Archive for April, 2013

2.0.3 Release Now Available!

Monday, April 15th, 2013

I’m happy to announce the release of pfSense 2.0.3.┬áThis is a maintenance release with some bug and security fixes since 2.0.2 release. You can upgrade from any previous release to 2.0.3.

Change List

Security Fixes

  • Updated to OpenSSL 0.9.8y to address FreeBSD-SA-13:03.
  • Fix below XSS in IPsec log possible from users possessing shared key or valid certificate
  • Below S.M.A.R.T. input validation fix isn’t security relevant in the vast majority of use cases, but it could lead to privilege escalation for an administrative user with limited rights who can access the S.M.A.R.T. pages but cannot access any of the pages that allow command execution by design.

Read the rest of this entry »