IPFire 2.23 Core Update 139 is now available to download

Jan 15, 2020 15:05 GMT  ·  By

A new version of IPFire, the only Linux-based and open-source firewall distribution, has seen the light of day to bring more improvements and updated components.

IPFire 2.23 Core Update 139 is the latest release of the Linux-based firewall distribution, featuring an improved Intrusion Prevention System (IPS) that now receives information about which DNS servers are being used by the system, as well as improved booting and reconnect after loss of Internet connection.

With this new Core Update, IPFire 2.23 is also switching to AES-GCM as preferred cipher when establishing an SSL/TLS connection to the firewall and connections to web user interface. Previously, the firewall distribution made use of the AES-CBC and ChaCha20/Poly1305 ciphers.

"Since AESNI is becoming and more and more popular even on smaller hardware, it makes sense to prefer AES," explains developer Michael Tremer. "A vast majority of client systems support this as well which will allow to communicate faster with IPFire systems and save battery power."

IPFire 2.23 Core Update 139 also updates the Intel microcode firmware to mitigate the latest security vulnerabilities, fixes support for NoIP.com, implements automatic removal of expired clients in the Captive Portal, and adds BIOS 4.10.0.3 support to control PC Engines APU LEDs using the ACPI subsystem.

Updated components

As expected with each new IPFire update, several components and add-ons have received new versions. Including in this release, there's Bash 5.0, BIND 9.11.13, cpio 2.13, lz4 1.9.2, libarchive 3.4.0, Logwatch 7.5.2, Squid 4.9, OpenVPN 2.4.8, OpenSSH 8.1p1, Python 2.7.17, Unbound 1.9.5, and Readline 8.0.

Among the updated add-ons included in this release, we can mention ClamAV 0.102.1, libvirt 5.6.0, QEMU 4.1.0, GNU nano 4.6, Postfix 3.4.8, and spectre-meltdown-checker 0.42. You can download IPFire 2.23 Core Update 139 right now from our free software portal or update your existing installations.