AdGuard Home - Package Updates
Pinned
AdGuard Home
-
[1.4.1]
- Update AdGuard Home to 0.107.2
- Full changelog
- Infinite loops when TCP connections time out (#4042).
- The validation error message for duplicated allow- and blocklists in DNS settings now shows the duplicated elements (#3975).
- ipset initialization bugs (#4027).
- Legacy DNS rewrites from a wildcard pattern to a subdomain (#4016).
- Service not being stopped before running the uninstall service action (#3868).
- Legacy DNS rewrites responding from upstream when a request other than A or AAAA is received (#4008).
- Panic on port availability check during installation (#3987).
- Incorrect application of rules from the OS's hosts files (#3998).
-
[1.4.2]
- Update AdGuard Home to 0.107.3
- Full changelog
- Support for a $dnsrewrite modifier with an empty NOERROR response (#4133).
- Wrong set of ports checked for duplicates during the initial setup (#4095).
- Incorrectly invalidated service domains (#4120).
- Poor testing of domain-specific upstream servers (#4074).
- Omitted aliases of hosts specified by another line within the OS's hosts file (#4079).
-
[1.4.3]
- Update AdGuard Home to 0.107.4
- Full changelog
- Go version was updated to prevent the possibility of exploiting the CVE-2022-23806, CVE-2022-23772, and CVE-2022-23773 vulnerabilities.
- Minor UI improvements.
- Optimistic cache now responds with expired items even if those can't be resolved again (#4254).
- Unnecessarily complex hosts-related logic leading to infinite recursion in some cases (#4216).
-
[1.4.4]
- Update AdGuard Home to 0.107.5
- Full changelog
- Go version was updated to prevent the possibility of exploiting the CVE-2022-24921 vulnerability. As the CVE page is still showing “reserved” at the time of publishing, see also golang/go#51112.
-
-
[1.4.5]
- Update AdGuard Home to 0.107.6
- Full changelog
- Go version was updated to prevent the possibility of exploiting the CVE-2022-24675, CVE-2022-27536, and CVE-2022-28327 vulnerabilities.
- Support for SVCB/HTTPS parameter dohpath in filtering rules with the dnsrewrite modifier according to the RFC draft (#4463).
- Filtering rules with the dnsrewrite modifier that create SVCB or HTTPS responses should use ech instead of echconfig to conform with the latest drafts.
-
[1.4.7]
- Update AdGuard Home to 0.107.7
- Full changelog
- DNS-over-QUIC: RFC 9250
- More Control Over Upstreams
- Users now have more control over how runtime client information is gathered, including the ability to completely disable this feature.
- The EDNS Client Subnet information from clients' requests is now shown on the Query log page.
- As usual, we strive to keep our tools up-to-date in order to make sure that our users don't fall prey to vulnerabilities.
- There are many more smaller changes and fixes; just look at the full changelog below!
-
[1.4.8]
- Update AdGuard Home to 0.107.8
- Full changelog
- Go version was updated to prevent the possibility of exploiting the CVE-2022-1705, CVE-2022-32148, CVE-2022-30631, and other Go vulnerabilities fixed in Go 1.17.12.
- DHCP lease validation incorrectly letting users assign the IP address of the gateway as the address of the lease (#4698).
- Updater no longer expects a hardcoded name for AdGuardHome executable (#4219).
- Inconsistent names of runtime clients from hosts files (#4683).
- PTR requests for addresses leased by DHCP will now be resolved into hostnames under dhcp.local_domain_name (#4699).
- Broken service installation on OpenWrt (#4677).
-
[1.4.9]
- Update AdGuard Home to 0.107.9
- Full changelog
- Go version was updated to prevent the possibility of exploiting the CVE-2022-32189 Go vulnerability fixed in Go 1.18.5. Go 1.17 support has also been removed, as it has reached end of life and will not receive security updates.
- Domain-specific upstream servers test. If such test fails, a warning message is shown (#4517).
- UI and update links have been changed to make them more resistant to DNS blocking.
- Several UI issues (#4775, #4776, #4782).
-
[1.4.10]
- Update AdGuard Home to 0.107.10
- Full changelog
- Arabic localization.
- Support for Discovery of Designated Resolvers (DDR) according to the RFC draft (#4463).
- DHCP not working on most OSs (#4836).
- invalid argument errors during update checks on older Linux kernels (#4670).
- Data races and concurrent map access in statistics module (#4358, #4342).
-
[1.5.0]
- Update AdGuard Home to 0.108.0
- Full changelog
- New bool, dur, u8, and u16 DHCP options to provide more convenience on options control by setting values in a human-readable format (#4705). See also a Wiki page.
- New del DHCP option which removes the corresponding option from server's response (#4337). See also a Wiki page.
- A new HTTP API, GET /control/blocked_services/services, that lists all available blocked services (#4535).
- The DHCP options handling is now closer to the RFC 2131 (#4705).
- When the DHCP server is enabled, queries for domain names under dhcp.local_domain_name not pointing to real DHCP client hostnames are now processed by filters (#4865).
- The DHCPREQUEST handling is now closer to the RFC 2131 (#4863).
- The internal DNS client, used to resolve hostnames of external clients and also during automatic updates, now respects the upstream mode settings for the main DNS client (#4403).
-
[1.5.2]
- Update AdGuard Home to 0.108.0-b.17
- Full changelog
- Security: As an additional CSRF protection measure, AdGuard Home now ensures that requests that change its state but have no body (such as POST /control/stats_reset requests) do not have a Content-Type header set on them
-
[1.5.3]
- Update AdGuard Home to 0.108.0-b.18
- Full changelog
- Go version has been updated to prevent the possibility of exploiting the CVE-2022-2879, CVE-2022-2880, and CVE-2022-41715 Go vulnerabilities fixed in Go 1.18.7.
- The ability to put ClientIDs into DNS-over-HTTPS hostnames as opposed to URL paths (#3418). Note that AdGuard Home checks the server name only if the URL does not contain a ClientID.
-
[1.5.4]
- Update AdGuard Home to 0.108.0-b.19
- Full changelog
The new optional tls.override_tls_ciphers property, which allows overriding TLS ciphers used by AdGuard Home (#4925, #4990). - The ability to serve DNS on link-local IPv6 addresses (#2926).
-
[1.5.5]
- Update AdGuard Home to 0.108.0-b.20
- Full changelog
- The warning message when adding a certificate having no IP addresses (#4898).
- Several new blockable services (#3972). Those will now be more in sync with the services that are already blockable in AdGuard DNS.
- A new HTTP API, GET /control/blocked_services/all, that lists all available blocked services and their data, such as SVG icons (#3972).
- The ability to put ClientIDs into DNS-over-HTTPS hostnames as opposed to URL paths (#3418). Note that AdGuard Home checks the server name only if the URL does not contain a ClientID.