pfSense CEをアップデートした記録 2.5.1→2.5.2
アップデート内容確認
pfSense CE 2.5.1からpfSense CE 2.5.2にアップデートします
変更点を確認
https://docs.netgate.com/pfsense/en/latest/releases/2-5-2.html
Security
This release includes corrections for the following vulnerabilities in pfSense software:
pfSense-SA-21_02.captiveportal (XSS in Captive Portal client login page, #11843)
General
Added: WireGuard experimental add-on package
pfSense CE
Aliases / Tables
Added: PHP shell playback script to modify Alias contents #11380
Authentication
Added: Copy button for Authentication Server entries #11390
Backup / Restore
Added: Randomize time of scheduled AutoConfigBackup runs #10811
Fixed: Automated corruption recovery from cached config.xml backup files should check multiple backups #11748
Fixed: AutoConfigBackup schedule custom hour value lost on page load #11946
Captive Portal
Added: Redirect Captive Portal users to login page after they logout #11264
Fixed: Captive Portal post-auth redirect is not properly respected #11842
Fixed: Potential XSS vulnerability in Captive Portal redirurl handling #11843
Certificates
Fixed: Certificate Manager does not report Unbound as using a certificate #11678
Fixed: PHP error on certificate list due to unreadable private key #11859
Fixed: Export P12 icon is missing if certificate is not locally renewable #11884
Configuration Upgrade
Fixed: PHP error in upgrade_212_to_213() when upgrading certain IPsec tunnels #11801
Console Menu
Changed: Allow reroot on ZFS from console and GUI reboot menu entries #11914
DHCP (IPv6)
Fixed: dhcp6withoutra_script.sh does not get executed when advanced options are set #11883
DNS Forwarder
Fixed: Disable DNSSEC option for dnsmasq #11781
Fixed: Update dnsmasq to 2.85 to fix CVE-2021-3448 #11866
DNS Resolver
Fixed: Unbound Python Integration repeatedly mounts dev without unmounting #11456
Fixed: Stale hostname registration data for OpenVPN clients is not deleted from the DNS Resolver configuration at boot #11704
Changed: Temporarily move back to Unbound 1.12.x due to instability on Unbound 1.13.x #11915
Dashboard
Fixed: Thermal sensors widget no longer shows values from certain hardware #11787
Fixed: IPsec Dashboard widget only displays first P2 subnet when using a single traffic selector #11893
Fixed: Editing widgets on Dashboard causes a PHP Warning #11939
Diagnostics
Fixed: ARP Table populates hostname values using expired DHCP lease data #11510
Fixed: Sanitize OpenVPN Client Export certificate password in status output #11767
Fixed: Sanitize Captive Portal RADIUS MAC secret in status output #11769
Fixed: MAC address OEM information missing from ARP table #11819
Fixed: State table content on diag_dump_states.php does not sort properly #11852
Dynamic DNS
Added: New Dynamic DNS Provider: Mythic-Beasts #7842
Added: New Dynamic DNS Provider: one.com #11293
Added: New Dynamic DNS Provider: Yandex PDD #11294
Added: New Dynamic DNS Provider: NIC.RU #11358
Added: New Dynamic DNS Provider: Gandi LiveDNS IPv6 #11420
Fixed: Automatic 25-day forced Dynamic DNS update removes wildcard domain #11667
Fixed: Digital Ocean Dynamic DNS help text is incorrect #11754
Fixed: NoIP.com Dynamic DNS update failure is not detected properly #11815
Fixed: Dynamic DNS edit page incorrectly hides username field when switching away from Digital Ocean #11840
Gateways
Added: Input validation to prevent setting a load balancing gateway group as default #11164
Hardware / Drivers
Changed: Deprecate old cryptographic accelerator hardware which is not viable on modern systems #11426
