VyOS Project July 2025 Update
IKEv2 retransmission options, SRv6 improvements, multiple bug fixes, and a simple CLA workflow for pull requests| blog.vyos.io
IKEv2 retransmission options, SRv6 improvements, multiple bug fixes, and a simple CLA workflow for pull requests| blog.vyos.io
Hello, Community! Customers and holders of contributor subscriptions can now download VyOS 1.4.3 release images and the corresponding source tarball. This release includes fixes for CVE-2024-3596 (BlastRADIUS) — a vulnerability in the RADIUS PAM module that made it possible (even if not easy) for an attacker capable of active MitM to forge a server response and log in to a vulnerable system without valid credentials. It also fixes over seventy bugs and adds a few new features. Those featur...| VyOS - Blog
new WAN load balancing implementation, a fix for CVE-2025-30095, and over sixty bug fixes #vyos #vyos-stream #release| blog.vyos.io
VyOS Platform Project news and updates All about development and project life in our blog| blog.vyos.io
We are happy to announce the next major 6.0.0 release of the VyOS Ansible Collection. It is now available from Ansible Galaxy and is also a certified collection for the Red Hat Ansible Automation Platform. If you are an active Ansible user, you surely noticed that the Ansible collection for VyOS lost its momentum at some point and remained stagnant for quite some time. Earlier this year, we had the repositories transferred to our organization on GitHub, took over the development, and formed...| VyOS - Blog
Bridge firewall improvements, ongoing configuration system rework, and many bug fixes. #vyos #project #update| blog.vyos.io
good progress with VPP, an option to revert to the old image on upgrade failure, BPDU guard for bridged, and lots of bug fixes #vyos #project #update| blog.vyos.io
DDNS updates support in DHCP server, VTI traffic selectors, SLAAC auto-ignore prefixes, and more! #vyos #project #update| blog.vyos.io
Over forty bug fixes, faster BGP convergence, safer upgrades, BRAS improvements, and more! #vyos #release| blog.vyos.io
Hello, Community! It's spring in the northern hemisphere, and here's the March update. A lot of our effort is currently going into the development of the accelerated dataplane based on VPP: We added a prototype of IPsec, and we are actively working on support for NAT. But there are many other updates, including a fix for a vulnerability in service console-server, support for loading firewall groups from a URL, an option to set a custom container registry, and more. Read on for details!| VyOS - Blog
VyOS 1.3 has reached End of Life. Upgrade to VyOS 1.4 to continue receiving security updates, bug fixes, and feature backports. Stay secure—upgrade today!| blog.vyos.io
Another MWC Barcelona has come to an end, and what a week it has been! VyOS Networks was proud to be part of one of the most important global gatherings in the tech industry, where we had the chance to engage with industry leaders, showcase our latest innovations, and discuss the future of secure networking, cloud, and edge computing.| VyOS - Blog
Initial implementation of a VPP-based accelerated dataplane, rewritten WAN load balancing, and more! #vyosnetworks #vyos #project #update| blog.vyos.io
the first technology preview of the future 1.5 release. #vyos #vyos-stream #release| blog.vyos.io
FRR-based NHRP for DMVPN, unified sFlow, FQDN peer address for WireGuard and more! #vyos #project #update| blog.vyos.io
Hello, Community! The December update is here! The biggest highlight of this month is the 1.4.1 release but there was lots of work in the rolling release as well, both from the maintainers team and from our contributor community. One of the biggest news in the rolling release is that we are ready to update FRR — our routing protocol stack — to the latest 10.2 release. That will allow us to get rid of the legacy OpenNHRP daemon that we use for DMVPN and use FRR's built-in NHRP implementati...| VyOS - Blog
Patches for multiple CVEs, Base64-encoded IPsec secrets, and multiple bug fixes — read on for details! #vyos #release #1.4.1 #networking #updates| blog.vyos.io
Hello, Community! The November update is here. This post is short, but not all we've done lately: many internal changes in the configuration system will soon significantly improve commit speeds and open up a path to even more significant improvements. The 1.4.1 release is around the corner, together with the first VyOS Stream image — all built by the new CI system that produces tarballs with the corresponding source code for every image. But now, let's focus on the changes we made in the ro...| VyOS - Blog
