pfSenseをアップデートした記録 2.4.2_1→2.4.3
アップデート内容確認
2.4.2_1(2.4.2-p1)から2.4.3にアップデートします
変更点を確認
2.4.3 New Features and Changes – pfSense Documentation
https://doc.pfsense.org/index.php/2.4.3_New_Features_and_Changes
今回のメインはMeltdown/Spectreの対応(CVE-2017-5715、CVE-2017-5754)
そしてIPsecの脆弱性対応(CVE-2018-6916)です
少し前回のリリースから時間が空いたのもあって細かい修正も多いです
アップデートの手順
事前に設定のバックアップをした上で以下の操作でアップデートを実行
手順はいつもと同じです
まずダッシュボードのVersionのところにある雲マークか
System→Updateを選択
2.4.2_1から2.4.3へアップデートと表示出てるのを確認して「Confirm」を押す
Update時の処理ログ
>>> Updating repositories metadata... Updating pfSense-core repository catalogue... pfSense-core repository is up to date. Updating pfSense repository catalogue... pfSense repository is up to date. All repositories are up to date. >>> Setting vital flag on pkg... done. >>> Downloading upgrade packages... Updating pfSense-core repository catalogue... pfSense-core repository is up to date. Updating pfSense repository catalogue... pfSense repository is up to date. All repositories are up to date. Checking for upgrades (72 candidates): .......... done Processing candidates (72 candidates): .......... done The following 75 package(s) will be affected (of 0 checked): New packages to be INSTALLED: devcpu-data: 1.16 [pfSense] py27-ply: 3.10_1 [pfSense] py27-setuptools: 36.5.0 [pfSense] Installed packages to be UPGRADED: unbound: 1.6.6 -> 1.6.8 [pfSense] strongswan: 5.6.0 -> 5.6.2_1 [pfSense] sqlite3: 3.20.1_1 -> 3.21.0_1 [pfSense] smartmontools: 6.5_2 -> 6.6_1 [pfSense] readline: 7.0.3 -> 7.0.3_1 [pfSense] radvd: 2.17_3 -> 2.17_4 [pfSense] python27: 2.7.14 -> 2.7.14_1 [pfSense] php56-zlib: 5.6.32 -> 5.6.34 [pfSense] php56-xmlwriter: 5.6.32 -> 5.6.34 [pfSense] php56-xmlreader: 5.6.32 -> 5.6.34 [pfSense] php56-xml: 5.6.32 -> 5.6.34 [pfSense] php56-tokenizer: 5.6.32 -> 5.6.34 [pfSense] php56-sysvshm: 5.6.32 -> 5.6.34 [pfSense] php56-sysvsem: 5.6.32 -> 5.6.34 [pfSense] php56-sysvmsg: 5.6.32 -> 5.6.34 [pfSense] php56-sqlite3: 5.6.32 -> 5.6.34 [pfSense] php56-sockets: 5.6.32 -> 5.6.34 [pfSense] php56-simplexml: 5.6.32 -> 5.6.34 [pfSense] php56-shmop: 5.6.32 -> 5.6.34 [pfSense] php56-session: 5.6.32 -> 5.6.34 [pfSense] php56-readline: 5.6.32 -> 5.6.34 [pfSense] php56-posix: 5.6.32 -> 5.6.34 [pfSense] php56-pfSense-module: 0.57 -> 0.61 [pfSense] php56-pdo_sqlite: 5.6.32 -> 5.6.34 [pfSense] php56-pdo: 5.6.32 -> 5.6.34 [pfSense] php56-pcntl: 5.6.32 -> 5.6.34 [pfSense] php56-openssl: 5.6.32 -> 5.6.34 [pfSense] php56-opcache: 5.6.32 -> 5.6.34 [pfSense] php56-mcrypt: 5.6.32 -> 5.6.34 [pfSense] php56-mbstring: 5.6.32 -> 5.6.34 [pfSense] php56-ldap: 5.6.32 -> 5.6.34 [pfSense] php56-json: 5.6.32 -> 5.6.34 [pfSense] php56-hash: 5.6.32 -> 5.6.34 [pfSense] php56-gettext: 5.6.32 -> 5.6.34 [pfSense] php56-filter: 5.6.32 -> 5.6.34 [pfSense] php56-dom: 5.6.32 -> 5.6.34 [pfSense] php56-curl: 5.6.32 -> 5.6.34 [pfSense] php56-ctype: 5.6.32 -> 5.6.34 [pfSense] php56-bz2: 5.6.32 -> 5.6.34 [pfSense] php56-bcmath: 5.6.32 -> 5.6.34 [pfSense] php56: 5.6.32 -> 5.6.34 [pfSense] pfSense-rc: 2.4.2_1 -> 2.4.3 [pfSense-core] pfSense-kernel-pfSense: 