IPFire 2.19 - Core Update 102 released, soon after 101

The IPFire team announced availability of IPFire 2.19 - Core update 102, latest update pack for IPFire 2.19, an open source firewall distribution that can be easily customized as a firewall, or a proxy server or a gateway.

IPFire 2.19 core update 102 comes just 2 days after release of core update 101. Even though there was only two day gap between two update packs, the team has made several bug fixes in OpenSSL library and hence it is recommended to install this update pack as early as possible.

Following are changes made in IPFire 2.10 Core update 102.
  • Memory corruption in the ASN.1 encoder (CVE-2016-2108)
  • Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
  • EVP_EncodeUpdate overflow (CVE-2016-2105)
  • EVP_EncryptUpdate overflow (CVE-2016-2106)
  • ASN.1 BIO excessive memory allocation (CVE-2016-2109)
  • EBCDIC overread (CVE-2016-2176)
  • OpenSSH is updated to version 7.2p2 and will be restarted during the update.
See original release announcement in IPFire blog.

Share this