Fixed: Using SHA1 or SHA256 with AES-NI may fail if AES-NI attempts to accelerate hashing #11524
High Availability
Fixed: Incorrect RADVD log message on HA event #11966
IGMP Proxy
Fixed: IGMP Proxy restarts unnecessarily after IPv6 gateway events #11904
IPsec
Added: GUI option to set RADIUS Timeout for EAP-RADIUS #11211
Added: Option to switch IPsec filtering modes to choose between enc and if_ipsec filtering #11395
Changed: Move custom IPsec NAT-T port settings to Advanced Options #11518
Fixed: strongSwan configuration always contains user EAP/PSK values #11564
Added: IPsec GUI option to control Child SA start_action #11576
Fixed: Error when adding both IPv4 and IPv6 P2 under an IPv4 or IPv6 only IKEv1 P1 #11651
Fixed: Cannot disable IPsec P1 when related P2s are in VTI mode and enabled #11792
Fixed: IPsec VTI interface names are not properly formed for more than 32 interfaces #11794
Fixed: Applying IPsec settings for more than ~30 tunnels times out PHP #11795
Fixed: ipsec_vti() does not skip disabled VTI entries #11832
Fixed: IPsec GUI allows creating multiple identical Phase 1 entries when using FQDN for remote gateway #11912
Fixed: Mobile IPsec advanced RADIUS parameters do not allow numeric values with a decimal point #11967
IPv6 Router Advertisements (RADVD)
Added: Use virtual link local IP address as RA source address for HA environments #11103
Added: Shortcut buttons for service control and logs on RADVD configuration #11911
Fixed: RADVD breaks on SIGHUP #11913
Interfaces
Fixed: DHCP interfaces are always treated as having a gateway, even if one is not assigned by the upstream DHCP server #5135
Fixed: Interfaces page displays MAC Address field for interfaces which do not support L2 #11387
Fixed: CLI interface configuration without IPv6 leaves RA enabled #11609
Fixed: Incomplete PPPoE custom reset values lead to invalid cron entry #11698
Fixed: Error when changing MTU if the interface is used for both IPv4 and IPv6 default routes #11855
Added: VLAN list sorting #11968
L2TP
Fixed: Unused L2TP VPN files are not removed when the service is disabled #11299
Added: GUI option to set MTU for L2TP VPN server #11406
NTPD
Fixed: NTP widget displays incorrect status #11495
Fixed: NTP authentication input validation rejects valid keys #11850
Notifications
Fixed: Invalid HTML encoding in modal Notices window #11765
OpenVPN
Added: Allow the firewall to use DNS servers provided to an OpenVPN client instance #11140
Fixed: OpenVPN Wizard does not support gateway groups #11141
Added: Set Explicit Exit Notify to 1 by default for new OpenVPN client instances #11521
Added: Support for Cisco AVPair {clientipv6} template in firewall rules returns by RADIUS #11596
Changed: Set explicit-exit-notify option by default for new OpenVPN server instances #11684
Fixed: OpenVPN does not clean up parsed Cisco-AVPair rules on non-graceful disconnect #11699
Fixed: OpenVPN does not kill IPv6 client states on disconnect #11700
Fixed: OpenVPN client starts when CARP VIP is in BACKUP status when bound to Virtual IP aliased to CARP VIP #11793
Fixed: Certificate validation with OCSP always fails in openvpn.tls-verify.php #11830
Changed: Update OpenVPN to 2.5.2 #11844
Fixed: OpenVPN client startup error if IPv6 Tunnel Network is defined in TAP mode #11869
Operating System
Added: Kernel modules for alternate congestion control algorithms #7092
Added: Kernel module for RTL8153 driver #11125
Added: Xen console support #11402
Fixed: Unquoted variable in dot.tcshrc can cause proxy password to be printed #11867
Routing
