Hi all,

Today a XSS vulnerability in the certificate manager is being fixed that is based on a crafted certificate being imported into the system. PHP was finally updated from 7.0 to 7.1 which should make things a bit faster. Last but not least, the HAProxy plugin by Frank Wall receives a major update for improved usability, several new features and two bug fixes.

Here are the full patch notes:

A hotfix release was issued as 17.7.9_8:

Another hotfix release was issued as 17.7.9_9:


Stay safe,
Your OPNsense team