IPFire Hardened Linux Firewall Distribution Gets Major Update

IPFire Hardened Linux Firewall Distribution Gets Major Update


IPFire 2.21 Core Update 122 is now available to download as a drop-in replacement to the three-months-old IPFire 2.19 Core Update 120 and finally bump the version number from 2.19 to 2.21. However, this being a major update, it was split into two parts, so you’ll have first to install the IPFire 2.19 Core Update 121 to be able to run the IPFire 2.21 Core Update 122 release.
The most prominent new feature in IPFire 2.21 Core Update 122 is the Linux 4.14.50 kernel, which contains mitigations for both the Meltdown and Spectre security vulnerabilities on various hardware architectures, along with a microcode firmware update for Intel processors. However, the grsecurity patches for the Linux kernel were removed due to them being incompatible with this kernel.
The developers noted the fact that IPFire remains hardened and secure despite the grsecurity security enhancement patches being removed as many of their features were backported. The new kernel version also renders IPFire incompatible with ARM systems, which means that users would have to do a fresh install of IPFire and restore from a recent backup.
Another interesting change of the IPFire 2.21 Core Update 122 release is the fact that the partition layout was modified to no longer include the /var partition used for logs and system data collection, which are now included into a single partition as part of the rest of the operating system. Also, the /boot partition size was increased to 128MB.
Other noteworthy changes include an updated list of trusted Certificate Authorities (CA), updated firmware for several baseboards and drivers, and an improved web-based UI that’s now capable of displaying logged in users on the console. IPFire 2.21 Core Update 122 also comes with the ClamAV 0.100.0 and nagios-nrpe 3.2.1 add-ons.

Source: https://news.softpedia.com/news/ipfire-hardened-linux-firewall-distribution-gets-major-update-here-s-what-s-new-522159.shtml
Submitted by: Arnfried Walbrecht


Comments are closed.