Fixed: IPv4 link-local (169.254.x.x) gateway does not function #11806
Rules / NAT
Added: Support for IPv6 firewall entries with dynamic delegated prefix and static host address #6626
Fixed: Disabling all interfaces associated with a floating rule causes the firewall to generate an incorrect pf rule #11688
Fixed: Input validation prevents creating 1:1 NAT rules on IPsec #11751
Fixed: Invalid combinations of TCP flag matching options cause pfctl parser error #11762
Fixed: Port forward rules only function through the default gateway interface, reply-to does not work for Multi-WAN (CE Only) #11805
Fixed: Error loading rules in certain cases where an interface is temporarily without an address #11861
Fixed: NAT 1:1 fail to validate aliases #11923
Traffic Shaper (ALTQ)
Fixed: Harmless error when enabling traffic shaper #11229
Fixed: Segmentation fault when loading ALTQ traffic shaping rules using FAIRQ #11550
Traffic Shaper (Limiters)
Fixed: Unused Limiter entries with schedules create unnecessary cron jobs #11636
Fixed: Error when setting queue limit on CODELQ limiter #11725
Upgrade
Fixed: Language presented to user during upgrade is misleading #11897
Web Interface
Added: Replace HTTP links with HTTPS in the GUI #11228
Fixed: Ambiguous text in help and input validation error for system domain name #11658
Fixed: PHP error if PHP_error.log file is too large #11685
Fixed: RAM Disk Settings shows Kernel Memory at 0 Kb and does not allow the user to create RAM disks #11702
Fixed: HTTP Referer error message text is incorrect #11873
Fixed: Missing /0 subnet when cloning repeatable CIDR mask controls #11880
Fixed: Update NGINX to address CVE-2021-23017 #12061
WireGuard
Fixed: Ignore WireGuard configurations under <installedpackages></installedpackages> #11808
Wireless
Added: GUI options for WPA Enterprise with identity/password #2400
Fixed: wpa_supplicant uses 100% of a CPU core at boot #11453
XMLRPC
Fixed: XMLRPC synchronization restarts all OpenVPN instances on the secondary node when making any change on the primary node #11082
Fixed: XMLRPC Client does not honor its default timeout value #11718
今回は修正メインのアップデートです
pfSense CE 2.5.1で一時的に削除されたWireGuardについては
将来的にはカーネル実装されて機能復帰する予定ですが
それまではアドオンとして導入可能になりました
(まだ実験的導入となります)
前バージョンのpfSense CE 2.5.1時点で既知の問題として
報告されていたAES-NIの不具合については
今回のpfSense CE 2.5.2で修正済となってます
Update時の処理ログを見るとUnboundのバージョンが戻されているのが確認できますが
これはpfSense CE 2.5.1だとDNS Resolverのオプション設定である
「Register DHCP leases in the DNS Resolver」を有効にしていると
DNS Resolverの本体であるUnboundがクラッシュする不具合があったようです
Unbound自体の不具合とみられるため不具合回避の為にUnbound自体を
1.13.xから1.12.xへ戻すことになったようなので正常なアップデート処理になります
アップデートの手順
今回もpfSense CEでのアップデートです
事前に設定のバックアップをした上で以下の操作でアップデートを実行
手順はいつもと同じです
2.5.1から2.5.2へアップデートと表示出てるのを確認して「Confirm」を押す
無事に完了すると自動で再起動開始されます
最後に2.5.2の状態で設定をバックアップして完了
Update時の処理ログ
>>> Updating repositories metadata...
Updating pfSense-core repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.txz: . done
Processing entries: . done
pfSense-core repository update completed. 7 packages processed.
Updating pfSense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.txz: .......... done
Processing entries: .......... done
pfSense repository update completed. 498 packages processed.
All repositories are up to date.
>>> Setting vital flag on pkg... done.
>>> Removing vital flag from php74... done.
>>> Downloading upgrade packages...
Updating pfSense-core repository catalogue...
pfSense-core repository is up to date.
Updating pfSense repository catalogue...
pfSense repository is up to date.
All repositories are up to date.
