Dear friends and followers,

It pleases us to say that although we ship the latest OpenSSL 1.0.2g today, we have had both SSv2 and SSv3 support disabled in our installation for a long while, so older installations are also not affected by yesterday's announcement. On a slightly related note, LibreSSL was not affected at all.

With that out of the way, we also happily let you know that we are shipping RFC 4638 support with this stable release. We also push a fix for an upstream bug in Unbound and update Squid to the latest version... again. ;)

We have also announced the roadmap for 16.7. Take a look at our upcoming milestones:

https://opnsense.org/about/road-map/

And now, here are the full patch notes:


Stay safe,
Your OPNsense team