User: Password:
Create account Recover password

Support US
Donations this month: 1%

Goal : $ 400
Due: 2023-12-31


Sponsored Links

 


Categories


Torrent’s details
Name
ipfire-2.25.x86_64-full-core149.iso   
 
Torrent ipfire-2.25.x86_64-full-core149.iso

If you need a Bittorrent client, try TransmissionBT on MacOS or Linux

Forum /index.php?page=forum&action=viewtopic&topicid=20325
Magnet Link Magnet Link
Info Hash b313e8b2953823d757970d223944956de7af5de3
Who thanks
Description IPFire 2.25 - Core Update 149 released
by Michael Tremer, 6:15 pm

We have been busy baking another large update for you which is full of oozy goodness. It includes an updated toolchain based on GCC 10 and glibc 2.32 and we have added a lot of tuning which makes IPFire 33% faster on some systems.

Realease Notes: https://blog.ipfire.org/post/ipfire-2-25-core-update-149-released
Toolchain Update
IPFire is based on glibc 2.32, the standard library for all C programs, and GCC 10.2, the GNU Compiler Collection. Both bring various bug fixes and improvements.

The most notable change is that we have decided to remove a mitigation Spectre 2 which caused that user space programs in IPFire were running about 50% slower due to using a microcode feature which is called "retpoline". Those "return trampolines" disable the branch prediction engine in out-of-order processors which was considered to help with mitigating leaking any information from any unaccessible kernel space.

This is however not as effective as thought and massively decreases performance in the user land which mainly affects features like our Intrusion Prevention System, Web Proxy and URL filter. We still use this mechanism to avoid leaking any kernel memory into the user space.

On top of that, we have updated various tools used for building IPFire as well as core libraries.

We have also enabled a new GCC feature called "stack clash protection" on x86_64 and aarch64 which adds additional checks to mitigate exploits and we have enabled "CF protection" which hardens all software against attackers gaining control over a program flow and circumventing security checks like password or signature validation.

BootHole, aka GRUB 2.04
As reported on the media, there were various security vulnerabilities in the GRUB boot loader which is used in IPFire on x86_64, i586 and aarch64. These have now been patched in IPFire and the new boot loader is installed automatically.

Intel Security Vulnerabilities & Virtual Machines
In May 2019, we have announced to disable SMT on all machines. This is now disabled for any virtual machines since the mitigation is required to be activated on the host system.

Emulated processors might run on multiple physical processors which IPFire in a virtual machine has no control over. However, we still recommend against running IPFire in a virtual environment.

Deprecating i586
This release also officially degrades the i586 architecture to a secondary architecture. On the download page, you will already find downloads for that architecture at the bottom of the page.

This is because various security mitigations are not available for i586 and development work on the Linux kernel and other software that IPFire relies on is mainly done for x86_64 or other modern 64 bit architectures. This is a development that we saw coming for a while now, and despite that we will try to keep IPFire available in this architecture.

We urge everyone who's hardware supports it to update their systems to x86_64. You will see a notification on the web user interface if you are affected.

Misc.
OpenSSL: We have removed all ciphers that do not support Perfect Forward Secrecy from the default cipher list. That means that all programs in IPFire that initiate TLS connections will no longer accept any "weak" ciphers without PFS.
OpenVPN
In order to make IPFire compliant with PCI DSS, OpenVPN requires all clients to use TLS 1.2 or newer. This change is automatically enabled on all systems and very old clients might need to be updated. Please check if you are using any outdated clients before updating.
The maximum number of simultaneous OpenVPN connections can now be set to up to 1024 and was limited to 255 before.
New packages: zstd, a modern and fast compression algorithm is now part of IPFire
Updated packages: apache 2.4.46, bind 9.11.21, bison 3.7.1, curl 7.71.1, GRUB 2.04, intel-microcode 20200616, hyperscan 5.3.0, iproute2 5.8.0, kbd 2.2.0, logrotate 3.17.0, lsof 4.91, mpfr 4.1.0, popt 1.18, unbound 1.11.0, xfsprogs 5.7.0
Add-ons
Updated: clamav 0.102.4, dnsdist 1.5.0, haproxy 2.2.2, fping 5.0, libvirt 6.5.0, minicom 2.7.1, nfs 2.5.1, postfix 3.5.6, qemu 5.0.0, rsync 3.2.3, spandsp 0.0.6, tor 0.4.3.6, tshark 3.2.6, usbredir 0.8.0, watchdog 5.16, WIO
Marcel Follert has contributed a new package: socat, a CLI tool which can be used to communicate with UNIX sockets.

For More Information, visit Distrowatch

Screenshots
Category IPFire
Home Page http://www.ipfire.org/
Support Forums
Rating
  • Currently nan/5
Rating: nan out of 5.0 (Votes: 0) For your upload!

Size 302.00 MB
Show/Hide Files
1 file
AddDate 17/09/2020
Uploader
Speed 0 KB/sec
Down 25 times
peers seeds: 8, leechers: 0 = 8 peers
Report
Similar torrents
NameAddedSizeSeedersLeechers
ipfire-2.27.x86_64-full-core160.iso05/10/2021406.00 MB150
ipfire-2.21.x86_64-full-core12416/10/2018240.00 MB130
ipfire-2.25.i586-full-core142.iso18/03/2020293.00 MB130
ipfire-2.25.2gb-ext4.x86_64-full-core143.img.xz20/04/2020251.74 MB110
ipfire-2.25.2gb-ext4.aarch64-full-core143.img.xz20/04/2020218.02 MB110
ipfire-2.25.2gb-ext4.armv5tel-full-core143.img.xz20/04/2020211.01 MB110
ipfire-2.25.x86_64-full-core144.iso24/04/2020278.00 MB100
ipfire-2.25.x86_64-full-core143.iso20/04/2020283.00 MB90
ipfire-2.25.2gb-ext4.x86_64-full-core142.img.xz18/03/2020260.40 MB90
ipfire-2.25.x86_64-full-core148.iso12/09/2020300.00 MB90
Update
Announce URLSeedersLeechersDownloaded
http://ipv6.tracker.ipfire.org:6969/announce000
udp://ipv6.tracker.ipfire.org:6969000
http://ipv4.tracker.ipfire.org:6969/announce400
udp://ipv4.tracker.ipfire.org:6969400
Last Update 12/06/2024 08:31:08 (12/06/2024 08:31:08)


No comments...