Distribution Release: IPFire 2.25 Core 149

  • IPFire is a Linux-based distribution for network appliances such as routers and firewalls. The project’s latest release is IPFire 2.25 Core Update 149 which focuses on performance improvements. “IPFire is based on glibc 2.32, the standard library for all C programs, and GCC 10.2, the GNU Compiler Collection. Both bring various bug fixes and improvements. The most notable change is that we have decided to remove a mitigation Spectre 2 which caused that user space programs in IPFire were running about 50% slower due to using a microcode feature which is called “retpoline”. Those “return trampolines” disable the branch prediction engine in out-of-order processors which was considered to help with mitigating leaking any information from any unaccessible kernel space. This is however not as effective as thought and massively decreases performance in the user land which mainly affects features like our Intrusion Prevention System, Web Proxy and URL filter. We still use this mechanism to avoid leaking any kernel memory into the user space.” Additional information can be found in the distribution’s release announcement. Download (SHA256): ipfire-2.25.x86_64-full-core149.iso (302MB, torrent, pkglist).

    (Feed generated with FetchRSS)


Log in to reply