Hello, Community! The October update, which summarizes our work in September, is here. The maintainers and community contributors were busy: four new features, multiple small improvements, and a few bug fixes. Then, there is secure boot implementation, but that will get its blog post when the last bits fall into place!| VyOS - Blog
Hello, Community! Our community member Fabian Riechsteiner brought to our attention that the version of the Zabbix agent present in VyOS 1.4.0 is susceptible to a remote code execution vulnerability — CVE-2023-32728. We made a hotfix available to subscribers, and the fix will be a part of the upcoming VyOS 1.4.1 release.| VyOS - Blog
Greetings, Community! I'm back with an exciting topic: Azure Accelerated Networking and its integration with VyOS Universal Router. In this discussion, we'll delve into how this powerful feature can be leveraged to create high-performance routers in the Azure cloud environment. Our focus will be on: Understanding Azure Accelerated Networking. Steps to integrate this feature with VyOS. Practical use cases for building efficient, high-speed routers on Azure. Potential benefits and considerat...| VyOS - Blog
Hello, Community! Hurricane Helene caused enormous devastation and many deaths in North America. We keep getting updates, and it looks terrible. Now, Hurricane Milton is on the way. None of our team was personally affected, but we all know someone who was, and naturally, we would like to help as we can.| VyOS - Blog
Hello, Community! Summer is over now, and many people are returning to their routines. Check out what we've done in the last month of the summer: that includes a few small config syntax changes, multiple improvements in OpenVPN, an API endpoint for importing PKI objects, and a whole bunch of bug fixes!| VyOS - Blog
Hello, Community! This month's development news includes many bug fixes and features, including remote access IPsec using VTI interfaces, support for WPA enterprise clients, and machine-readable tech support reports.| VyOS - Blog
Hello, Сommunity! This summer is anything but a slow news season, but if you need a break from world events, here's a VyOS development update for you — a purely technical read. Our development efforts in June brought a reorganized (and much faster) config syntax migration subsystem, improvements in QoS and reverse proxy; support for raw firewall tables, and more.| VyOS - Blog
Hello, Community! Today Qualys's security team has disclosed a remotely exploitable vulnerability in OpenSSH server. It was assigned CVE-2024-6387 number and nicknamed "regreSSHion" because its cause is an accidental removal of code that fixed a much earlier vulnerability back in 2006. It affects OpenSSH versions older than 4.4p1 and versions between 8.5p1 and 9.8p1. VyOS 1.3.8 includes OpenSSH 7.9p1 and thus isn't vulnerable. VyOS 1.4.0 includes 9.2p1 and will need a patch to remain secure.| VyOS - Blog
Hello, Сommunity! Recently, there have been a lot of questions about LTS release-building procedures. We are making changes in that area — not least due to specific patterns in user behavior, and now it's a good time to discuss that.| VyOS - Blog
Hello, Community! While VyOS 1.4/Sagitta has taken its final shape, and we are working to smoothen any remaining sharp edges (especially in migration scripts), the upcoming 1.5/Circinus branch is the new frontier where we can go wild and experiment freely. Safe features from the current branch are still backported to 1.4/Sagitta. Still, we already have non-back portable features — such as improvements to the new DHCP server implementation based on Kea rather than the now-obsolete ISC DHCP s...| VyOS - Blog
Hello, Community! We are happy to announce that the VyOS 1.4.0-epa1 image is now available to customers and contributors (and everyone can build it from the sagitta branch of vyos-build, of course)! If you are new to VyOS, the "EPA" part means "early production access" — that's the final stage when the release is already used in production by a subset of users and on our proper infrastructure. We declare it as a new Long Term Support release. This release has been in development since early...| VyOS - Blog
Hello, community! VyOS 1.3.6 LTS release is here — with many bug fixes and security updates. The most important are fixes for denial of service vulnerabilities in the HTTPS API server and web proxy and more| VyOS - Blog
