccomp
2.5.5, libssh
0.10.6, libxml2
2.12.3, lmdb
0.9.31, lsof
4.99.3, meson
1.3.1, OpenSSH 9.6p1, p11-kit
0.25.3, qpdf
11.7.0, strongSwan 5.9.13, sudo
1.9.15p5mympd
13.0.6: a bootstap based webgui to control mpdcifs-utils
7.0, Git 2.43.0, haproxy
2.8.5, htop
3.3.0, iperf3
3.16, libplist
2.3.0, nfs
4.6.4, nqptp
1.2.4, Postfix 3.8.4, Samba 4.19.3, shairport-sync
4.3.2, Tor 0.4.8.10icinga
package: The version that is being shipped is based on the 1.x branch which has reached its EOL in 2018. As there are not enough users to make an upgrade to Icinga 2.x worthwhile, we are now deprecating this package and planning a removal with Core Update 185.Please help us testing this important new release of IPFire, so that we can release the best version of IPFire that there has ever been. If you find any bugs, please report them to the developers - and if you like their work, please support them with a donation!
If you have installed core183 early in testing please reinstall core 183 by setting /opt/pakfire/db/core/mine back to 182 and run pakfire upgrade.
You can determine an outdated version on the kernel version lower than 6.6.15
We're excited to share some thrilling news with you today - a moment we've eagerly awaited and worked tirelessly towards for a long time. The curtains are now rising, and we are proud to unveil the brand-new design of our website!
Our goal was simple: to create a website that does not only reflect our identity as the IPFire community today and in the years to come, but also a digital place that makes things easier for everyone.
First of all: A fresh look! No more grey on grey, but instead one much cleaner, well-structured website that is modern and fun.
A Unified Space We no longer spread our presence over multiple subdomains as we used to: Everything you need is now in one place; making navigation much easier and introduces a true single-sign-on solution across the entire project.
Documentation - Our wiki has now been moved to a central place on our website. Making it easier to access, edit and contribute to will help us all to build a nightly knowledge base all around IPFire.
What actually is IPFire? Our old website left that question open and encouraged people to try it out. Now, there is a brand new page that has a comprehensive overview of IPFire and the project. A great place to get started for new users.
Our download page have been updated to bring you more information about the latest release and there is now an overview of supported cloud providers, too.
And finally, if you still don't know where to find one of the many things that the project is hosting, there is a new sitemap - a compass guiding you to the right place.
All these things are only a few of the many improvements that we have made to our website. Many things have been updated in the web app that we have developed from scratch to make it faster and more secure. We are very proud to have achieved this as it has been a big task for us with so many ideas flowing into the final result. I would like to thank everyone who has contributed to this so that this is truly our website as a community.
The journey does not end here - this is just the beginning! We are excited to start this year with a big bang, some fresh lick of colour and - simply - a better image of our great project. We still have many more ideas to come, but for now...
Here's to a colourful start of 2024!
Update: Because of an error, the announcement email for this went out multiple times to all those people who have subscribed to it. I am sorry for the inconvenience and luckily this seems to have been the only glitch we had when rolling out our new website. Fingers crossed. Sorry.
]]>If you have not supported us yet, please consider making a donation today. Your support plays a pivotal role in collecting funds to make IPFire even more successful in 2024.
This release introduces a change in the default firewall policy for new installations: Blocking outgoing SMTP traffic from internal networks by default. We have recently seen that some installations have infected systems that send out large amounts of spam, resulting in unhappy consequences like having your firewall appear on blocklists and trouble logging into online banking.
We believe that this change that blocks any outgoing connections on port 25 (TCP) will stop this problem, as that port is only used for mailserver-to-mailserver communication. Client system will use Submission on port 587 or 465 instead and therefore this change should not cause any problems for almost all users, but block spam on the Internet. Existing installations won't see any changes.
