AdGuard Home - Package Updates

nebulon

[1.7.14]

• Update AdGuard Home to 0.108.0-b.42
• Full changelog
• Occasional client information lookup failures that could lead to the DNS server getting stuck (#6006).
• bufio.Scanner: token too long and other errors when trying to add filtering-rule lists with lines over 1024 bytes long or containing cosmetic rules (#6003).

nebulon

[1.7.15]

• Update AdGuard Home to 0.108.0-b.43
• Full changelog
• Go version has been updated to prevent the possibility of exploiting the CVE-2023-29409 Go vulnerability fixed in [Go 1.20.7][go-1.20.7].
• Improved reliability filtering-rule list updates on Unix systems.
• In this release, the schema version has changed from 24 to 25.
• Inability to block queries for the root domain, such as NS . queries, using the Disallowed domains feature on the DNS settings page (#6049). Users who want to block . queries should use the |.^ AdBlock rule or a similar regular expression.
• Client hostnames not resolving when upstream server responds with zero-TTL records (#6046).

girish

[1.7.16]

• Update AdGuard Home to 0.108.0-b.44
• Full changelog
• IPv6 hints are now filtered in case IPv6 addresses resolving is disabled (#6122).
• The ability to set fallback DNS servers in the configuration file (#3701).
• While adding or updating blocklists, the title can now be parsed from ! Title: definition of the blocklist's source (#6020).
• The ability to filter DNS HTTPS records including IPv4/v6 hints (#6053).
• Two new metrics showing total number of responses from each upstream DNS server and their average processing time in the Web UI (#1453).

girish

[1.8.0]

• Update AdGuard Home to 0.108.0-b.45
• Full changelog
• Go version has been updated to prevent the possibility of exploiting the CVE-2023-39318, CVE-2023-39319, and CVE-2023-39320 Go vulnerabilities fixed in Go 1.20.8.
• AdBlock-style syntax support for ignored domains in logs and statistics (#5720).
• Strict-Transport-Security header in the HTTP API and DNS-over-HTTPS responses when HTTPS is forced (#2998). See RFC 6797.
• UI for the schedule of the service-blocking pause (#951).

nebulon

[1.8.1]

• Update AdGuard Home to 0.108.0-b.46
• Full changelog
• Incorrect original answer when a response is filtered (#6183).
• Comments in the Fallback DNS servers field in the UI (#6182).
• Empty or default Safe Browsing and Parental Control settings (#6181).
• Various UI issues.

girish

[1.9.0]

• Update base image to 4.2.0

girish

[1.10.0]

• Update AdGuard Home to 0.108.0-b.47
• Full changelog
• Go version has been updated to prevent the possibility of exploiting the CVE-2023-39323 and CVE-2023-39325 Go vulnerabilities fixed in Go 1.20.9 and Go 1.20.10.
• Ability to edit static leases on DHCP settings page (#1700).
• Ability to specify for how long clients should cache a filtered response, using the Blocked response TTL field on the DNS settings page (#4569).

nebulon

[1.10.1]

• Update AdGuard Home to 0.108.0-b.47
• Full changelog
• "Block" and "Unblock" buttons of the query log moved to the tooltip menu (#684).
• Dashboard tables scroll issue (#6180).
• Issues with QUIC and HTTP/3 upstreams on FreeBSD (#6301).
• Panic on clearing query log (#6304).
• The time shown in the statistics is one hour less than the current time (#6296).

nebulon

[1.10.2]

• Update AdGuard Home to 0.108.0-b.49
• Full changelog
• Go version has been updated to prevent the possibility of exploiting the CVE-2023-45283 and CVE-2023-45284 Go vulnerabilities fixed in Go 1.20.11.
• Ability to specify subnet lengths for IPv4 and IPv6 addresses, used for rate limiting requests, in the configuration file (#6368).
• Ability to specify multiple domain specific upstreams per line, e.g. [/domain1/../domain2/]upstream1 upstream2 .. upstreamN (#4977).
• Increased the height of the ready-to-use filter lists dialog (#6358).
• Improved logging of authentication failures (#6357).
• New properties dns.ratelimit_subnet_len_ipv4 and dns.ratelimit_subnet_len_ipv6 have been added to the configuration file (#6368).
• Schedule timezone not being sent (#6401).
• Average request processing time calculation (#6220).
• Redundant truncation of long client names in the Top Clients table (#6338).
• Scrolling column headers in the tables (#6337).
• $important,dnsrewrite rules not overriding allowlist rules (#6204).
• Dark mode DNS rewrite background (#6329).
• Issues with QUIC and HTTP/3 upstreams on Linux (#6335).

girish

[1.10.3]

• Update AdGuard Home to 0.108.0-b.50
• Full changelog
• Ability to disable plain-DNS serving through configuration file if an encrypted protocol is already used (#1660).
• Ability to specify rate limiting settings in the Web UI (#6369).

nebulon

[1.10.4]

