Michael Tremer, a developer for the ipfire.org team, has announced that IPFire 2.13 Core 76, a new stable release of the popular Linux-based firewall distribution, is now available for download.This is not the largest IPFire release, but \ some important modifications to the Linux distribution have been made, which should prompt users to upgrade as soon as possible.
“It comes with a security fix for the strongswan package which is responsible for IPsec VPN connections. The vulnerability has got the number CVE-2014-2338. It was possible to bypass the authentication and therefore to overtake a VPN connection whilst the original peers are rekeying. IKEv1 connections are not vulnerable, but IKEv2,” reads the official announcement.
Also, the developers have explained that users should start testing IPFire 2.15, which is now under development.
“We are also already thinking about the releases past that and raising funds to implement Single Sign-On Authentication for the Web proxy against Windows Active Directory. So please check this out, too. Your support is very much appreciated!” they also noted in the announcement.
The developers recommend all users of IPFire to upgrade their distributions as fast as possible. Download IPFire 2.13 Core 76 right now from Softpedia.