Author Archives: Scott Magee

OPNsense has released hotfix **25.10.2_11**, continuing its commitment to delivering reliable and secure updates to the community.

This hotfix includes a system adjustment that moves `ldap_escape()` to the caller to prevent potential side effects. The update reflects the project’s proactive approach to maintaining stability and ensuring smooth operation for users.

Staying current with hotfix releases helps maintain optimal performance and security across OPNsense deployments.

Read the original update here:
https://forum.opnsense.org/index.php?topic=50819.msg264957#msg264957

OPNsense has released hotfix version **25.10.2_10**, addressing important security and performance improvements.

This update includes:
– A fix to properly escape LDAP usernames during search, addressing a reported security issue (CVE reference available).
– An enhancement to Unbound, limiting DuckDB to a single thread in write mode to significantly reduce logger memory usage.

These refinements reflect OPNsense’s continued commitment to proactive security and system stability.

Full release details:
https://forum.opnsense.org/index.php?topic=50819.msg264753#msg264753

OPNsense has released a new update, reaffirming its ongoing commitment to security and reliability.

This latest release addresses several important security issues, most notably a fix for an LDAP authentication injection vulnerability that could allow group restriction bypass during login. The update also includes important third-party patches for Curl and OpenSSL, further strengthening overall system security.

With proactive maintenance and rapid response to vulnerabilities, OPNsense continues to demonstrate its dedication to delivering a secure and dependable open-source firewall platform.

Read the full update here:
https://forum.opnsense.org/index.php?topic=51570.msg264750#msg264750

OPNsense has released hotfix **25.10.2_8**, delivering several important stability and functionality improvements.

This update includes fixes for:

– The static neighbor apply button in Interfaces (contributed by Konstantinos Spartalis)
– Missing “log” statement in one-to-one NAT rule rendering
– Delete selected functionality for IPsec SPD and SAD
– A configuration-related MVC issue

These targeted corrections reinforce OPNsense’s commitment to continuous improvement, reliability, and responsive community-driven development.

Read the full update here:
https://forum.opnsense.org/index.php?topic=50819.msg263726#msg263726

OPNsense has released a new update featuring several third-party package upgrades along with important core fixes and improvements.

Notably, this release introduces Kea DHCP enhancements, including DDNS and extended options support—highly anticipated features for many users. Additionally, captive portal IPv6 improvements are now ready for broader testing in the development version, marking continued progress toward stronger IPv6 capabilities.

Another solid step forward for the OPNsense community, delivering stability, functionality, and forward-looking enhancements.

Read the full update here:
https://forum.opnsense.org/index.php?topic=51402.msg263495#msg263495

OPNsense has released hotfix version **25.10.2_4**, continuing its commitment to stability and performance.

This update includes a fix for **Unbound**, resolving a blocklist addition issue on the reporting page following the recent POST-only adjustment. The hotfix ensures smoother functionality and maintains the reliability users expect from OPNsense deployments.

Staying current with updates like this helps maintain optimal security and performance across environments.

Read the full update here:
https://forum.opnsense.org/index.php?topic=50819.msg262809#msg262809

OPNsense has released hotfix **25.10.2_3**, delivering targeted improvements to enhance stability and security across the platform.

This update includes:

– A fix for captive portal hard-timeout calculation
– Prevention of unnecessary background cleanups in firmware update hooks
– A security enhancement addressing a CSRF vulnerability in multiple API endpoints by enforcing POST-only requests (contributed by Oliver)

These timely updates reflect the OPNsense team’s continued commitment to reliability, performance, and proactive security.

Read the full update here:
https://forum.opnsense.org/index.php?topic=50819.msg262485#msg262485

OPNsense has released a new maintenance update, focusing on stability, reliability, and continuous improvement across various areas of the platform.

This release includes important fixes, along with a security update addressing a CVE related to missing POST checks in the GUI API. The team extends appreciation to the community for reporting issues and actively testing fixes, helping ensure fast and efficient release cycles.

Another strong example of proactive security management and community-driven development.

Read the full update here:
https://forum.opnsense.org/index.php?topic=51239.msg262394#msg262394

OPNsense has released a new update, marking an important milestone with the migration to **Python 3.13**. This upgrade follows previous challenges with Python 3.11 and related security patch limitations, reinforcing the project’s ongoing commitment to security and stability.

The update also delivers multiple improvements to the new rules GUI, along with a variety of refinements across the codebase. Additionally, two FreeBSD-related updates are included, further strengthening the platform’s reliability and performance.

This release reflects the continuous dedication of the OPNsense team to enhancing usability, security, and overall system resilience.

🔗 Read the full update here: https://forum.opnsense.org/index.php?topic=51145.msg261813#msg261813

OPNsense 26.1.2 Has Been Released ✅

The OPNsense team has announced the release of **OPNsense 26.1.2**, delivering important updates and improvements to further enhance platform stability, performance, and security.

Updated installation images are now available (DVD, Nano, and Serial), along with published SHA256 checksums to ensure file integrity and secure deployments.

This release reflects the continued commitment of the OPNsense project to providing a reliable, open-source firewall and routing platform for modern networks.

Full release details can be found here:
https://forum.opnsense.org/index.php?topic=50868.msg260772#msg260772