Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    2.3.1 Update 1 Available

    Messages from the pfSense Team
    9
    19
    7221
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cmb last edited by

      2.3.1 Update 1 is now available. The changes can be found appended to the 2.3.1-RELEASE change list under Update 1.
      https://doc.pfsense.org/index.php/2.3.1_New_Features_and_Changes#Update_1

      1 Reply Last reply Reply Quote 0
      • jdillard
        jdillard last edited by

        And the blog post: https://blog.pfsense.org/?p=2068

        1 Reply Last reply Reply Quote 0
        • A
          AR15USR last edited by

          @cmb:

          2.3.1 Update 1 is now available. The changes can be found appended to the 2.3.1-RELEASE change list under Update 1.
          https://doc.pfsense.org/index.php/2.3.1_New_Features_and_Changes#Update_1

          I noticed your doc (https://pfsense.org/security/advisories/pfSense-SA-16_05.webgui.asc) is PGP signed. Do you have your public key posted for us to download? Or whats the ID we can search the key servers for?

          Thanks

          1 Reply Last reply Reply Quote 0
          • C
            cmb last edited by

            @AR15USR:

            I noticed your doc (https://pfsense.org/security/advisories/pfSense-SA-16_05.webgui.asc) is PGP signed. Do you have your public key posted for us to download? Or whats the ID we can search the key servers for?

            ID 0x9214F8DA

            1 Reply Last reply Reply Quote 0
            • J
              JorgeOliveira last edited by

              Just a side-note, using 32bit key IDs is a bad idea. See https://evil32.com for details.

              I've found a key on the keyserver for "pfSense Security Team (Security Advisories for pfSense) <security at="" pfsense="" dot="" org="">" with the following fingerprint "E345 EF8C 4539 E974 943C  831D 13B9 87FD 9214 F8DA".

              The message is successfully verified with that key.

              I'd recommend the applicable public PGP key to be added here for reference: https://www.pfsense.org/security/</security>

              1 Reply Last reply Reply Quote 0
              • A
                AR15USR last edited by

                @JorgeOliveira:

                Just a side-note, using 32bit key IDs is a bad idea. See https://evil32.com for details.

                I've found a key on the keyserver for "pfSense Security Team (Security Advisories for pfSense) <security at="" pfsense="" dot="" org="">" with the following fingerprint "E345 EF8C 4539 E974 943C  831D 13B9 87FD 9214 F8DA".

                The message is successfully verified with that key.

                I'd recommend the applicable public PGP key to be added here for reference: https://www.pfsense.org/security/</security>

                Jorge are you saying they should identify their key by the longer ID of "0x13b987fd9214f8da"? Just curious..

                1 Reply Last reply Reply Quote 0
                • K
                  kpa last edited by

                  @AR15USR:

                  @JorgeOliveira:

                  Just a side-note, using 32bit key IDs is a bad idea. See https://evil32.com for details.

                  I've found a key on the keyserver for "pfSense Security Team (Security Advisories for pfSense) <security at="" pfsense="" dot="" org="">" with the following fingerprint "E345 EF8C 4539 E974 943C  831D 13B9 87FD 9214 F8DA".

                  The message is successfully verified with that key.

                  I'd recommend the applicable public PGP key to be added here for reference: https://www.pfsense.org/security/</security>

                  Jorge are you saying they should identify their key by the longer ID of "0x13b987fd9214f8da"? Just curious..

                  That and the key fingerprint as well, forging those two combined is practically impossible.

                  1 Reply Last reply Reply Quote 0
                  • R
                    rjbradlow last edited by

                    This update broke my instance.  >:(
                    2.3.0 and 2.31 was fine but 2.3.1_1 boots and has console errors above menu:

                    Fatal error: require_once(): Failed opening required 'config.inc' (include_path='.:/usr/local/share/pear') in /etc/rc.banner on line _32_ ... 
                    

                    Then continues to vomit the rest of that code all over the console screen and the usual menu appears but with limited functionality.
                    There is NO 'pear' in /usr/local/share/

                    All interfaces are down and cannot be reset; Menu options 1 and 2 do not work.

