The latest OpenSSL security hole isn't a bad one as these things go. It's no Heartbleed, Freak, or Logjam. But it's serious enough that, if you're running alpha or beta operating systems, you shouldn't delay patching it.
Fortunately, the affected OpenSSL versions are not commonly used in enterprise operating systems. For example, it doesn't impact shipping and supported versions of Red Hat Enterprise Linux (RHEL) or Ubuntu. In the case of Ubuntu, it does affect the 15.10 development release, but the patch is already available.
The OPNsense 15.7 release added i386 and NanoBSD support, LibreSSL support, re-based to FreeBSD 10.1, added OpenDNS support, intrusion detection support, new local/remote backlist options, some security fixes, and added many other new features.
bsdtalk 254 [Ogg]
The ecosystem is based on Security-Enhanced Linux (SELinux), but it adds role-based access control with a policy for each role, so no one can get to the system root and the root can’t see user data. All access is logged, so any attempts to penetrate the system can be traced. Policies are based on roles such as security admin, audit admin and sysadmin, and each file is tagged with a security level so some users can see it while others can’t.
The main features at a glance:
Using Sencha ExtJS 5.1.1 framework for the WebGUI
Add a new dashboard and widgets
Many internal improvements and bugfixes
Improved the internal network interface backend
Add Wi-Fi support. Only WPA & WPA2 is supported
Add VLAN support
The network interface configuration page has been modified. Now only the configuration values are displayed. Use the dashboard widget to show the state of all network interfaces.
The public key of the user must now be specified in the RFC 4716 SSH public key file format. It is possible to add multiple keys.
Option to turn off the collection of system performance statistics.
Use the browser local storage to store the WebGUI state (e.g. displayed grid columns, column width, …) instead of cookies.
Pica8 CEO: Cisco's 'Primitive' ACI Poses Greater Security Risk Than Open Linux-Based White-Box SwitchesSubmitted by Roy Schestowitz on Monday 22nd of June 2015 05:41:58 PM Filed under
Cisco Systems' Application Centric Infrastructure software-defined networking technology and its proprietary network switches pose a greater security risk than the open-source, white-box, bare-metal switches now storming the market, said Pica8 co-founder and CEO James Liao.