Merge branch 'master' into 4990-custom-ciphers
This commit is contained in:
Ainar Garipov
95
CHANGELOG.md
95
CHANGELOG.md
@@ -11,30 +11,80 @@ and this project adheres to
|
||||
|
||||
## [Unreleased]
|
||||
|
||||
|
||||
### Added
|
||||
|
||||
- The new optional `tls.override_tls_ciphers` property list, which can be set in
|
||||
the configuration file. It allows overriding TLS Ciphers that are used for
|
||||
https listeners ([#4925])
|
||||
|
||||
[#4925]: https://github.com/AdguardTeam/AdGuardHome/issues/4925
|
||||
|
||||
<!--
|
||||
## [v0.108.0] - TBA (APPROX.)
|
||||
-->
|
||||
|
||||
## Added
|
||||
|
||||
- The new optional `tls.override_tls_ciphers` property, which allows
|
||||
overriding TLS ciphers used by AdGuard Home ([#4925], [#4990]).
|
||||
- The ability to serve DNS on link-local IPv6 addresses ([#2926]).
|
||||
- The ability to put [ClientIDs][clientid] into DNS-over-HTTPS hostnames as
|
||||
opposed to URL paths ([#3418]). Note that AdGuard Home checks the server name
|
||||
only if the URL does not contain a ClientID.
|
||||
|
||||
### Changed
|
||||
|
||||
- Responses with `SERVFAIL` code are now cached for at least 30 seconds.
|
||||
|
||||
### Fixed
|
||||
|
||||
- The default value of `dns.cache_size` accidentally set to 0 has now been
|
||||
reverted to 4 MiB ([#5010]).
|
||||
- Responses for which the DNSSEC validation had explicitly been omitted aren't
|
||||
cached now ([#4942]).
|
||||
- Web UI not switching to HTTP/3 ([#4986], [#4993]).
|
||||
|
||||
[#2926]: https://github.com/AdguardTeam/AdGuardHome/issues/2926
|
||||
[#3418]: https://github.com/AdguardTeam/AdGuardHome/issues/3418
|
||||
[#4925]: https://github.com/AdguardTeam/AdGuardHome/issues/4925
|
||||
[#4942]: https://github.com/AdguardTeam/AdGuardHome/issues/4942
|
||||
[#4986]: https://github.com/AdguardTeam/AdGuardHome/issues/4986
|
||||
[#4990]: https://github.com/AdguardTeam/AdGuardHome/issues/4990
|
||||
[#4993]: https://github.com/AdguardTeam/AdGuardHome/issues/4993
|
||||
[#5010]: https://github.com/AdguardTeam/AdGuardHome/issues/5010
|
||||
|
||||
[clientid]: https://github.com/AdguardTeam/AdGuardHome/wiki/Clients#clientid
|
||||
|
||||
|
||||
|
||||
<!--
|
||||
## [v0.107.16] - 2022-11-02 (APPROX.)
|
||||
## [v0.107.17] - 2022-11-02 (APPROX.)
|
||||
|
||||
See also the [v0.107.16 GitHub milestone][ms-v0.107.15].
|
||||
See also the [v0.107.17 GitHub milestone][ms-v0.107.17].
|
||||
|
||||
<<<<<<< HEAD
|
||||
[ms-v0.107.16]: https://github.com/AdguardTeam/AdGuardHome/milestone/52?closed=1
|
||||
||||||| bf792b83f
|
||||
[ms-v0.107.16]: https://github.com/AdguardTeam/AdGuardHome/milestone/52?closed=1
|
||||
=======
|
||||
[ms-v0.107.17]: https://github.com/AdguardTeam/AdGuardHome/milestone/52?closed=1
|
||||
>>>>>>> master
|
||||
-->
|
||||
|
||||
|
||||
<<<<<<< HEAD
|
||||
||||||| bf792b83f
|
||||
|
||||
=======
|
||||
|
||||
## [v0.107.16] - 2022-10-07
|
||||
|
||||
This is a security update. There is no GitHub milestone, since no GitHub issues
|
||||
were resolved.
|
||||
|
||||
## Security
|
||||
|
||||
- Go version has been updated to prevent the possibility of exploiting the
|
||||
CVE-2022-2879, CVE-2022-2880, and CVE-2022-41715 Go vulnerabilities fixed in
|
||||
[Go 1.18.7][go-1.18.7].
|
||||
|
||||
[go-1.18.7]: https://groups.google.com/g/golang-announce/c/xtuG5faxtaU
|
||||
|
||||
|
||||
|
||||
>>>>>>> master
|
||||
## [v0.107.15] - 2022-10-03
|
||||
|
||||
See also the [v0.107.15 GitHub milestone][ms-v0.107.15].
|
||||
@@ -57,7 +107,7 @@ experimental and may break or change in the future.
