pfSense Plus RELEASE 23.09.1

These releases have changes related to three ZFS file system issues, two of which could lead to data corruption. The first is related to block cloning, a ZFS feature that is not currently enabled in pfSense software. The second, as detailed in this FreeBSD Errata Notice, is related to reporting holes in sparse files, which is difficult to trigger given typical usage on a system loaded with pfSense software. However, given other data corruption problems reported in the same area in the past, we have included a change to address the issue. This fix may result in a small increase in storage space used. These releases also correct a third ZFS issue that can cause high CPU usage. Details for this issue are available in this FreeBSD Errata Notice.

In addition to these fixes for ZFS, these releases also:

• Address a security advisory for a potential TCP denial of service (DoS) attack from spoofed RST packets (FreeBSD-SA-23:17.pf).
• Update OpenVPN to version 2.6.8. Details on this release of OpenVPN are available in these release notes.
• Update strongSwan to address a potential buffer overflow issue (CVE-2023-41913).
• Fix bugs in the fallback implementation of AES-GCM.
• Addressed a number of other bugs and issues which are listed in the Release Notes.