Checking for upgrades (77 candidates): .......... done
Processing candidates (77 candidates): .......... done
The following 83 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
mpdecimal: 2.5.1 [pfSense]
php74-pear-HTTP_Request2-230: 2.3.0,1 [pfSense]
py38-ply: 3.11 [pfSense]
py38-setuptools: 57.0.0 [pfSense]
python38: 3.8.10 [pfSense]
unbound112: 1.12.0_1 [pfSense]
Installed packages to be UPGRADED:
bind-tools: 9.16.12 -> 9.16.16 [pfSense]
ca_root_nss: 3.58 -> 3.63 [pfSense]
cpdup: 1.20 -> 1.22 [pfSense]
curl: 7.74.0 -> 7.76.1 [pfSense]
dbus: 1.12.20_3 -> 1.12.20_4 [pfSense]
devcpu-data: 1.37 -> 1.39 [pfSense]
dnsmasq: 2.84,1 -> 2.85_1,1 [pfSense]
expat: 2.2.10 -> 2.4.1 [pfSense]
expiretable: 0.6_1 -> 0.6_2 [pfSense]
glib: 2.66.4_1,1 -> 2.66.8,2 [pfSense]
hostapd: 2.9_2 -> 2.9_3 [pfSense]
icu: 68.2,1 -> 69.1,1 [pfSense]
isc-dhcp44-client: 4.4.2_1 -> 4.4.2P1 [pfSense]
isc-dhcp44-relay: 4.4.2_1 -> 4.4.2P1 [pfSense]
isc-dhcp44-server: 4.4.2_1 -> 4.4.2P1_1 [pfSense]
libedit: 3.1.20191231,1 -> 3.1.20210216,1 [pfSense]
libgcrypt: 1.8.7 -> 1.9.3 [pfSense]
libgpg-error: 1.41 -> 1.42 [pfSense]
libidn2: 2.3.0_1 -> 2.3.1 [pfSense]
libnghttp2: 1.42.0 -> 1.43.0 [pfSense]
libuv: 1.40.0 -> 1.41.0 [pfSense]
libxml2: 2.9.10_2 -> 2.9.10_4 [pfSense]
libzmq4: 4.3.1_1 -> 4.3.4 [pfSense]
mobile-broadband-provider-info: 20190618_1 -> 20201225 [pfSense]
nettle: 3.7.2_1 -> 3.7.2_2 [pfSense]
nginx: 1.18.0_45,2 -> 1.20.1,2 [pfSense]
oniguruma: 6.9.6 -> 6.9.7.1 [pfSense]
openldap-client: 2.4.57 -> 2.4.59 [pfSense]
openvpn: 2.5.1 -> 2.5.2_2 [pfSense]
pcre2: 10.36 -> 10.37 [pfSense]
pcsc-lite: 1.9.0_1,2 -> 1.9.1,2 [pfSense]
pfSense: 2.5.1 -> 2.5.2 [pfSense]
pfSense-base: 2.5.1 -> 2.5.2 [pfSense-core]
pfSense-default-config: 2.5.1 -> 2.5.2 [pfSense-core]
pfSense-kernel-pfSense: 2.5.1 -> 2.5.2 [pfSense-core]
pfSense-rc: 2.5.1 -> 2.5.2 [pfSense-core]
php74: 7.4.15 -> 7.4.20 [pfSense]
php74-bcmath: 7.4.15 -> 7.4.20 [pfSense]
php74-bz2: 7.4.15 -> 7.4.20 [pfSense]
php74-ctype: 7.4.15 -> 7.4.20 [pfSense]
php74-curl: 7.4.15 -> 7.4.20 [pfSense]
php74-dom: 7.4.15 -> 7.4.20 [pfSense]
php74-filter: 7.4.15 -> 7.4.20 [pfSense]
php74-gettext: 7.4.15 -> 7.4.20 [pfSense]
php74-intl: 7.4.15 -> 7.4.20 [pfSense]
php74-json: 7.4.15 -> 7.4.20 [pfSense]
php74-ldap: 7.4.15 -> 7.4.20 [pfSense]
php74-mbstring: 7.4.15 -> 7.4.20 [pfSense]
php74-opcache: 7.4.15 -> 7.4.20 [pfSense]
php74-openssl: 7.4.15 -> 7.4.20 [pfSense]
php74-pcntl: 7.4.15 -> 7.4.20 [pfSense]
php74-pdo: 7.4.15 -> 7.4.20 [pfSense]
php74-pdo_sqlite: 7.4.15 -> 7.4.20 [pfSense]
php74-pecl-radius: 1.4.0.b1 -> 1.4.0b1_1 [pfSense]
php74-pfSense-module: 0.69_1 -> 0.72 [pfSense]
php74-posix: 7.4.15 -> 7.4.20 [pfSense]
php74-readline: 7.4.15 -> 7.4.20 [pfSense]
php74-session: 7.4.15 -> 7.4.20 [pfSense]
php74-shmop: 7.4.15 -> 7.4.20 [pfSense]
php74-simplexml: 7.4.15 -> 7.4.20 [pfSense]
php74-sockets: 7.4.15 -> 7.4.20 [pfSense]
php74-sqlite3: 7.4.15 -> 7.4.20 [pfSense]
