@al1x:
In this case a freeze attack would involve an attacker intercepting a firmware update and feeding back to the update process the same version of the firmware as existed on the router. If the firmware update was released to patch a significant security hole the system would simply reinstall the unpatched version of pfSense leaving the system still vulnerable to the security hole the update was intended to patch, very much impacting the integrity of the system.
Which would be noticed by anyone paying any kind of attention, reboot and you're still on the same version. Still has no impact on the integrity, it would only install an official update. Besides if it's so hackable, why would anyone bother just ensuring it stays that way? Own the box and be done with it. In that case you'd likely want to patch it yourself after you owned it. Everything here, short of issues addressed by PBI signing, are way out there. If you care enough to put your time into addressing such things, we'd accept patches, but I'm not going to pay people to address theoretical problems that will never, ever happen because there are a million worse things you could do completely unrelated to the firewall if you were in a position to do those.
We have considered pulling everything via HTTPS at some point in the future and verifying the cert, which would help address all these too.