Newer
Older
* New reForis features
* Overview tab
* Storage plugin with option for persistent system logs
* Factory reset from web interface
* Support for Honeypot as a Service (haas.nic.cz)
* An option to set a router hostname
* Fix DHCP range configuration check
* A few design improvements
* WebApps: New graphical design with optional dark mode
* Sentinel: Introduce replacement for firewall logs collector
* Turris MOX: Update firmware for SDIO card
* Add RIPE Atlas SW probe and netdata as package lists
5.1.5
-----
* Fix for OpenVPN client when filename has multiple dots or dashes
* Fixed bug in reForis in setting up custom mail server for notifications
* Improvements regarding Data Collection in migration script from Turris OS 3.x
5.1.4
-----
* Update DNS rules based on DNS Flag Day 2020
* Fixed issue in Netboot list while using opt-in migration from Turris OS 3.x
* Several other fixes
5.1.3
-----
* Fixed issue when CA for OpenVPN was not created in some cases
* Make factory reset on Turris Shield easier - long pressing RESET button does factory reset
5.1.2
-----
* Changed priority of port forwarding for data collect firewall to not overrule user's rules.
* Fixed issue with data collect firewall logs collecting in some cases causing high system load
5.1.1
-----
* Based on the latest OpenWrt 19.07.4
* Various security updates
* Introduced new data collection system Sentinel
* reForis (future default web interface)
* Now installed by default
* Added NetMetr, OpenVPN client, and remote devices plugins
* Package lists
* Expanded with labels and additional options
* Added option to select alternative WiFi drivers
* Nextcloud updated to version 18
* Removed old Device Detection based on Suricata
5.0.4
-----
* Guest network on Turris MOX SDIO card is now supported
* Updated WireGuard, Knot Resolver and Nextcloud
* Syslog-ng detect disabled IPv6 on loopback and fallback to IPv4
5.0.2
-----
* Hotfixed OpenSSL on Turris 1.x routers
* Knot Resolver DNSSEC root key is now read only (not periodically updated)
5.0.1
-----
* Improved experimental migration from Turris OS 3.x
* Prevent updates overwrite cron configuration file
* Add possibility to backup public key for RIPE Atlas probe
* Based on latest OpenWrt 19.07 and Linux 4.14
* New features for reForis including remote control and snapshots integration
* Add secondary DNS servers and enable TLS for Google DNS
* Replaced Vixie-cron with cronie
* Webapps: Forward to HTTPS if possible
* Updater: Drop compatibility for releases before v4.0-beta2
* MOX: I2C-1 on GPIO pinheader is now enabled
4.0.6
-----
* updater: fix packages provides and modify virtual packages behavior
* kernel: updated to version 4.14.167
* zerotier: add /etc/config/zerotier as configuration file
* avrdude: fix GPIO path building
* mbedtls: updated to version 2.16.4
Fixes: CVE-2019-18222
* tiff: updated to version 4.1.0
Fixes: CVE-2019-14973, CVE-2019-17546, CVE-2019-7663, CVE-2019-6128
4.0.5
-----
* Based on the latest OpenWrt 18.06.6
* kernel: update to version 4.14.162
* python3: update to version 3.6.10
* wget: fix CVE-2019-5953
* unbound: update to version 1.9.6
* php7: update to version 7.2.26
Fixes: CVE-2019-11044, CVE-2019-11045, CVE-2019-11046, CVE-2019-11047, CVE-2019-11050
* nano: update to version 4.7
* openssl: update to version 1.0.2u
* bird: update to version 1.6.8
* reforis: update to the latest development version, adds openvpn-plugin
* ffmpeg: update to version 4.0.5
Fixes: CVE-2019-12730, CVE-2019-17539, CVE-2019-17542
* e2fsprogs: fix CVE-2019-5094
* christmas: removed from default installation
4.0.4
-----
* Not found
4.0.3
-----
* Merry Christmas!