php74-sysvmsg: 7.4.15 -> 7.4.20 [pfSense]
php74-sysvsem: 7.4.15 -> 7.4.20 [pfSense]
php74-sysvshm: 7.4.15 -> 7.4.20 [pfSense]
php74-tokenizer: 7.4.15 -> 7.4.20 [pfSense]
php74-xml: 7.4.15 -> 7.4.20 [pfSense]
php74-xmlreader: 7.4.15 -> 7.4.20 [pfSense]
php74-xmlwriter: 7.4.15 -> 7.4.20 [pfSense]
php74-zlib: 7.4.15 -> 7.4.20 [pfSense]
radvd: 2.19 -> 2.19_2 [pfSense]
readline: 8.0.4 -> 8.1.1 [pfSense]
smartmontools: 7.2 -> 7.2_1 [pfSense]
sqlite3: 3.34.0,1 -> 3.35.5_1,1 [pfSense]
strongswan: 5.9.1 -> 5.9.2_2 [pfSense]
wpa_supplicant: 2.9_7 -> 2.9_10 [pfSense]
Installed packages to be REINSTALLED:
php74-pear-XML_RPC2-1.1.4 [pfSense] (direct dependency changed: php74-pear-HTTP_Request2-230)
Number of packages to be installed: 6
Number of packages to be upgraded: 76
Number of packages to be reinstalled: 1
The process will require 132 MiB more space.
150 MiB to be downloaded.
[1/83] Fetching wpa_supplicant-2.9_10.txz: .......... done
[2/83] Fetching strongswan-5.9.2_2.txz: .......... done
[3/83] Fetching sqlite3-3.35.5_1,1.txz: .......... done
[4/83] Fetching smartmontools-7.2_1.txz: .......... done
[5/83] Fetching readline-8.1.1.txz: .......... done
[6/83] Fetching radvd-2.19_2.txz: ....... done
[7/83] Fetching php74-zlib-7.4.20.txz: ... done
[8/83] Fetching php74-xmlwriter-7.4.20.txz: .. done
[9/83] Fetching php74-xmlreader-7.4.20.txz: .. done
[10/83] Fetching php74-xml-7.4.20.txz: ... done
[11/83] Fetching php74-tokenizer-7.4.20.txz: .. done
[12/83] Fetching php74-sysvshm-7.4.20.txz: . done
[13/83] Fetching php74-sysvsem-7.4.20.txz: . done
[14/83] Fetching php74-sysvmsg-7.4.20.txz: . done
[15/83] Fetching php74-sqlite3-7.4.20.txz: ... done
[16/83] Fetching php74-sockets-7.4.20.txz: ..... done
[17/83] Fetching php74-simplexml-7.4.20.txz: ... done
[18/83] Fetching php74-shmop-7.4.20.txz: . done
[19/83] Fetching php74-session-7.4.20.txz: ..... done
[20/83] Fetching php74-readline-7.4.20.txz: .. done
[21/83] Fetching php74-posix-7.4.20.txz: .. done
[22/83] Fetching php74-pfSense-module-0.72.txz: ...... done
[23/83] Fetching php74-pecl-radius-1.4.0b1_1.txz: ... done
[24/83] Fetching php74-pear-XML_RPC2-1.1.4.txz: ........ done
[25/83] Fetching php74-pdo_sqlite-7.4.20.txz: .. done
[26/83] Fetching php74-pdo-7.4.20.txz: ...... done
[27/83] Fetching php74-pcntl-7.4.20.txz: .. done
[28/83] Fetching php74-openssl-7.4.20.txz: ........ done
[29/83] Fetching php74-opcache-7.4.20.txz: .......... done
[30/83] Fetching php74-mbstring-7.4.20.txz: .......... done
[31/83] Fetching php74-ldap-7.4.20.txz: .... done
[32/83] Fetching php74-json-7.4.20.txz: ... done
[33/83] Fetching php74-intl-7.4.20.txz: .......... done
[34/83] Fetching php74-gettext-7.4.20.txz: . done
[35/83] Fetching php74-filter-7.4.20.txz: ... done
[36/83] Fetching php74-dom-7.4.20.txz: ....... done
[37/83] Fetching php74-curl-7.4.20.txz: .... done
[38/83] Fetching php74-ctype-7.4.20.txz: . done
