RELIANOID 8.5 Enterprise Edition is now available, delivering enhanced platform security with UEFI Secure Boot, a hardened Debian Bookworm 12.13 base, kernel upgrade, and comprehensive vulnerability remediation for enterprise-grade reliability.
Changelog
New features:
[system] based on Debian Bookworm 12.13
[system] introduce Secure Boot UEFI support
[system] kernel update to 6.1.159-1-noid0
[system] introduce support for third party APT sources
Improvements:
[webui] enable HSTS for web ui server
[webui] update Angular patches
[system] introduce obsolete packages cleanup in noid-updater
[letsencrypt] free-up old archive files
[webui] improve webui load after activation certificate upload
[ipds] several waf improvements
[ipds] improve ipds migration files
[backup] removal of obsolete parameters
[farmguardian] solve farmguardian warnings
Bugfixes:
[ipds] fix bulk loading of CRS waf rulesets
[webui] remove eproxy single ssl cert selector
[system] vulnerabilities solved: CVE-2025-14087, CVE-2025-15467, CVE-2025-66418, CVE-2026-21441, CVE-2026-2004, CVE-2026-2005, CVE-2026-2006, CVE-2026-1642, CVE-2025-62291, CVE-2025-41244, CVE-2025-6020, CVE-2025-68973, CVE-2025-13601, CVE-2025-11234, CVE-2025-69420, CVE-2025-69421, CVE-2025-69419, CVE-2025-64720, CVE-2025-65018, CVE-2025-66293, CVE-2025-14512, CVE-2025-9714, CVE-2025-50181, CVE-2025-64505, CVE-2025-64506, CVE-2025-12818, CVE-2024-22365, CVE-2026-22795, CVE-2026-22796, CVE-2025-68160, CVE-2025-69277, CVE-2025-10158, CVE-2026-2003, CVE-2025-69418, CVE-2025-12817, CVE-2025-68615
Release Notes
RELIANOID 8.5 Enterprise Edition delivers a major step forward in platform security, system integrity, and long-term maintainability. This release reinforces RELIANOID’s security-first strategy with Secure Boot support, kernel and OS upgrades, enhanced Web UI protections, and an extensive set of vulnerability fixes, while continuing to improve usability and operational efficiency across the stack.
The system foundation has been upgraded to Debian Bookworm 12.13, ensuring access to the latest security patches, performance improvements, and long-term support updates. The Linux kernel has been updated to 6.1.159-1-noid0, providing improved hardware compatibility, stability, and security hardening. A key milestone in this release is the introduction of UEFI Secure Boot support, enabling cryptographic verification of the boot chain and significantly strengthening protection against low-level tampering and unauthorized system modifications. Additionally, RELIANOID 8.5 introduces support for safe third-party APT repositories, giving administrators greater flexibility to integrate trusted external packages while maintaining centralized update control.
Security and reliability improvements extend into the Web User Interface. HSTS (HTTP Strict Transport Security) is now enabled for the Web UI server, enforcing secure HTTPS connections and reducing the risk of downgrade and man-in-the-middle attacks. Angular dependencies have been updated with the latest patches, and Web UI performance has been improved during and after activation certificate uploads, resulting in faster and more consistent access to the management interface.
System lifecycle management has also been refined. The noid-updater now includes automated cleanup of obsolete packages, helping keep systems lean and reducing upgrade complexity. Let’s Encrypt maintenance routines have been improved by freeing old archive files, optimizing disk usage over time. Backup and configuration subsystems have been streamlined through the removal of deprecated parameters, while FarmGuardian warnings have been addressed to ensure clearer diagnostics and more predictable behavior.
The IPDS and WAF components receive several important enhancements in this release. Web Application Firewall capabilities have been improved, migration files refined for smoother upgrades, and bulk loading of CRS WAF rulesets fixed to ensure reliable policy deployment at scale. These changes strengthen application-layer protection while simplifying ongoing administration.
RELIANOID 8.5 also delivers a comprehensive set of security fixes, resolving a large number of vulnerabilities across system libraries, kernel components, and supporting services. High- and critical-severity CVEs affecting privilege escalation, memory handling, denial-of-service conditions, and cryptographic operations have been mitigated, significantly improving the overall security posture of the platform. This extensive patch set reflects RELIANOID’s commitment to proactive vulnerability management and enterprise-grade hardening.
Overall, RELIANOID 8.5 Enterprise Edition is a security-focused release designed for organizations that demand strong platform integrity, controlled extensibility, and dependable operations. With Secure Boot support, a modernized system base, hardened Web UI access, and broad vulnerability remediation, this version provides a robust foundation for secure application delivery in demanding enterprise environments.
Resources
Download Latest RELIANOID Load Balancer Enterprise Edition
Enterprise Edition v8 Administration Guide
Configuring Secure Boot for RELIANOID Enterprise Edition Documentation
What’s new in RELIANOID EE v8
Related Blogs
