Howdy,
An UEFI boot panic scenario was debugged last week with the help of the community. This update includes a fix that will allow the ones affected by this 19.1 issue to upgrade or install (and boot of course) correctly. We are also including the IPsec VTI support and the latest Suricata 4.1.3 with stability and compatibility fixes.
Due to the severity of the UEFI boot panic 19.1.4 will be the new initial release for all upgrades from 18.7 within a day or two depending on additional testing and confirmation. Last but not least there will be new images some time next week to put this fully behind us. Thank you for your patience and understanding. :)
Special thanks go to the team of Synacktiv for reporting a packet filter IPv6 vulnerability for which a patch was included as well.
Here are the full patch notes:
The full list of changes of the OPNsense 19.1 series can be reviewed using their original announcements:
We would also like to use this opportunity to remind everyone that OPNsense is and always will be free software. All of its source code and associated build tools can be found here:
Download links, an installation guide[6] and the checksums for the images can be found below as well.
The public key for the 19.1 series is:
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4NKHVbdmq9RN085Nfdyc ip5IMNwcc4QcvGIbN51+UiHh8+aj+JJSswHg5ZBwKk6bxt8kA1NAJQk5U6Qb/UXi QYt0zvN2ABrzBHq6WRE5WPzmQa1Raky4ChfQqorOFi3D96rMvI/Anm4OLllHcMX/ GKPA1XcODJTFQOjsAR+87V6Em+W0YX0lGLTmWdmwWfGeGQFJzA2A/Wxn3b0jDS9m pyHlj4jzat6032qs7Uxf+qWopj+d76ZyxedQVPswKa9o9qKF2iUoSSG/11kFpLi6 Y+gXCXZDL20GXsPuBi1hpPnkhBFI+WFlC1KiA8RRGMpDKGQFw/XYIwKvfdRw82Mx NkJYCiRNZxXnDzInTLuyEpS9yzQXdxa6YFR9USeFpjLaVUppT57M5xfdPFRdhImj 1crhMjQZWt+054JTadvEu4o1c+45damruqtQntvnF7h5vcNCjExlREKK32rMXbGD Fb19G/3x8UASqVslkXeNtTj0fVPN+78yVyqjWCBe2zHiBlnWBmRu6tlrEDl/MVAz Yk3rHMYdRpDYolWBD8bAzqohSatbrzWUjjF7GlLR6HfXsCYxPzGJb6Ed4We+ZjvH C3/LHyuZD6EmksSraJt8XeVvTQlPnPI+jVbqJERi/p3F9KRVy8mwEwk/4MDbPhZ0 zizSg7+Yn6Rac/F0QlvUPa8CAwEAAQ== -----END PUBLIC KEY-----
Stay safe,
Your OPNsense team
SHA256 (OPNsense-19.1.4-OpenSSL-dvd-amd64.iso.bz2) = 5f2e64797fce03d4d47050894c38e8e176fda6281009abd36f60d788d3e29d42 SHA256 (OPNsense-19.1.4-OpenSSL-nano-amd64.img.bz2) = ee5171fb837884fffd29c6e75cb089dc4020fb89459143bd9e7b859b1da3fd89 SHA256 (OPNsense-19.1.4-OpenSSL-serial-amd64.img.bz2) = 07868978903220bf9dee26c936d25140df07ec9c02cb8c480bd8619e69c562a0 SHA256 (OPNsense-19.1.4-OpenSSL-vga-amd64.img.bz2) = e473bc645778c95596639056ecc8ef92a12a7fd1cdc52cd0b1f6294a64561311
SHA256 (OPNsense-19.1.4-OpenSSL-dvd-i386.iso.bz2) = 9f40b591c27d90a86c60ec0b539f228999953f947573e2e575c2936c3993d7c0 SHA256 (OPNsense-19.1.4-OpenSSL-nano-i386.img.bz2) = c624d50b19f2ae4d471076c53f5c516e3a523ff41b69d0bfa779b5fff6415f81 SHA256 (OPNsense-19.1.4-OpenSSL-serial-i386.img.bz2) = 62bff974ae4238dfc2e830a32fbf4bd357ff418d15be99b89ac129f839e10eaf SHA256 (OPNsense-19.1.4-OpenSSL-vga-i386.img.bz2) = ca893277a02b93129e6a30125107f7ad4fc01673b722f54ce6e5cb7eb438cae4