                    I changed the boot kernel from kernel.old back to kernel and that did not help.

                    I can get shell as menu choice 8 works but 12 (dev shell) does not.

                    Menu: '13) Update from console'  runs into errors… the same that caused this mess as follows:

                    
                    Warning: require_once(config.inc): failed to open stream: No such file or directory on /etc/rc.conf_mount_rw on line 31
                    
                    Call Stack:
                         0.0002     117684    1\. {main}() /etc/rc.conf_mount_rw:0
                    
                    Fatal Error: require_once(): Failed opening required 'config.inc' (include_path='.:/usr/local/share/pear') in /etc/rc.conf_mount_rw on line 31
                    
                    Call Stack:
                         0.0002     117684    1\. {main}() /etc/rc.conf_mount_rw:0
                    
                    /usr/local/sbin/pfSense-upgrade: grep: not found 
                    
                    ...~
                    
                    

                    Menu: '15) Restore recent configuration'  does not work.

                    Is this update broken or what??

                    Thank you for looking into it.

                    1 Reply Last reply Reply Quote 0
                    • J
                      JorgeOliveira last edited by

                      @AR15USR:

                      Jorge are you saying they should identify their key by the longer ID of "0x13b987fd9214f8da"? Just curious..

                      Yes.

                      @rjbradlow:

                      This update broke my instance.  >:(
                      (…)
                      I can get shell as menu choice 8 works but 12 (dev shell) does not.
                      (...)

                      This may be caused by network/hardware problem causing an half-baked upgrade process. I'd recommend running this on shell:

                      pkg upgrade -f
                      

                      It will download and reinstall all packages. Be aware this may take a considerable amount of time: 30 minutes to 2 hours. Be patient.

                      1 Reply Last reply Reply Quote 0
                      • R
                        rjbradlow last edited by

                        @JorgeOliveira:

                        @rjbradlow:

                        This update broke my instance.  >:(
                        (…)
                        I can get shell as menu choice 8 works but 12 (dev shell) does not.
                        (...)

                        This may be caused by network/hardware problem causing an half-baked upgrade process. I'd recommend running this on shell:

                        pkg upgrade -f
                        

                        It will download and reinstall all packages. Be aware this may take a considerable amount of time: 30 minutes to 2 hours. Be patient.

                        Thank you Jorge but I also mentioned that all interfaces were down… and unable to be brought up so no dice there... No Network at all. Totally hosed.
                        I'm a Linux / bash guy and not familiar enough with the castrated shell in pfSense to attempt trying to fix it by hand.
                        If you look at the error again it states that the update was looking for a nonexistent directory named 'pear' and thus the missing file 'config.inc' as well.

                        So am I to gather from your reply that this directory does actually exist and was not downloaded by some networking glitch on a machine that had been updating and working flawlessly up to the latest update?

                        If so then why would it have been deleted instead of overwritten during a minor update from 2.3.1 to 2.3.1_1?

                        ???

                        1 Reply Last reply Reply Quote 0
                        • P
                          phil.davis last edited by

                          I don't know what the PEAR thing is about, maybe that happ0ened to be the last dir in the searchlist for looking for include files.
                          You should have a bunch of include files in /etc/inc

                          /etc/inc/config.inc
                          

                          Do you have files there?
                          Does the content of /etc/inc/config.inc look like a bunch of PHP functions?

                          1 Reply Last reply Reply Quote 0
                          • R
                            rjbradlow last edited by

                            @phil.davis:

                            Does the content of /etc/inc/config.inc look like a bunch of PHP functions?

                            Yes it is there with all of it's friends and yes it is PHP.

                            1 Reply Last reply Reply Quote 0
                            • P
                              phil.davis last edited by

                              @rjbradlow:

                              @phil.davis:

                              Does the content of /etc/inc/config.inc look like a bunch of PHP functions?

                              Yes it is there with all of it's friends and yes it is PHP.

                              That's a good start.
                              /etc/rc.php_ini_setup should create:

                              /usr/local/etc/php.ini
                              

                              and that should specify the include path:

                              include_path = ".:/etc/inc:/usr/local/www:/usr/local/captiveportal:/usr/local/pkg:/usr/local/www/classes:/usr/local/www/classes/Form"
                              

                              and if all that is good, then config.inc (and lots of other include files) should be found.