🔔🔔🔔
* kernel: updated to version 4.14.158
* foris-controller-subordinates-module: limit custom name length
* tvheadend: ensure the first setup works
* libvpx: fix CVE-2019-9232, CVE-2019-9325, CVE-2019-9371, CVE-2019-9433
* git: updated to version 2.16.6, fix multiple CVEs
* Based on the latest OpenWrt 18.06.5
* added missing hardening package list
* fixed autodetection of router address in Foris OpenVPN
* irssi: updated to version 1.2.2, fix CVE-2019-15717
* sudo: updated to version 1.8.28p1, fix CVE-2019-14287
* bind: updated to version 9.11.13, fix CVE-2019-6477
* openldap: updated to version 2.4.48, fix CVE-2019-13565
* libpcap: updated to version 1.9.1, fix CVE-2019-1516{1,2,3,4,5}
* tcpdump: updated to version 4.9.3, fix multiple CVEs
* python: updated to version 2.7.17
* php7: updated to version 7.2.25, fix CVE-2019-11043, CVE-2019-11042
* mariadb: updated to version 10.4.10, fix CVE-2019-2974, CVE-2019-2938
* foris: updated to version 100.6
* foris-controller: updated to version 1.0.6
* python[3]-cryptography: fix CVE-2018-10903
* ustream-ssl: CVE-2019-5101, CVE-2019-5102
* unbound: updated to version 1.9.5, fix CVE-2019-18934
* haproxy: updated to version 1.8.23, fix CVE-2019-19330
* lxc: fix CVE-2019-5736
* tor: updated to version 4.1.6
* nano: updated to version 4.6
* libiconv: updated to version 1.16
* enable RTC NVMEM access for Turris 1.x
* luci-compat, lmdb: new packages
4.0.1
-----
* include eeprom drive in Omnia medkits (used in some tests)
* fix reForis dependencies
* expat: updated to version 2.2.9, fix CVE-2018-20843, CVE-2019-15903
* python[2,3]: fix CVE-2019-16056, CVE-2019-16935
* libgcrypt: fix CVE-2019-13627
* mosquitto: updated to version 1.5.9, fix CVE-2019-11779
* python-crypto: fix CVE-2013-7459 and CVE-2018-6594
* security fix for Foris translation
* unbound: update to version 1.9.4, fix CVE-2019-16866
* haveged: update to version 1.9.8
* nextcloud: update to version 16.0.5
* nano: update to version 4.5
* python3-pip: fix shebang
* experimental support for multiple drives in storage plugin
* hostapd: fix CVE-2019-16275
* zmq: fix CVE-2019-13132
* django: updated to version 1.8.19, fix CVE-2018-753{6,7}
* mariadb: updated to version 10.4.8
* haveged: updated to version 1.9.6
* keepalived: update to version 1.4.5, fix CVE-2018-19115
* lighttpd: updated to version 1.4.54, fix CVE-2019-11072
* libarchive: updated to version 3.4.0, multiple CVE fixes
* bind: updated to version 9.11.10, multiple CVE fixes
* dovecot: updated to version 2.2.36.4, fix CVE-2019-7524
* pigeonhole: updated to version 0.4.24.2, fix CVE-2019-11500
* nano: updated to version 4.4
* unbound: updated to version 1.9.3
* nextcloud: updated to version 16.0.4
* bzip2: fix CVE-2019-12900
* wget: fix CVE-2018-20483
* wolfssl: fix CVE-2018-16870, CVE-2019-13628
* iptables: fix CVE-2019-11360
* tar: fix CVE-2018-20482, CVE-2019-9923
* musl: fix CVE-2019-14697
* patch: fix CVE-2019-1363{6,8}
* apinger: updated to the latest git revision
* speedtest-netperf: new package
4.0-beta9
---------
* golang: fix for CVE-2018-1687{3,4,5}, CVE-2019-6486
* squid: update to version 3.5.28
* foris: fix AttributeError password_set
4.0-beta8
---------
* nextcloud: updated to version 16.0.3
* mariadb: updated to version 10.4.7
* nodogsplash: updated to version 4.0.1
* libaio: updated to version 0.3.112
* libdouble-conversion: updated to version 3.1.4
* subversion: fix for CVE-2018-11782, CVE-2019-0203, CVE-2018-11803
* kernel: fix for CVE-2019-3846, CVE-2019-3900
4.0-beta7
---------
* python3: updated to version 3.6.9
* python2: updated to version 2.7.16
* python{2,3}: fix for CVE-2018-20852
4.0-beta6
---------
* Based on latest OpenWrt 18.06.4
* Fixed Foris error manifesting in network tab in some configurations