dhcpcd
10.0.4, elfutils
0.190, gawk
5.3.0, harfbuzz
8.2.2, hwdata
PCI 2023.09.22/USB 2023.11.0.8, IANA 20231026, iproute2 6.6.0, libsodium
1.0.19, jq
1.7, linux-firmware
20231114, Lua 5.4.6, man
2.12.0, mcelog
196, mdns-repeater
1.11, meson
1.2.3, OpenSSH 9.5p1, QPDF 11.6.1, SDL2 2.18.5, shadow
4.14.2, SQLite 3.44.1, Squid 6.6, strongSwan 5.9.12, sudo
1.9.15p2, texinfo
7.1, unbound
1.19.0, usbutils
017, xfsprogs
6.5.0, XZ 5.4.5clamav
1.2.1, dbus
1.14.10, Git 2.42.1, Ghostscript 10.02.1, minicom
2.9, minidlna
1.3.3, mpd
0.23.14, nut
2.8.1, P11-Kit 0.25.2, Postfix 3.8.3, QEMU + Guest Agent 8.1.2, spectre-meltdown-checker
0.46, strace
6.6, Tor 0.4.8.9This update comes with a mix of new features and package updates. Please give it a good round of testing and report any problems back to the developers. If you would like to support us bringing you these updates and making IPFire the best firewall in the world, please donate.
This release introduces a change in the default firewall policy for new installations: Blocking outgoing SMTP traffic from internal networks by default. We have recently seen that some installations have infected systems that send out large amounts of spam, resulting in unhappy consequences like having your firewall appear on blacklists and trouble logging into online banking.
We believe that this change that blocks any outgoing connections on port 25 (TCP) will stop this problem, as that port is only used for mailserver-to-mailserver communication. Client system will use Submission on port 578 or 465 instead and therefore this change should not cause any problems for almost all users, but block spam on the Internet. Existing installations won't see any changes.
dhcpcd
10.0.4, elfutils
0.190, gawk
5.3.0, harfbuzz
8.2.2, hwdata
PCI 2023.09.22/USB 2023.11.0.8, IANA 20231026,iproute2 6.6.0, libsodium
1.0.19, jq
1.7, linux-firmware
20231114, Lua 5.4.6, man
2.12.0, mcelog
196, mdns-repeater
1.11, meson
1.2.3, OpenSSH 9.5p1, QPDF 11.6.1, SDL2 2.18.5, shadow
4.14.2, SQLite 3.44.1, Squid 6.5, strongSwan 5.9.12, sudo
1.9.15p2, texinfo
7.1, unbound
1.19.0, usbutils
017, xfsprogs
6.5.0, XZ 5.4.5clamav
1.2.1, dbus
1.14.10, Git 2.42.1, Ghostscript 10.02.1, minicom
2.9, minidlna
1.3.3, mpd
0.23.14, nut
2.8.1, P11-Kit 0.25.2, Postfix 3.8.3, QEMU + Guest Agent 8.1.2, spectre-meltdown-checker
0.46, strace
6.6, Tor 0.4.8.9If you haven't spent all your money on all the great Black Friday offers, maybe consider making a donation to IPFire today. It helps us to bring you these updates more frequently and allows us to pack more exciting things into them. If you would like to support us, please donate today!
This update features yet another kernel update based on Linux 6.1.61. It brings various security & stability fixes as well as improving IOMMU handling on ARM. To improve security, we have followed Google and disabled io_uring for the time being as it seems to have a lot of security issues.
We have also switched from eudev to the upstream udev which is now part of systemd as eudev is no longer maintained and was lagging behind upstream.
This update features yet another kernel update based on Linux 6.1.61. It brings various security & stability fixes as well as improving IOMMU handling on ARM. To improve security, we have followed Google and disabled io_uring for the time being as it seems to have a lot of security issues.
We have also switched from eudev to the upstream udev which is now part of systemd as eudev is no longer maintained and was lagging behind upstream.
Please help us test this update and report and feedback back to us. If you like what we do, please support our developers with your donation.
]]>IPFire has been rebased on the latest version of the GNU toolchain comprising of glibc 2.38, GCC 13.2.0 & binutils 2.41. This allows us to keep IPFire modern, taking advantage of the latest advances in hardware support and acceleration, but most importantly use the latest hardening technologies available to us.
The Linux kernel maintainers have deprecated support for ReiserFS.
This filesystem has been available for installation in IPFire in the past, but we have removed the option to create new systems in Core Update 167. Therefore we do not expect many people to be using this on IPFire. If you do, you will see a warning on the web console that will warn you about using ReiserFS. Unfortunately, you will need to backup your system and perform a reinstall with a different filesystem, and finally restore the backup.
If you don't use see the warning, you ware using a different filesystem and no action is required.
Although this change log does not read very long, the update is a large step and moves IPFire forward to become an even better firewall. If you would like to support us, please donate!
]]>