• Update AdGuard Home to 0.108.0-b.51
• Full changelog
• Go version has been updated to prevent the possibility of exploiting the CVE-2023-39326, CVE-2023-45283, and CVE-2023-45285 Go vulnerabilities fixed in Go 1.20.12.
• Ability to set client's custom DNS cache (#6263).
• Memory leak when using parallel queries (#6438).

girish

[1.10.5]

• Update AdGuard Home to 0.108.0-b.52
• Full changelog
• Etc timezones to the timezone list (#6568).
• The schema version of the configuration file to the output of running AdGuardHome (or AdGuardHome.exe) with -v --version` command-line options (#6545).
• Ability to disable plain-DNS serving via UI if an encrypted protocol is already used ([#1660]).

nebulon

[1.10.6]

• Update AdGuard Home to 0.108.0-b.53
• Full changelog
• Go version has been updated to prevent the possibility of exploiting the Go vulnerabilities fixed in Go 1.21.6 and Go 1.21.7.
• Ability to define custom directories for storage of query log files and statistics (#5992).
• Context menu item in the Query Log to add a Client to the Persistent client list (#6679).
• Incorrect tracking of the system hosts file's changes (#6711).
• “Invalid AddrPort” in the Private reverse DNS servers section on the Settings → DNS settings page.

girish

[1.10.7]

• Update AdGuard Home to 0.108.0-b.54
• Full changelog
• Go version has been updated to prevent the possibility of exploiting the Go vulnerabilities fixed in Go 1.21.8.
• Ability to disable the use of system hosts file information for query resolution (#6610).
• Private RDNS resolution (dns.use_private_ptr_resolvers in YAML configuration) now requires a valid "Private reverse DNS servers", when enabled (#6820).
• Statistics for 7 days displayed by day on the dashboard graph (#6712).
• Missing "served from cache" label on long DNS server strings (#6740).

nebulon

[1.10.8]

• Update AdGuard Home to 0.108.0-b.55
• Full changelog
• Go version has been updated to prevent the possibility of exploiting the Go vulnerabilities fixed in Go 1.22.3.
• Support for comments in the ipset file (#5345).
• Private rDNS resolution now also affects SOA and NS requests (#6882).
• Rewrite rules mechanics was changed due to improve resolving in safe search.
• Currently, AdGuard Home skips persistent clients that have duplicate fields when reading them from the configuration file. This behaviour is deprecated and will cause errors on startup in a future release.
• Acceptance of duplicate UIDs for persistent clients at startup. See also the section on client settings on the Wiki page.
• Domain specifications for top-level domains not considered for requests to unqualified domains (#6744).
• Support for link-local subnets, i.e. fe80::/16, as client identifiers (#6312).
• Issues with QUIC and HTTP/3 upstreams on older Linux kernel versions (#6422).
• YouTube restricted mode is not enforced by HTTPS queries on Firefox.
• Support for link-local subnets, i.e. fe80::/16, in the access settings (#6192).
• The ability to apply an invalid configuration for private rDNS, which led to server not starting.
• Ignoring query log for clients with ClientID set (#5812).
• Subdomains of in-addr.arpa and ip6.arpa containing zero-length prefix incorrectly considered invalid when specified for private rDNS upstream servers (#6854).
• Unspecified IP addresses aren't checked when using "Fastest IP address" mode (#6875).

girish

[1.10.9]

• Update AdGuard Home to 0.108.0-b.56
• Full changelog
• Broken private reverse DNS upstream servers validation causing update failures

girish

[1.10.10]

• Update AdGuard Home to 0.108.0-b.57
• Full changelog
• Security: Go version has been updated to prevent the possibility of exploiting the Go vulnerabilities fixed in Go 1.22.5.
• The ability to disable logging using the new log.enabled configuration property (#7079).
• Frontend rewritten in TypeScript.

Package Updates

[1.10.11]

• Update AdGuard Home to 0.108.0-b.58
• Full changelog
• We thank @itz-d0dgy for reporting this vulnerability, designated CVE-2024-36814, to us.
• Additionally, AdGuard Home will now try to change the permissions of its files and directories to more restrictive ones to prevent similar vulnerabilities as well as limit the access to the configuration.
• We thank @go-compile for reporting this vulnerability, designated CVE-2024-36586, to us.
• Go version has been updated to prevent the possibility of exploiting the Go vulnerabilities fixed in 1.23.2.
• Support for 64-bit RISC-V architecture (#5704).
• Ecosia search engine is now supported in safe search (#5009).

Package Updates

[1.10.12]

• Update AdGuard Home to 0.108.0-b.59
• Full changelog
• AdGuard Home now properly sets permissions to its files and directories on Windows
• Improved filtering performance (#6818).
• Repetitive statistics log messages (#7338).
• Custom client cache (#7250).
• Missing runtime clients with information from the system hosts file on first AdGuard Home start (#7315).

Package Updates

[1.10.13]

• Update AdGuard Home to 0.108.0-b.60
• Full Changelog