The End ?
-
For what ive seen on the bounty "market", theres not been any bounty cleared since in march 2016.
And no more security advisories since 2016-06-16. https://www.pfsense.org/security/advisories/
Not due to no bounties,bug or security issues, but it seems that the reason is some where else.
So is this the last breath of a free Pfsense we see and a new PFsense commercial product soon arise?
Well for what its worth, u better hold yer breath.
Meanwhile im personally going to check what other free firewalls there is that fulfill my cravings, what i know there IS others "out there" ;) -
I believe you may be delusional or just here to spread a little FUD my friend..
You seem to have never posted a bounty nor answered up for one yourself.. :o ;)
edit- to add to your edit.. I find it refreshing that this product is not constantly in need of "Security Advisories".. like some of the other like products are.
edit2 your name wouldn't be Mowgli Assor would it?
-
It's almost as though competitors are paying shills to short the stock of pfsense with negative ideas and lack of confidence.
-
Hmmm.
I just asked , and not stating anything.
But it seems that some cant even try to answer anything without going personal. Nice community!Guess i have to find answers somewhere else.
-
Perhaps you are being rude. Has that occurred to you?
You come in to pfsense's forum, trash them with clickbait style musings and expected what, exactly?
-
Mowgli : You didn't answer my last question..
I ask because your name already comes up as one of the largest contributors on another project last year. And your apparent language of choice would put you right in their backyard..
It seems that W4RH34D is spot on if that is the case.
I actually believe that specific product I mention (or didn't) will do exactly what you claim this one of attempting very soon. But that is just me.
-
LOL he's at it here too:-
https://forum.pfsense.org/index.php?topic=123068.0
-
Perhaps you are being rude. Has that occurred to you?
You come in to pfsense's forum, trash them with clickbait style musings and expected what, exactly?
Can you explain in what way i did those things you are accusing me for.
-
LOL he's at it here too:-
https://forum.pfsense.org/index.php?topic=123068.0
Glad to see that you are so easily amused by someone that can post in other languages than english.
-
Still no answer to the question?
-
LOL he's at it here too:-
https://forum.pfsense.org/index.php?topic=123068.0
Glad to see that you are so easily amused by someone that can post in other languages than english.
I find it funny that your trying to spread your FUD in different languages after joining nearly two years ago and managing only 13 posts.
Good luck trying to find another product that better suits your needs, now trot on
-
In what way are my question FUD ?
What have my time of joining for relevance?
Do the amount of post matter for some reason?And again someone in this community is getting on a personal level..
-
I believe you may be delusional or just here to spread a little FUD my friend..
You seem to have never posted a bounty nor answered up for one yourself.. :o ;)
edit- to add to your edit.. I find it refreshing that this product is not constantly in need of "Security Advisories".. like some of the other like products are.
edit2 your name wouldn't be Mowgli Assor would it?
Was asking about the sec adv, yes. cause this PFSense is build of FreeBSD and they have some security advice's that's not posted in PfSense, so i wonder if those doesnt apply on pfsense.
My name is of no relevance here.
-
-
So how about you name a specific freebsd security advisory..
Such a question is valid on when such an advisory would be included in pfsense, or if for whatever reason such a advisory does not apply, etc.
Pfsense clearly includes security patches from freebsd, in their release. For example the last p1 update included..
https://www.freebsd.org/security/advisories/FreeBSD-SA-16:26.openssl.ascBut how exactly is no new posts since June on this list
https://pfsense.org/security/advisories/Point to the end of pfsense??? WTF dude clearly that is a trolling/fud sort of post..
Are you subscribed to the mailing list for sec adv?
Maybe your worried about this freebsd one about telnet?
https://www.freebsd.org/security/advisories/FreeBSD-SA-16:36.telnetd.ascSince pfsense doesn't have telnet available - not sure how that would be an issue?
Maybe your concerned with the new ntp one that just came out this month?
https://www.freebsd.org/security/advisories/FreeBSD-SA-16:39.ntp.ascIf so that would be a valid sort of question.. But to be honest, not sure its a recommended setup to run ntp to the public on your firewall ;) So the concern would only be from your internal network, vpn users maybe. So while it should get get patches in newer releases. Doesn't seem like such high profile issue that pfsense should have to release a special patch or security advisory about it.
-
Was asking about the sec adv, yes. cause this PFSense is build of FreeBSD and they have some security advice's that's not posted in PfSense, so i wonder if those doesnt apply on pfsense.
To this specific point, this is not how vendor advisories work. Advisories are issued by the owner of the code that contains/creates the vulnerability, and are not repeated by downstream projects. In other words the OpenSSL project issuing an advisory does not mean the FreeBSD project issues an advisory, the FreeBSD project issuing an advisory does not mean that the pfSense project issues an advisory, etc. Downstream projects issue releases, not advisories. This has been done.
-
-
-
Thanks johnpoz, dennypage .
-
Even one brief look at redmine or github would show we are all very busy working every day.
There are few bounties because we either fix things ourselves internally without bounties or there are no community developers looking to take on the work.
The developers of pfSense were not the ones who used to take on all the bounties, not in many years if ever, and the rare times we did it was back when we were very small and maybe someone needed a few extra bucks. Bounties are meant to entice members of the community to get involved and not meant to crowdfund new pfSense features made by the core team.
We haven't published any security advisories because there hasn't been anything worth publishing about. The new NTP issue, perhaps, and maybe an odd XSS or two are pending for the next release we cut, but nothing severe enough to warrant an immediate new release and the publishing of an SA.
This whole thread was a reach, you found two of the most ridiculous "metrics" and lept to meritless conclusions, thus the rightful conclusion that this was FUD. There can be no meaningful discussion here.