|
||||
explicitly enabled by setting the new property `dns.serve_http3` in the
|
||||
configuration file to `true`.
|
||||
- DNS-over-HTTP upstreams can now upgrade to HTTP/3 if the new configuration
|
||||
file property `use_http3_upstreams` is set to `true`.
|
||||
file property `dns.use_http3_upstreams` is set to `true`.
|
||||
- Upstreams with forced DNS-over-HTTP/3 and no fallback to prior HTTP versions
|
||||
using the `h3://` scheme.
|
||||
|
||||
@@ -171,7 +221,7 @@ See also the [v0.107.12 GitHub milestone][ms-v0.107.12].
|
||||
|
||||
### Security
|
||||
|
||||
- Go version was updated to prevent the possibility of exploiting the
|
||||
- Go version has been updated to prevent the possibility of exploiting the
|
||||
CVE-2022-27664 and CVE-2022-32190 Go vulnerabilities fixed in
|
||||
[Go 1.18.6][go-1.18.6].
|
||||
|
||||
@@ -292,7 +342,7 @@ See also the [v0.107.9 GitHub milestone][ms-v0.107.9].
|
||||
|
||||
### Security
|
||||
|
||||
- Go version was updated to prevent the possibility of exploiting the
|
||||
- Go version has been updated to prevent the possibility of exploiting the
|
||||
CVE-2022-32189 Go vulnerability fixed in [Go 1.18.5][go-1.18.5]. Go 1.17
|
||||
support has also been removed, as it has reached end of life and will not
|
||||
receive security updates.
|
||||
@@ -335,7 +385,7 @@ See also the [v0.107.8 GitHub milestone][ms-v0.107.8].
|
||||
|
||||
### Security
|
||||
|
||||
- Go version was updated to prevent the possibility of exploiting the
|
||||
- Go version has been updated to prevent the possibility of exploiting the
|
||||
CVE-2022-1705, CVE-2022-32148, CVE-2022-30631, and other Go vulnerabilities
|
||||
fixed in [Go 1.17.12][go-1.17.12].
|
||||
|
||||
@@ -371,7 +421,7 @@ See also the [v0.107.7 GitHub milestone][ms-v0.107.7].
|
||||
|
||||
### Security
|
||||
|
||||
- Go version was updated to prevent the possibility of exploiting the
|
||||
- Go version has been updated to prevent the possibility of exploiting the
|
||||
[CVE-2022-29526], [CVE-2022-30634], [CVE-2022-30629], [CVE-2022-30580], and
|
||||
[CVE-2022-29804] Go vulnerabilities.
|
||||
- Enforced password strength policy ([#3503]).
|
||||
@@ -528,7 +578,7 @@ See also the [v0.107.6 GitHub milestone][ms-v0.107.6].
|
||||
### Security
|
||||
|
||||
- `User-Agent` HTTP header removed from outgoing DNS-over-HTTPS requests.
|
||||
- Go version was updated to prevent the possibility of exploiting the
|
||||
- Go version has been updated to prevent the possibility of exploiting the
|
||||
[CVE-2022-24675], [CVE-2022-27536], and [CVE-2022-28327] Go vulnerabilities.
|
||||
|
||||
### Added
|
||||
@@ -583,7 +633,7 @@ were resolved.
|
||||
|
||||
### Security
|
||||
|
||||
- Go version was updated to prevent the possibility of exploiting the
|
||||
- Go version has been updated to prevent the possibility of exploiting the
|
||||
[CVE-2022-24921] Go vulnerability.
|
||||
|
||||
[CVE-2022-24921]: https://www.cvedetails.com/cve/CVE-2022-24921
|
||||
@@ -596,7 +646,7 @@ See also the [v0.107.4 GitHub milestone][ms-v0.107.4].
|
||||
|
||||
### Security
|
||||
|
||||
- Go version was updated to prevent the possibility of exploiting the
|
||||
- Go version has been updated to prevent the possibility of exploiting the
|
||||
[CVE-2022-23806], [CVE-2022-23772], and [CVE-2022-23773] Go vulnerabilities.
|
||||
|
||||
### Fixed
|
||||
@@ -1333,11 +1383,12 @@ See also the [v0.104.2 GitHub milestone][ms-v0.104.2].
|
||||
|
||||
|
||||
<!--
|
||||
[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.16...HEAD
|
||||
[v0.107.16]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.15...v0.107.15
|
||||
[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.17...HEAD
|
||||
[v0.107.17]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.16...v0.107.17
|
||||
-->
|
||||
|
||||
[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.15...HEAD
|
||||
[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.16...HEAD
|
||||
[v0.107.16]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.15...v0.107.16
|
||||
[v0.107.15]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.14...v0.107.15
|
||||
[v0.107.14]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.13...v0.107.14
|
||||
[v0.107.13]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.12...v0.107.13
|
||||
|
||||
Reference in New Issue
Block a user