Any security related reason to upgrade from 2.3.4?
I have a small watchguard box that I loaded pfSense on back in about 2014, and it's been running so well, I never have found a reason to mess with it. A couple years ago, I bought an X750e watchguard off of ebay with the intention of upgrading to it, so I could have the additional ports, and a box that would actually be rack mounted, but lazyness and the fact that the little box was running so well had made me put it off..
Today, I decided to finally get out the new box and load pfSense so I could rack mount the firewall, and I have realized for the first time that I'm running on out of date code (I actually was impressed that the version hadn't needed to be upgraded in a couple years!) and that even the new box, not being x64 wont run current code..
I loaded the latest up in a VMWare virtual just to see it, and it fundamentally looks the same, but now that I know my software is a couple years out of date/support it kind of bothers me to run this old version.
SO.. questions are.. Are there any known vulnerabilities with the old 2.3.4 code that I should be concerned with, or as long as I'm not needing a feature that is only in the 2.4 versions, should I not worry about it, and just go ahead and put 2.3.4 on this new box so I can rack mount it, and go on with my life oblivious that there is something newer out there?
Is there a list of major new features in 2.4 and/or that I'm going to be missing soon? (Native support for wireguard is the only thing I can think of now that would be very interesting to me, without knowing what might be on the list)
The cheapskate in me wants you to tell me I'm Ok.. just keep running what I have.
The geek in my wants you to tell me to spend some dollars and get some shiny new hardware, and get with the new version..
What do you think?
Thanks, both for the help, and the fantastic system that has literally allowed me to just be happy for the last 6 years that it's been working flawlessly without me having to think about it!
Check the release notes for every release from then to now. There are many, many security issues fixed after that point.
Always run the most recent supported release. 2.3.4 is over 3 years old and over 15 releases behind.
Wow.. Yeah.. Thanks! I think I'm in the market for some new hardware.. It was good to see all that in writing