* irssi: CVE-2019-13045
* asterisk{13,15}: fix AST-2019-003
* Initial support for Nextcloud setup from Foris
* Storage plugin is now part of the base installation
* Added CESNET feed with Nemea
* Fixed kernel panic sometimes occurring on Omnia
4.0-beta4
---------
* foris: fixed issue when English was the only language
* php7: updated to 7.2.17
* libxml2: updated to 2.9.9, fixed CVE-2018-14404
* hostapd: fixed CVE-2019-949{4,5,6,7,8,9}, CVE-2019-11555
* block-mount: fix restart of fstab service
4.0-beta3
---------
* improved netboot to support remote management
* syslog-ng service stop fix
* updater: packages removal happens now at the same time as packages installation
* fosquitto: simplified init and respawn
* knot 2.7.7
* kernel: CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
4.0-beta2
---------
* New implementation of dev-detect which does not depend on Pakon (experimental)
* Fixed default encryption method for passwd from package shadow. Reset your
system user's passwords (including root) if you set them by passwd.
* LXC fixes for systemd based hosts
* Foris: packages lists UI reworked
* Foris: improved "no link" message in WAN tab
* Netmetr: fixed initial setup
* Nextcloud: dropped duplicate Referrer-Policy and updated to 16.0.1
* Commit hash replaced with router name in banner
* Suricata updated to version 4.0.7
* kmod-usb2 is now part of base installation
* ACL enabled for BTRFS
* libxslt: CVE-2019-11068
* prosody: CVE-2018-10847
* python-urllib3: CVE-2019-9740, CVE-2019-11324
* New version of updater-ng with completely rewritten network backend which
dramatically decreases memory consumption during update.
* Fixed problem in updater-supervisor which caused updater to behave as
deactivated even if user set it otherwise.
* Nextcloud updated to latest version (15.0.7)
* Fixed crash on time tab in Foris on devices without Wi-Fi
* switch-branch now reinstalls all packages on branch switch to mitigate problems
when switching to and from HBD (OpenWRT master <-> OpenWRT 18.06).
* Default setting of IPv6 in Foris is now DHCPv6
* Fixed IPv6 prefix delegation in default installation
* Foris now correctly displays steps in initial setup guide
* Fix rainbow in Luci on Omnia
* Do not use ath10k-ct on Omnia
* Improved LXC support and fixes (some issues still remain)
* System logs and lograte changed to limit logs size
* Added basic support for Turris OS 3.x migration
* Python3 updated to 3.6.8
* Repository path on repo.turris.cz changed (in compatible way)
* Production addresses for CZ.NICs ODVR including DNS over TLS support
4.0-alpha5
----------
* Fixed Foris updater tab crash on new installation
* Fixed crash when Pakon was invoked with empty database
* libssl2 CVE fixes
* Mozilla IOT gateway updated to 0.6.0
* added uboot mkimage package
4.0-alpha4
----------
* Fixed compilation of Tvheadend that was missing in alpha3
* Fixed problem with notifications containing _() if no language was installed
* atsha204 fix for potential security issue
* Added support for Mox OTP (command mox-otp)
* Fixed LEDs on Omnia (rainbow)
* SFP on Omnia can be now used by changing used device tree
* Updater-ng should now require less memory to update system
* Domains of DHCP clients in DNS were fixed
* Various packages updates and new Luci theme called Rosy
4.0-alpha2
----------
* Based on latest OpenWRT 18.06.2
* New Updater configuration (requires updater reconfiguration!)
* Packages lists cleaned up and some unmaintained ones were dropped
* New version of Foris with new backend bus based on MQTT
* Upstream versions for some primary packages were backported
* Fixed compilation for most of the packages
* And other small fixes in a lot of system utilities
* Rebased on latest OpenWRT
* Turris 1.x migrated to musl libc