[39/83] Fetching php74-bz2-7.4.20.txz: .. done
[40/83] Fetching php74-bcmath-7.4.20.txz: ... done
[41/83] Fetching php74-7.4.20.txz: .......... done
[42/83] Fetching pfSense-rc-2.5.2.txz: .. done
[43/83] Fetching pfSense-kernel-pfSense-2.5.2.txz: .......... done
[44/83] Fetching pfSense-default-config-2.5.2.txz: . done
[45/83] Fetching pfSense-base-2.5.2.txz: .......... done
[46/83] Fetching pfSense-2.5.2.txz: . done
[47/83] Fetching pcsc-lite-1.9.1,2.txz: .......... done
[48/83] Fetching pcre2-10.37.txz: .......... done
[49/83] Fetching openvpn-2.5.2_2.txz: .......... done
[50/83] Fetching openldap-client-2.4.59.txz: .......... done
[51/83] Fetching oniguruma-6.9.7.1.txz: .......... done
[52/83] Fetching nginx-1.20.1,2.txz: .......... done
[53/83] Fetching nettle-3.7.2_2.txz: .......... done
[54/83] Fetching mobile-broadband-provider-info-20201225.txz: ........ done
[55/83] Fetching libzmq4-4.3.4.txz: .......... done
[56/83] Fetching libxml2-2.9.10_4.txz: .......... done
[57/83] Fetching libuv-1.41.0.txz: .......... done
[58/83] Fetching libnghttp2-1.43.0.txz: .......... done
[59/83] Fetching libidn2-2.3.1.txz: .......... done
[60/83] Fetching libgpg-error-1.42.txz: .......... done
[61/83] Fetching libgcrypt-1.9.3.txz: .......... done
[62/83] Fetching libedit-3.1.20210216,1.txz: .......... done
[63/83] Fetching isc-dhcp44-server-4.4.2P1_1.txz: .......... done
[64/83] Fetching isc-dhcp44-relay-4.4.2P1.txz: .......... done
[65/83] Fetching isc-dhcp44-client-4.4.2P1.txz: .......... done
[66/83] Fetching icu-69.1,1.txz: .......... done
[67/83] Fetching hostapd-2.9_3.txz: .......... done
[68/83] Fetching glib-2.66.8,2.txz: .......... done
[69/83] Fetching expiretable-0.6_2.txz: . done
[70/83] Fetching expat-2.4.1.txz: .......... done
[71/83] Fetching dnsmasq-2.85_1,1.txz: .......... done
[72/83] Fetching devcpu-data-1.39.txz: .......... done
[73/83] Fetching dbus-1.12.20_4.txz: .......... done
[74/83] Fetching curl-7.76.1.txz: .......... done
[75/83] Fetching cpdup-1.22.txz: .... done
[76/83] Fetching ca_root_nss-3.63.txz: .......... done
[77/83] Fetching bind-tools-9.16.16.txz: .......... done
[78/83] Fetching python38-3.8.10.txz: .......... done
[79/83] Fetching mpdecimal-2.5.1.txz: .......... done
[80/83] Fetching unbound112-1.12.0_1.txz: .......... done
[81/83] Fetching php74-pear-HTTP_Request2-230-2.3.0,1.txz: .......... done
[82/83] Fetching py38-ply-3.11.txz: .......... done
[83/83] Fetching py38-setuptools-57.0.0.txz: .......... done
Checking integrity... done (2 conflicting)
- unbound112-1.12.0_1 [pfSense] conflicts with unbound-1.13.1 [installed] on /usr/local/etc/unbound/unbound.conf.sample
- php74-pear-HTTP_Request2-230-2.3.0,1 [pfSense] conflicts with php74-pear-HTTP_Request2-2.3.0,1 [installed] on /usr/local/share/doc/pear/HTTP_Request2/LICENSE
Checking integrity... done (0 conflicting)
Conflicts with the existing packages have been found.
