Get ready to experience the best of IPFire 2.27 – Core Update 173! Not only is this update introducing support for 4G and 5G modems that utilize the QMI interface, but also includes a kernel freshly picked from 6.1’s stable series as well as an array of package updates, security enhancements, and bug fixes so you can be sure your device is always up-to-date with the latest improvements!
The final update for 32-bit ARM devices running IPFire is being released at the end of this month. It’s time to migrate your installations over to a supported hardware architecture if you haven’t already done so; otherwise, you risk missing out on important updates and features!
We are excited to announce the arrival of QMI support in IPFire! Qualcomm MSM Interface is a proprietary interface used for 4G and 5G cellular modems, and now with this Core Update, IPFire will be able to connect with these types of modems. It’s never been easier or faster – you won’t have any compatibility issues. Special thanks go out to Michael, who worked hard on refactoring various aspects of networking code as well as adding this feature.
Arne recently released the Linux kernel 6.1.11 series, making it IPFire’s new long-term version. This update not only offers bug fixes and improved hardware support like any major kernel upgrade would give but also security enhancements that have never been seen before! With these hardening changes, IPFire users can now rest assured that they have reliable protection.
IPFire 2.27 has introduced a range of changes and enhancements to ensure higher security protection. The kernel no longer provides system calls permitting processes to read or write other processes’ memory. EFI systems now have the firmware instructed to wipe all memory when rebooted, protecting against cold boot attacks.
Additionally, GCC’s “latent entropy” plugin has been disabled as it does not provide cryptographically secure entropy. To further reduce the attack surface, support for ACPI configuration files and obsolete PCMCIA/CardBus subsystems have been removed.
Moreover, 64-bit ARM installations now have protection against direct memory access via malicious PCI devices. All of these changes are designed to ensure that IPFire 2.27 provides the highest level of security possible.
IPFire 2.27 – Core Update 173 contains a variety of changes to the system, including improvements to the OpenVPN 2FA authenticator so that it no longer enters an infinite loop if the socket connection to OpenVPN is lost and minor UI tweaks to the OpenVPN GUI.
Additionally, a bug that previously allowed for invalid sources when creating rules in the firewall engine has been fixed, and wildcard domains are now properly handled by the web interface. Finally, libtirpc is now part of the core system due to it being a dependency for lsof, and the obsolete spandsp add-on has been dropped.
