IPFire 2.29 - Core Update 200 has been released for testing, marking a significant milestone for the development team and the IPFire community. This update includes a rebase on the Linux kernel 6.18 LTS (specifically version 6.18.7), which brings enhanced security measures, improved performance, and greater system stability. With these upgrades, users can expect smoother network operations and better protection against vulnerabilities.
One of the notable features introduced in this update is the IPFire Domain Blocklist (DBL), designed to replace the outdated Shalla list. The DBL helps prevent unwanted web traffic by blocking identified malicious domains. Users can employ this system through the URL Filter to actively restrict harmful sites or integrate it with Suricata, the Intrusion Detection and Prevention System (IDS/IPS), for more effective deep packet inspection.
In addition to these key updates, several enhancements have been made across the system. The Intrusion Prevention System has been optimized to automatically manage its cache by removing outdated signature data, thereby conserving storage. The reporter utility has been improved to provide more in-depth insights into incidents related to DNS and HTTP connections, aiding administrators in security investigations.
Further improvements include modifications to the OpenVPN configuration system, which has streamlined some settings, and the reintroduction of support for older 802.11a/g wireless access points. The DNS resolver, Unbound, now operates with multiple threads to enhance speed and efficiency, especially under high demand.
From a security perspective, the core OpenSSL library has been updated to version 3.6.1, and multiple vulnerabilities in glibc have been patched, including CVEs 2026-0861, 2026-0915, and 2025-15281. The update also comes with various package upgrades, keeping key software such as Apache, bash, BIND, and GnuPG current with the latest security fixes and features.
Moreover, the update bundles several minor add-ons and utility packages, including alsa, ClamAV, dnsdist, and Tor, many of which have been upgraded to their latest stable versions. This comprehensive approach ensures that IPFire remains a reliable and up-to-date platform for users.
In conclusion, IPFire 2.29 - Core Update 200 not only enhances security and performance through its kernel update and new blocking features but also demonstrates a commitment to continual improvement and user support. As the testing phase progresses, feedback from the community will help refine this update further, solidifying IPFire's position as a robust network security solution
One of the notable features introduced in this update is the IPFire Domain Blocklist (DBL), designed to replace the outdated Shalla list. The DBL helps prevent unwanted web traffic by blocking identified malicious domains. Users can employ this system through the URL Filter to actively restrict harmful sites or integrate it with Suricata, the Intrusion Detection and Prevention System (IDS/IPS), for more effective deep packet inspection.
In addition to these key updates, several enhancements have been made across the system. The Intrusion Prevention System has been optimized to automatically manage its cache by removing outdated signature data, thereby conserving storage. The reporter utility has been improved to provide more in-depth insights into incidents related to DNS and HTTP connections, aiding administrators in security investigations.
Further improvements include modifications to the OpenVPN configuration system, which has streamlined some settings, and the reintroduction of support for older 802.11a/g wireless access points. The DNS resolver, Unbound, now operates with multiple threads to enhance speed and efficiency, especially under high demand.
From a security perspective, the core OpenSSL library has been updated to version 3.6.1, and multiple vulnerabilities in glibc have been patched, including CVEs 2026-0861, 2026-0915, and 2025-15281. The update also comes with various package upgrades, keeping key software such as Apache, bash, BIND, and GnuPG current with the latest security fixes and features.
Moreover, the update bundles several minor add-ons and utility packages, including alsa, ClamAV, dnsdist, and Tor, many of which have been upgraded to their latest stable versions. This comprehensive approach ensures that IPFire remains a reliable and up-to-date platform for users.
In conclusion, IPFire 2.29 - Core Update 200 not only enhances security and performance through its kernel update and new blocking features but also demonstrates a commitment to continual improvement and user support. As the testing phase progresses, feedback from the community will help refine this update further, solidifying IPFire's position as a robust network security solution
IPFire 2.29 - Core Update 200 is available for testing
IPFire 2.29 - Core Update 200 is now available for testing, featuring a rebase onto Linux kernel 6.18 LTS with improvements in security defenses, performance, and system stability. This update also introduces the new IPFire Domain Blocklist (DBL) system, which aims to block unwanted web traffic by identifying domains that may be malicious. Other changes include updates to the built-in Intrusion Prevention System, reporter utility, OpenVPN configuration system, and various package upgrades for improved security and features. The update includes many minor add-ons and bundles several newer versions of software packages to keep the platform current and reliable.
IPFire 2.29 - Core Update 200 is available for testing @ Linux Compatible
