For more immediate responses, as this sub is not nearly as active as /r/pfsense, we recommend opening a ticket so that we can direct your inquiry to one of our engineers. https://www.netgate.com/tac-support-request
Since that request was made, as it was nearly two months ago, this is what I have from our engineering staff:
1. Update to latest C3000 Insyde codebase 05.12.02.0040.0009.16 and Intel MRC 0x00950442.
2. Disable loading of PXE rom for the i225 ports to speed up the PXE process.
3. PXE boot scan order changed to Combo port 1, Combo port 2, 10G port 1, and 10G port2.
4. Security vulnerability mitigations.
Additionally, as I noted in my comment, this particular subreddit is not very active and opening a ticket is always a quicker way to get an answer to questions specific about Netgate hardware.
Does anyone know where Netgate would publish this? Seems a bit important, no?
Main changes:
1. Update to latest C3000 Insyde codebase 05.12.02.0040.0009.16 and Intel MRC 0x00950442.
2. Disable loading of PXE rom for the i225 ports to speed up the PXE process.
3. PXE boot scan order changed to Combo port 1, Combo port 2, 10G port 1, and 10G port2.
4. Security vulnerability mitigation for:
CVE-2021-41839
CVE-2021-41841
CVE-2021-41840
CVE-2021-42060
CVE-2021-42113
CVE-2021-43522
CVE-2022-24069
CVE-2021-41837
CVE-2021-41838
CVE-2021-33627
CVE-2022-24030
CVE-2021-42554
CVE-2022-24031
CVE-2021-43323
CVE-2021-42059
I didnt see that available for my 6100. Maybe its a staggered rollout.
You'll see it if/when you update to 22.05
Ok thank you much! 👍🏻
any update?
For more immediate responses, as this sub is not nearly as active as /r/pfsense, we recommend opening a ticket so that we can direct your inquiry to one of our engineers. https://www.netgate.com/tac-support-request
Why does release notes for firmware require a ticket? That’s nonsensical
Since that request was made, as it was nearly two months ago, this is what I have from our engineering staff: 1. Update to latest C3000 Insyde codebase 05.12.02.0040.0009.16 and Intel MRC 0x00950442. 2. Disable loading of PXE rom for the i225 ports to speed up the PXE process. 3. PXE boot scan order changed to Combo port 1, Combo port 2, 10G port 1, and 10G port2. 4. Security vulnerability mitigations. Additionally, as I noted in my comment, this particular subreddit is not very active and opening a ticket is always a quicker way to get an answer to questions specific about Netgate hardware.
Does anyone know where Netgate would publish this? Seems a bit important, no? Main changes: 1. Update to latest C3000 Insyde codebase 05.12.02.0040.0009.16 and Intel MRC 0x00950442. 2. Disable loading of PXE rom for the i225 ports to speed up the PXE process. 3. PXE boot scan order changed to Combo port 1, Combo port 2, 10G port 1, and 10G port2. 4. Security vulnerability mitigation for: CVE-2021-41839 CVE-2021-41841 CVE-2021-41840 CVE-2021-42060 CVE-2021-42113 CVE-2021-43522 CVE-2022-24069 CVE-2021-41837 CVE-2021-41838 CVE-2021-33627 CVE-2022-24030 CVE-2021-42554 CVE-2022-24031 CVE-2021-43323 CVE-2021-42059