One more solver iteration is needed to resolve them.
The following 85 package(s) will be affected (of 0 checked):
Installed packages to be REMOVED:
php74-pear-HTTP_Request2: 2.3.0,1
unbound: 1.13.1
New packages to be INSTALLED:
mpdecimal: 2.5.1 [pfSense]
php74-pear-HTTP_Request2-230: 2.3.0,1 [pfSense]
py38-ply: 3.11 [pfSense]
py38-setuptools: 57.0.0 [pfSense]
python38: 3.8.10 [pfSense]
unbound112: 1.12.0_1 [pfSense]
Installed packages to be UPGRADED:
bind-tools: 9.16.12 -> 9.16.16 [pfSense]
ca_root_nss: 3.58 -> 3.63 [pfSense]
cpdup: 1.20 -> 1.22 [pfSense]
curl: 7.74.0 -> 7.76.1 [pfSense]
dbus: 1.12.20_3 -> 1.12.20_4 [pfSense]
devcpu-data: 1.37 -> 1.39 [pfSense]
dnsmasq: 2.84,1 -> 2.85_1,1 [pfSense]
expat: 2.2.10 -> 2.4.1 [pfSense]
expiretable: 0.6_1 -> 0.6_2 [pfSense]
glib: 2.66.4_1,1 -> 2.66.8,2 [pfSense]
hostapd: 2.9_2 -> 2.9_3 [pfSense]
icu: 68.2,1 -> 69.1,1 [pfSense]
isc-dhcp44-client: 4.4.2_1 -> 4.4.2P1 [pfSense]
isc-dhcp44-relay: 4.4.2_1 -> 4.4.2P1 [pfSense]
isc-dhcp44-server: 4.4.2_1 -> 4.4.2P1_1 [pfSense]
libedit: 3.1.20191231,1 -> 3.1.20210216,1 [pfSense]
libgcrypt: 1.8.7 -> 1.9.3 [pfSense]
libgpg-error: 1.41 -> 1.42 [pfSense]
libidn2: 2.3.0_1 -> 2.3.1 [pfSense]
libnghttp2: 1.42.0 -> 1.43.0 [pfSense]
libuv: 1.40.0 -> 1.41.0 [pfSense]
libxml2: 2.9.10_2 -> 2.9.10_4 [pfSense]
libzmq4: 4.3.1_1 -> 4.3.4 [pfSense]
mobile-broadband-provider-info: 20190618_1 -> 20201225 [pfSense]
nettle: 3.7.2_1 -> 3.7.2_2 [pfSense]
nginx: 1.18.0_45,2 -> 1.20.1,2 [pfSense]
oniguruma: 6.9.6 -> 6.9.7.1 [pfSense]
openldap-client: 2.4.57 -> 2.4.59 [pfSense]
openvpn: 2.5.1 -> 2.5.2_2 [pfSense]
pcre2: 10.36 -> 10.37 [pfSense]
pcsc-lite: 1.9.0_1,2 -> 1.9.1,2 [pfSense]
pfSense: 2.5.1 -> 2.5.2 [pfSense]
pfSense-base: 2.5.1 -> 2.5.2 [pfSense-core]
pfSense-default-config: 2.5.1 -> 2.5.2 [pfSense-core]
pfSense-kernel-pfSense: 2.5.1 -> 2.5.2 [pfSense-core]
pfSense-rc: 2.5.1 -> 2.5.2 [pfSense-core]
php74: 7.4.15 -> 7.4.20 [pfSense]
php74-bcmath: 7.4.15 -> 7.4.20 [pfSense]
php74-bz2: 7.4.15 -> 7.4.20 [pfSense]
php74-ctype: 7.4.15 -> 7.4.20 [pfSense]
php74-curl: 7.4.15 -> 7.4.20 [pfSense]
php74-dom: 7.4.15 -> 7.4.20 [pfSense]
php74-filter: 7.4.15 -> 7.4.20 [pfSense]
php74-gettext: 7.4.15 -> 7.4.20 [pfSense]
php74-intl: 7.4.15 -> 7.4.20 [pfSense]
php74-json: 7.4.15 -> 7.4.20 [pfSense]
php74-ldap: 7.4.15 -> 7.4.20 [pfSense]
php74-mbstring: 7.4.15 -> 7.4.20 [pfSense]
php74-opcache: 7.4.15 -> 7.4.20 [pfSense]
