14 DAY TRIAL // Rubicon Communications' Jim Pingle is announcing the availability of the pfSense 2.3.3-p1 maintenance update to the world's most trusted open source firewall based on BSD technologies.
pfSense 2.3.3-p1 appears to be a small point release that includes an up-to-date base system updated to the FreeBSD 10.3-RELEASE-p17 build, fixing the CVE-2016-7055, CVE-2017-3731, and CVE-2017-3732 vulnerabilities. It also includes a total of nineteen security/bug fixes, especially for cURL, which was updated to version 7.53.0 to fix CVE-2017-2629, and OpenSSL.
"This is a maintenance/errata patch available by running an update from an existing installation, and it does not have a standalone installer to download. Version 2.3.3-p1 includes two security fixes in underlying software (OpenSSL and cURL), and 19 other bug fixes," reads the announcement.
Also updated in this version is the blog URL in the RSS widget, and it looks like the devs decided to remove the whirlpool from the list of CA/certificate digest algorithms as it didn't work correctly in the first place. Below you can find attached the full changelog to see which bugs have been addressed in this maintenance update.
You can download the pfSense 2.3.3-p1 images right now from our website if you want to perform a new installation or have planned a reinstall on your infrastructure. Existing users need only to update their systems to the 2.3.3-p1 release as soon as possible. Please note that the firewall will restart automatically after the update.