Is CE 2.7.2 fully patched as secure as CE 2.8 ?
-
Hi,
From a security perspective, is it possible to delay the update to 2.8 if 2.7.2 is fully patched?
Thank you for your answer
Bric
-
The "system patches" are mostly GUI "script" corrections, they rarely influence the real security.
As 2.8.0 is FreeBSD 15, and a more recent OS is always better, I tend to so that 2.8.0 is a (very) little bit more safe.
Let's say you gain 0,01 % - the other 99,99 % is in the hands of the admin, as it depends how you've setup your pfSense, etc.
Afaik, 2.7.2 is still "supported", so you could wait with the upgrade.Better / more info : Netgate Releases pfSense
Community Edition Version 2.8.0.
-
Yup the system patches package can only update run-time scripts. Some things that are packages can be updated separately so you can
pkg upgrade
them in the current branch.But a new release will have fixes and patches to core components that cannot be applied so would be considered more secure.
However at this point there are no known issues with 2.7.2 that would concern me.