Hello, community! Curious what we've been up to in January? Our main focus is the final stabilization of the 1.4.0/Sagitta branch, and we will soon make the first EPA (Early Production Access) release — after that point, config syntax and behavior will not change in the 1.4 LTS release lifetime, and all radical changes will go to the upcoming 1.5/Circinus branch. Quite a lot of things are happening in the development branch, and many of those improvements are also backported to 1.4, includi...| VyOS - Blog
Hello, community! We're thrilled to announce that VyOS will be part of FOSDEM 2024, one of the most significant and vibrant events in the open-source world. We're excited to meet you there!| VyOS - Blog
Hello, Community! VyOS 1.4.0-rc3 image is now available for everyone to download and test. We are grateful to everyone who helped us test previously release candidate images. Thanks to your bug reports and pull requests, we fixed many bugs, including two that could cause the system to lock up at startup or shut down! We also did a lot of internal refactoring in January, but this image still has quite a few new features, including support for obtaining certificates from ACME providers (such as...| VyOS - Blog
that will improve the LTS release development process and make it easier for the community to participate in it.| blog.vyos.io
with package updates from Freexian extended LTS and a few small bug fixes.| blog.vyos.io
includes support for Suricata IDS, removal of UPnP in the rolling release, and many smaller improvements #vyos #project #update| blog.vyos.io
Learn how a company improved its hybrid infrastructure with VyOS routers integrated with AWS Cloud WAN, simplifying network setups and boosting site-to-cloud connection speed.| blog.vyos.io
is now available for download and will soon be on cloud marketplaces. Read on for upgrade tips and news! #vyos #lts #release #linux #networking| blog.vyos.io
with improved VPP data plane integration, new device support, enhanced stability, and expanded documentation. Explore the latest advancements now!| blog.vyos.io
will be complete by Thursday morning, and we'll keep you posted if anything unexpected happens.| blog.vyos.io
scheduled for Wednesday night. Our Phorge task tracker will be unavailable for a few hours, but the support portal and downloads will continue to work| blog.vyos.io
includes nitial implementation of CGNAT in rolling release and many other improvements, such as binding SSH to multiple VRFs and more!| blog.vyos.io
Hello, Community! This year, VyOS is featured in GigaOm Radar reports on disaggregated network operating systems again, this time as a challenger and outperformer. Let us discuss that in more detail, and remember that we are happy to share the reports with anyone interested — let us know and we will send them to you!| VyOS - Blog
Hello, Сommunity! The VyOS 1.4.0-epa3 (Early Production Access) release is now available to subscribers. It includes a fix for CVE-2024-2961 — the recently discovered buffer overflow vulnerability in GNU libc. This is the final EPA of 1.4.0/Sagitta release, which includes all supported flavors (hardware and virtual). It also includes a few configuration syntax changes (all automatically migrated) that were required to make old configs work or to unblock improvement paths, such as implement...| VyOS - Blog
is here, with a fix for CVE-2024-2961 (iconv() buffer overflow), improvements in PPPoE and VRRP commands, and a bunch of bug fixes.| blog.vyos.io
Hello, Community! Building customized images of VyOS for different platforms has become much easier now. The last bit of the revamped build flavor system has fallen into place: the ability to build image formats other than ISO. Some other options, such as the ability to include custom packages and files, have been there for a while, but recently we fixed a few issues with them. Let's review those improvements and see how to use them.| VyOS - Blog
It is simple: make a task in vyos.dev first, write an informative title and keep the git history clean. Discover valuable insights and tips by reading now!| blog.vyos.io
new guidelines are here. Learn how to create tasks that are easy for maintainers and contributors to work with and how to improve resolution times| blog.vyos.io
Is here, with new services available for config sync, LUKS support, and many small improvements in multiple components — read on for details!| blog.vyos.io
— all sound terrible, but their impact on VyOS was either non-existent or very limited. Read on for details!| blog.vyos.io
available for download, with a few small features and multiple bug fixes in migration scripts, firewall/NAT implementation, and other subsystems.| blog.vyos.io
