2.3.2-p1 New Features and Changes¶
2.3.2 Update 1¶
FreeBSD-SA-16:26.openssl - Multiple vulnerabilities in OpenSSL. The only significant impact on pfSense is OCSP for HAproxy and FreeRADIUS.
Several HyperV-related Errata in FreeBSD 10.3, FreeBSD-EN-16:10 through 16:16. See https://www.freebsd.org/relnotes/10-STABLE/errata/errata.html for details.
Several built-in packages and libraries have been updated, including:
PHP to 5.6.26
libidn to 1.33
curl to 7.50.3
libxml2 to 2.9.4
The hardware serial number is now displayed in the system information widget, or a host UUID if a serial number is not found. This is for display purposes and facilitates users seeking support in identifying their hardware.
Added encoding to the ‘zone’ parameter on Captive Portal pages.
Added output encoding to diag_dns.php for results returned from DNS. #6737
Worked around a Chrome bug with regular expression parsing of escaped characters within character sets. Fixes “Please match the requested format” on recent Chrome versions. #6762
Fixed DHCPv6 server time format option #6640
Fixed /usr/bin/install missing from new installations. #6643
Increased filtering tail limit for logging so searching will locate sufficient entries. #6652
Cleaned up Installed Packages widget and HTML. #6601
Fixed widget settings corruption when creating new settings. #6669
Fixed various typos and wording errors.
Removed defunct links to the devwiki site. Everything is on https://www.netgate.com/docs/pfsense/ now.
Added a field to CA/Cert pages for OU, which is required by some external CAs and users. #6672
Fixed a redundant HTTP “User-Agent” string in DynDNS updates.
Fixed the font for sortable tables.
Added a check to verify if an interface is active in a gateway group before updating dynamic DNS.
Fixed wording of the “Reject leases from” option for a DHCP interface (it can only take addresses, not subnets.) #6646
Fixed error reporting for SMTP settings test.
Fixed saving of country, provider, and plan values for PPP interfaces
Fixed checking of invalid “Go To Line” numbers on diag_edit.php. #6704
Fixed off-by-one error with “Rows to Display” on diag_routes.php. #6705
Fixed description of the filter box on diag_routes.php to reflect that all fields are searchable. #6706
Fixed description of the box for the file to edit on diag_edit.php. #6703
Fixed description of the main panel on diag_resetstate.php. #6709
Fixed warning dialog when a box is unchecked on diag_resetstate.php. #6710
Fixed log shortcut for DHCP6 areas. #6700
Fixed the network delete button showing when only one row was present on services_unbound_acls.php #6716
Fixed disappearing help text on repeatable rows when the last row is deleted. #6716
Fixed dynamic DNS domain for static map DHCP entries
Added control to set dashboard widget refresh period
Added “-C /dev/null” to the dnsmasq command line parameters to avoid it picking up an incorrect default configuration which would override our options. #6730
Added “-l” to traceroute6 to show both IP Addresses and Hostnames when resolving hops on diag_traceroute.php. #6715
Added note about max ttl/hop limit in source comment on diag_traceroute.php.
Clarified language on diag_tables.php. #6713
Cleaned up the text on diag_sockets.php. #6708
Fixed display of VLAN interface names during console assignment. #6724
Fixed domain-name-servers option showing twice in pools when set manually.
Fixed handling of DHCP options in pools other than the main range. #6720
Fixed missing hostnames in some cases with dhcpdv6. #6589
Improved pidfile handling for dhcpleases.
Added checks to prevent accessing an undefined offset in IPv6.inc.
Fixed the display of the alias popup and edit options on source and destination for both the address and port on outbound NAT.
Fixed handling of backup config count. #6771
Removed some dangling PPTP references that are no longer relevant.
Fixed up/caught up remote syslog areas. Added “routing”, “ntpd”, “ppp”, “resolver”, fixed “vpn” to include all VPN areas (IPsec, OpenVPN, L2TP, PPPoE Server). #6780
Fixed missing checkboxes in some cases when adding rows on services_ntpd.php. #6788
Revised service running/stopped icons.
Added a check to CRL management to remove certificates from the drop-down list that are already contained in the CRL being edited.
Fixed rule separators moving when multiple firewall rules are deleted at the same time. #6801