2.3.4-p1 New Features and Changes

From PFSenseDocs
Jump to: navigation, search
Important30.png WARNING Important30.png
This release is still under development and this list of changes is a work in progress and subject to change.

The 2.3.4-p1 errata release is a minor release after 2.3.4 and contains beneficial security and bug fixes.

Security / Errata

  • FreeBSD/ports Security Advisories
    • Updated (list pending)
  • pfSense Advisories
    • pfSense-SA-17_05.webgui:
      • Fixed a potential XSS issue in the diag_edit.php file browser #7650
      • Fixed a potential XSS in handling of the 'type' parameter on diag_table.php #7652
      • Fixed validation and a potential XSS in interface names on firewall_nat_edit.php #7651

Bug Fixes

Captive Portal

  • Fixed Captive Portal RADIUS Authentication to only cache credentials when required to perform reauthentication #7528
  • Restored the captive portal feature to view the captive portal page directly from the portal web server as an additional button #7646

Dynamic DNS

  • Fixed issues with wildcard CNAME records disappearing from Loopia when doing a DNS update
  • Fixed issues with CloudFlare Dynamic DNS
  • Fixed Hover Dynamic DNS updates so they Verify the SSL Peer


  • Added syslogd service definition to enable status display and control #4382
  • Fixed issues with syslogd stopping when installing or uninstalling some packages #7256

Virtual IP Addresses

  • Fixed issues with CARP status display overmatching some VIP numbers #7638
  • Fixed pid file handling for choparp (Proxy ARP Daemon)
  • Added the ability to sort the Virtual IP address list


  • Fixed diag_dns.php so it will not create an empty alias if name does not resolve
  • Fixed diag_dns.php to not show Add Alias if the user does not have privileges to add an alais
  • Fixed diag_dns.php to change the update alias button text after adding an alias
  • Fixed diag_dns.php to disable the Add Alias button when the host field is changed


  • Fixed DHCPv6 to request a prefix delegation even if no interfaces are set to track6 #4544
  • Updated handling of original MAC address retention for interfaces with spoofed MACs.


  • Removed "/usr/local/share/examples" from obsolete files list, some packages rely on the files being there
  • Added a few more items to status.php for support purposes, such as a download button, socket buffer info, and the netgate ID
  • Fixed status.php to redact BGP MD5 password/key in output #7642
  • Fixed OpenVPN to use is_numeric() to make sure $prefix is not 0
  • Changed the "Rule Information" section so it is consistent between firewall and NAT rule pages
  • Fixed APU2 detection for devices running coreboot v4.x
  • Fixed the tunable description for net.inet.ip.random_id #6087
  • Fixed some outdated links for help and support
  • Fixed some issues with empty config tags in packages #7624
  • Fixed an issue where some DHCP Lease information was encoded twice with htmlentities/htmlspecialchars