php74-openssl: 7.4.15 -> 7.4.20 [pfSense]
php74-pcntl: 7.4.15 -> 7.4.20 [pfSense]
php74-pdo: 7.4.15 -> 7.4.20 [pfSense]
php74-pdo_sqlite: 7.4.15 -> 7.4.20 [pfSense]
php74-pecl-radius: 1.4.0.b1 -> 1.4.0b1_1 [pfSense]
php74-pfSense-module: 0.69_1 -> 0.72 [pfSense]
php74-posix: 7.4.15 -> 7.4.20 [pfSense]
php74-readline: 7.4.15 -> 7.4.20 [pfSense]
php74-session: 7.4.15 -> 7.4.20 [pfSense]
php74-shmop: 7.4.15 -> 7.4.20 [pfSense]
php74-simplexml: 7.4.15 -> 7.4.20 [pfSense]
php74-sockets: 7.4.15 -> 7.4.20 [pfSense]
php74-sqlite3: 7.4.15 -> 7.4.20 [pfSense]
php74-sysvmsg: 7.4.15 -> 7.4.20 [pfSense]
php74-sysvsem: 7.4.15 -> 7.4.20 [pfSense]
php74-sysvshm: 7.4.15 -> 7.4.20 [pfSense]
php74-tokenizer: 7.4.15 -> 7.4.20 [pfSense]
php74-xml: 7.4.15 -> 7.4.20 [pfSense]
php74-xmlreader: 7.4.15 -> 7.4.20 [pfSense]
php74-xmlwriter: 7.4.15 -> 7.4.20 [pfSense]
php74-zlib: 7.4.15 -> 7.4.20 [pfSense]
radvd: 2.19 -> 2.19_2 [pfSense]
readline: 8.0.4 -> 8.1.1 [pfSense]
smartmontools: 7.2 -> 7.2_1 [pfSense]
sqlite3: 3.34.0,1 -> 3.35.5_1,1 [pfSense]
strongswan: 5.9.1 -> 5.9.2_2 [pfSense]
wpa_supplicant: 2.9_7 -> 2.9_10 [pfSense]
Installed packages to be REINSTALLED:
php74-pear-XML_RPC2-1.1.4 [pfSense] (direct dependency changed: php74-pear-HTTP_Request2-230)
Number of packages to be removed: 2
Number of packages to be installed: 6
Number of packages to be upgraded: 76
Number of packages to be reinstalled: 1
The process will require 123 MiB more space.
>>> Downloading pkg...
Number of packages to be fetched: 1
No packages are required to be fetched.
Integrity check was successful.
>>> Upgrading pfSense-rc...
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):
Installed packages to be UPGRADED:
pfSense-rc: 2.5.1 -> 2.5.2 [pfSense-core]
Number of packages to be upgraded: 1
[1/1] Upgrading pfSense-rc from 2.5.1 to 2.5.2...
===> Setting net.pf.request_maxcount=400000
[1/1] Extracting pfSense-rc-2.5.2: ...... done
>>> Upgrading pfSense kernel...
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):
Installed packages to be UPGRADED:
pfSense-kernel-pfSense: 2.5.1 -> 2.5.2 [pfSense-core]
Number of packages to be upgraded: 1
[1/1] Upgrading pfSense-kernel-pfSense from 2.5.1 to 2.5.2...
[1/1] Extracting pfSense-kernel-pfSense-2.5.2: .......... done
===> Keeping a copy of current kernel in /boot/kernel.old
>>> Removing unnecessary packages... done.
System is going to be upgraded. Rebooting in 10 seconds.
Success
コメント