2.4.2_1 -> 2.4.3 [pfSense-core] pfSense-default-config: 2.4.2_1 -> 2.4.3 [pfSense-core] pfSense-base: 2.4.2_1 -> 2.4.3 [pfSense-core] pfSense-Status_Monitoring: 1.7.5 -> 1.7.6 [pfSense] pfSense: 2.4.2_1 -> 2.4.3 [pfSense] pear: 1.10.5 -> 1.10.5_1 [pfSense] openvpn: 2.4.4 -> 2.4.4_1 [pfSense] oniguruma6: 6.4.0 -> 6.6.1 [pfSense] ntp: 4.2.8p10_2 -> 4.2.8p11 [pfSense] nginx: 1.12.1_2,2 -> 1.12.2_3,2 [pfSense] nettle: 3.3 -> 3.4 [pfSense] luajit: 2.0.5 -> 2.1.0.b3 [pfSense] libzmq4: 4.2.2 -> 4.2.2_1 [pfSense] libxml2: 2.9.4 -> 2.9.7 [pfSense] libunistring: 0.9.7 -> 0.9.8 [pfSense] libnghttp2: 1.26.0 -> 1.29.0 [pfSense] libffi: 3.2.1_1 -> 3.2.1_2 [pfSense] libevent: 2.1.8 -> 2.1.8_1 [pfSense] json-c: 0.12.1 -> 0.13 [pfSense] isc-dhcp43-server: 4.3.6_1 -> 4.3.6P1 [pfSense] isc-dhcp43-relay: 4.3.6 -> 4.3.6P1 [pfSense] isc-dhcp43-client: 4.3.6 -> 4.3.6P1 [pfSense] indexinfo: 0.2.6 -> 0.3.1 [pfSense] idnkit: 1.0_6 -> 1.0_7 [pfSense] glib: 2.50.2_6,1 -> 2.50.3_1,1 [pfSense] expat: 2.2.1 -> 2.2.5 [pfSense] curl: 7.57.0 -> 7.58.0 [pfSense] ca_root_nss: 3.32.1 -> 3.36 [pfSense] bind-tools: 9.11.2 -> 9.11.2P1 [pfSense] Installed packages to be REINSTALLED: miniupnpd-1.9.20160113,1 [pfSense] (options changed) Number of packages to be installed: 3 Number of packages to be upgraded: 71 Number of packages to be reinstalled: 1 The process will require 9 MiB more space. 88 MiB to be downloaded. [1/75] Fetching unbound-1.6.8.txz: .......... done [2/75] Fetching strongswan-5.6.2_1.txz: .......... done [3/75] Fetching sqlite3-3.21.0_1.txz: .......... done [4/75] Fetching smartmontools-6.6_1.txz: .......... done [5/75] Fetching readline-7.0.3_1.txz: .......... done [6/75] Fetching radvd-2.17_4.txz: ....... done [7/75] Fetching python27-2.7.14_1.txz: .......... done [8/75] Fetching php56-zlib-5.6.34.txz: .. done [9/75] Fetching php56-xmlwriter-5.6.34.txz: .. done [10/75] Fetching php56-xmlreader-5.6.34.txz: .. done [11/75] Fetching php56-xml-5.6.34.txz: ... done [12/75] Fetching php56-tokenizer-5.6.34.txz: . done [13/75] Fetching php56-sysvshm-5.6.34.txz: . done [14/75] Fetching php56-sysvsem-5.6.34.txz: . done [15/75] Fetching php56-sysvmsg-5.6.34.txz: .. done [16/75] Fetching php56-sqlite3-5.6.34.txz: ... done [17/75] Fetching php56-sockets-5.6.34.txz: ..... done [18/75] Fetching php56-simplexml-5.6.34.txz: ... done [19/75] Fetching php56-shmop-5.6.34.txz: . done [20/75] Fetching php56-session-5.6.34.txz: .... done [21/75] Fetching php56-readline-5.6.34.txz: .. done [22/75] Fetching php56-posix-5.6.34.txz: .. done [23/75] Fetching php56-pfSense-module-0.61.txz: ...... done [24/75] Fetching php56-pdo_sqlite-5.6.34.txz: .. done [25/75] Fetching php56-pdo-5.6.34.txz: ...... done [26/75] Fetching php56-pcntl-5.6.34.txz: .. done [27/75] Fetching php56-openssl-5.6.34.txz: ...... done [28/75] Fetching php56-opcache-5.6.34.txz: ........ done [29/75] Fetching php56-mcrypt-5.6.34.txz: .. done [30/75] Fetching php56-mbstring-5.6.34.txz: .......... done [31/75] Fetching php56-ldap-5.6.34.txz: ... done [32/75] Fetching php56-json-5.6.34.txz: ... done [33/75] Fetching php56-hash-5.6.34.txz: .......... done [34/75] Fetching php56-gettext-5.6.34.txz: . done [35/75] Fetching php56-filter-5.6.34.txz: ... done [36/75] Fetching php56-dom-5.6.34.txz: ....... done [37/75] Fetching php56-curl-5.6.34.txz: .... done [38/75] Fetching php56-ctype-5.6.34.txz: . done [39/75] Fetching php56-bz2-5.6.34.txz: .. done [40/75] Fetching php56-bcmath-5.6.34.txz: ... done [41/75] Fetching php56-5.6.34.txz: .......... done [42/75] Fetching pfSense-rc-2.4.3.txz: .. done [43/75] Fetching pfSense-kernel-pfSense-2.4.3.txz: .......... done [44/75] Fetching pfSense-default-config-2.4.3.txz: . done [45/75] Fetching pfSense-base-2.4.3.txz: .......... done [46/75] Fetching pfSense-Status_Monitoring-1.7.6.txz: ... done [47/75] Fetching pfSense-2.4.3.txz: . done [48/75] Fetching pear-1.10.5_1.txz: .......... done [49/75] Fetching openvpn-2.4.4_1.txz: .......... done [50/75] Fetching oniguruma6-6.6.1.txz: .......... done [51/75] Fetching ntp-4.2.8p11.txz: .......... done [52/75] Fetching nginx-1.12.2_3,2.txz: .......... done [53/75] Fetching nettle-3.4.txz: .......... done [54/75] Fetching miniupnpd-1.9.20160113,1.txz: ........ done [55/75] Fetching luajit-2.1.0.b3.txz: .......... done [56/75] Fetching libzmq4-4.2.2_1.txz: .......... done [57/75] Fetching libxml2-2.9.7.txz: .......... done [58/75] Fetching libunistring-0.9.8.txz: .......... done [59/75] Fetching libnghttp2-1.29.0.txz: .......... done [60/75] Fetching libffi-3.2.1_2.txz: ..... done [61/75] Fetching libevent-2.1.8_1.txz: .......... done [62/75] Fetching json-c-0.13.txz: ........ done [63/75] Fetching isc-dhcp43-server-4.3.6P1.txz: .......... done [64/75] Fetching isc-dhcp43-relay-4.3.6P1.txz: .......... done [65/75] Fetching isc-dhcp43-client-4.3.6P1.txz: .......... done [66/75] Fetching indexinfo-0.3.1.txz: . done [67/75] Fetching idnkit-1.0_7.txz: .......... done [68/75] Fetching glib-2.50.3_1,1.txz: .......... done [69/75] Fetching expat-2.2.5.txz: .......... done [70/75] Fetching curl-7.58.0.txz: .......... done [71/75] Fetching ca_root_nss-3.36.txz: .......... done [72/75] Fetching bind-tools-9.11.2P1.txz: .......... done [73/75] Fetching devcpu-data-1.16.txz: .......... done [74/75] Fetching py27-ply-3.10_1.txz: .......... done [75/75] Fetching py27-setuptools-36.5.0.txz: .......... done Checking integrity... done (0 conflicting) >>> Upgrading pfSense kernel... Checking integrity... done (0 conflicting) The following 2 package(s) will be affected (of 0 checked): Installed packages to be UPGRADED: pfSense-kernel-pfSense: 2.4.2_1 -> 2.4.3 [pfSense-core] pfSense-rc: 2.4.2_1 -> 2.4.3 [pfSense-core] Number of packages to be upgraded: 2 [1/2] Upgrading pfSense-rc from 2.4.2_1 to 2.4.3... [1/2] Extracting pfSense-rc-2.4.3: .... done [2/2] Upgrading pfSense-kernel-pfSense from 2.4.2_1 to 2.4.3... [2/2] Extracting pfSense-kernel-pfSense-2.4.3: .......... done ===> Keeping a copy of current kernel in /boot/kernel.old Upgrade is complete. Rebooting in 10 seconds. Success
コメント