The developers of pfSense have made available version 2.4.3-RELEASE. This version includes security updates for Meltdown, Spectre, dashboard widgets, fixes for CVEs and SA, and bug fixes. You may download the latest version from their website, or use the auto-update functionality.
We are excited to announce the release of pfSense® software version 2.4.3, now available for new installations and upgrades!
pfSense software version 2.4.3 brings security patches, several new features, support for new Netgate hardware models, and stability fixes for issues present in previous pfSense 2.4.x branch releases.
pfSense 2.4.3-RELEASE updates and installation images are available now!
This release includes several important security patches:
- Kernel PTI mitigations for Meltdown (optional tunable) FreeBSD-SA-18:03.speculative_execution.asc
- IBRS mitigation for Spectre V2 (requires updated CPU microcode) FreeBSD-SA-18:03.speculative_execution.asc
- Fixes for FreeBSD-SA-18:01.ipsec
- Fixed three potential XSS vectors, and two potential CSRF issues
- CSRF protection for all dashboard widgets
- Updated several base system packages to address CVEs
In addition to security fixes, pfSense software version 2.4.3 also includes important bug fixes.
Original announcement: https://www.netgate.com/blog/pfsense-2-4-3-release-now-available.html