                              1 Reply Last reply Reply Quote 0
                              • R
                                rjbradlow last edited by

                                @phil.davis:

                                That's a good start.
                                /etc/rc.php_ini_setup should create:

                                /usr/local/etc/php.ini
                                

                                and that should specify the include path:

                                include_path = ".:/etc/inc:/usr/local/www:/usr/local/captiveportal:/usr/local/pkg:/usr/local/www/classes:/usr/local/www/classes/Form"
                                

                                and if all that is good, then config.inc (and lots of other include files) should be found.

                                ./rc_php_ini_setup: /usr/bin/grep: not found
                                

                                Thank you Phil.  :)

                                Downloaded and mounted latest ISO, copied grep from ISO to /usr/bin/

                                Re-ran /etc/rc_php_ini_setup and exited to find a normal console menu

                                Further repairs in progress.

                                1 Reply Last reply Reply Quote 0
                                • 2
                                  2chemlud Banned last edited by

                                  Hy!

                                  Don't get me wrong, but is it really worth the effort? Fresh install, extract your config.xml, copy over to fresh install and start over again… max 1 hour, I guess.

                                  regards

                                  chemlud

                                  1 Reply Last reply Reply Quote 0
                                  • R
                                    rjbradlow last edited by

                                    @2chemlud:

                                    Hy!

                                    Don't get me wrong, but is it really worth the effort? Fresh install, extract your config.xml, copy over to fresh install and start over again… max 1 hour, I guess.

                                    regards

                                    chemlud

                                    Thanks chemlud,
                                    It was certainly worth the learning experience.

                                    Must have been a botched download like Jorge said.

                                    I booted the cd and did a recovery which extracted the xml file and all was done in a matter of a few minutes after my last post.

                                    quick and painless thanks to everyone's help here and the fine job the devs did with that nice recovery feature.

                                    Thanks to all … great job guys!!

                                    1 Reply Last reply Reply Quote 0
                                    • jdillard
                                      jdillard last edited by

                                      @JorgeOliveira:

                                      Just a side-note, using 32bit key IDs is a bad idea. See https://evil32.com for details.

                                      I've found a key on the keyserver for "pfSense Security Team (Security Advisories for pfSense) <security at="" pfsense="" dot="" org="">" with the following fingerprint "E345 EF8C 4539 E974 943C  831D 13B9 87FD 9214 F8DA".

                                      The message is successfully verified with that key.

                                      I'd recommend the applicable public PGP key to be added here for reference: https://www.pfsense.org/security/</security>

                                      It's there now: https://pfsense.org/security/

                                      1 Reply Last reply Reply Quote 0
                                      • K
                                        keen last edited by

                                        is 2.3.1 Update 2 in the air ??

                                        my ssh checking update has detected an upgrade, i have reloaded my pfsense box but nothing changed…

                                        what is going ?

                                        1 Reply Last reply Reply Quote 0
                                        • C
                                          cmb last edited by

                                          @keen:

                                          is 2.3.1 Update 2 in the air ??

                                          https://forum.pfsense.org/index.php?topic=113435.msg630835#msg630835

                                          1 Reply Last reply Reply Quote 0
                                          • First post
                                            Last post

                                          Products

                                          • Platform Overview
                                          • TNSR
                                          • pfSense
                                          • Appliances

                                          Services

                                          • Training
                                          • Professional Services

                                          Support

                                          • Subscription Plans
                                          • Contact Support
                                          • Product Lifecycle
                                          • Documentation

                                          News

                                          • Media Coverage
                                          • Press
                                          • Events

                                          Resources

                                          • Blog
                                          • FAQ
                                          • Find a Partner
                                          • Resource Library
                                          • Security Information

                                          Company

                                          • About Us
                                          • Careers
                                          • Partners
                                          • Contact Us
                                          • Legal
                                          Our Mission

                                          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                                          Subscribe to our Newsletter

                                          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                                          © 2021 Rubicon Communications, LLC | Privacy Policy