pfSense® software version 2.2.6 is now available. This release includes a few bug fixes and security updates.
Security Fixes and Errata
- pfSense-SA-15_09.webgui: Local File Inclusion Vulnerability in the pfSense WebGUI
- pfSense-SA-15_10.captiveportal: SQL Injection Vulnerability in the pfSense captive portal logout
- pfSense-SA-15_11.webgui: Multiple XSS and CSRF Vulnerabilities in the pfSense WebGUI
- Updated to FreeBSD 10.1-RELEASE-p25
- FreeBSD-SA-15:26.openssl Multiple vulnerabilities in OpenSSL
- Updated strongSwan to 5.3.5_2
- Includes fix for CVE-2015-8023 authentication bypass vulnerability in the eap-mschapv2 plugin.
Bug Fixes and Change List
As always, you can upgrade from any previous version straight to 2.2.6. For those already running any 2.2.x version, this is a low risk upgrade. For those on 2.1.x or earlier versions, there are a number of significant changes which may impact you. Pay close attention to the 2.2 Upgrade Notes for the details.
pfSense software is Open Source
For those who wish to review the source code in full detail, the changes are all publicly available in three repositories on GitHub:
- Main repository - the web GUI, back end configuration code, and build tools.
- FreeBSD source - the source code, with patches of the FreeBSD base.
- FreeBSD ports - the FreeBSD ports used.
Downloads are available on the mirrors as usual.
Downloads for New Installs and Upgrades to Existing Firewalls – note that it is typically easier to use the auto-update functionality, then there is no need to download anything manually. Check the Firmware Updates page for details.
Supporting the Project
Our efforts are made possible by the support of our customers and the community. You can support our efforts via one or more of the following.
- Official appliances, apparel and pre-loaded USB sticks direct from the source. Our appliances are the fast, easy way to get up and running with a fully-optimized firewall.
- Gold subscription – Immediate access to past hang out recordings as well as the latest version of the book after logging in to the members’ area.
- Commercial Support – Purchasing support from us provides you with direct access to Netgate Global Support.
- Professional Services – For more involved and complex projects outside the scope of support, our most senior engineers are available under professional services.