Line 6: |
Line 6: |
| | | |
| ==Changelog== | | ==Changelog== |
| + | <!--NEW_FW--> |
| + | ===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.7.3/RUTX/RUTX_R_00.07.07.3_WEBUI.bin RUTX_R_00.07.07.3]</span></b> | 2024.06.25=== |
| + | * <b>Fix</b> |
| + | ** <b>Network</b> |
| + | *** WebUI: fixed port advertisement change |
| + | ** <b>System</b> |
| + | *** FOTA: fixed config when upgrading from older firmware with keep settings |
| + | * <b>CVE Patches</b> |
| + | ** CVE-2024-31950 |
| + | ** CVE-2024-31951 |
| + | ---- |
| + | ===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.7.2/RUTX/RUTX_R_00.07.07.2_WEBUI.bin RUTX_R_00.07.07.2]</span></b> | 2024.06.12=== |
| + | * <b>Improvements</b> |
| + | ** <b>Network</b> |
| + | *** Zerotier: added backup WAN interface blacklisting if WAN failover is enabled |
| + | ** <b>Services</b> |
| + | *** SNMP: added bruteforce attack prevention when using SNMP v3 user |
| + | *** L2TP: improved reconnect attempt logic |
| + | *** Wireless: removed unnecessary information from system logs |
| + | ** <b>System</b> |
| + | *** SSH: removed weak SSH algorithms |
| + | *** Telnet: moved to Package Manager |
| + | * <b>Fix</b> |
| + | ** <b>Network</b> |
| + | *** BGP: fixed instance migration issues |
| + | *** HNAT: fixed cases of unintended forwarding when LAN and WAN subnets overlap |
| + | *** HNAT: fixed instances of device misrouting packets to wired LAN when 'Hardware Flow Offloading' was enabled |
| + | *** Wireless: fixed connection issues after disabling encryption |
| + | ** <b>Services</b> |
| + | *** DMVPN: fixed duplicate NHRP map entries creation |
| + | *** OpenVPN: added fixes for the insecure tls-cert-profile option usage |
| + | ** <b>System</b> |
| + | *** IP Block: fixed blocking of UDP traffic |
| + | *** Ledman: fixed WiFi LED indication when WiFi configuration is changed |
| + | * <b>CVE Patches</b> |
| + | ** CVE-2024-31948 |
| + | ---- |
| + | ===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.7.1/RUTX/RUTX_R_00.07.07.1_WEBUI.bin RUTX_R_00.07.07.1]</span></b> | 2024.05.03=== |
| + | ---- |
| + | * <b>New</b> |
| + | ** <b>Network</b> |
| + | *** WebUI: added internet status tracking configuration and overview widget |
| + | *** LAN: added a new IPv6 LAN status page |
| + | *** Static Leases: added a new IPv6 Static Leases page |
| + | *** WebUI: added custom domain name resolve option in “DNS” configuration page |
| + | *** Failover: added additional connection flush options |
| + | *** Wireless: added auto-reconnect disable functionality |
| + | *** Wireless: added ability to use PKCS#12 certificates for EAP-TLS authentication |
| + | *** VRF: added initial Virtual Routing and Forwarding support |
| + | ** <b>Services</b> |
| + | *** Post/Get: added I/O invert support |
| + | *** DLMS Client: added persistent TCP connections |
| + | *** Events Reporting: added unexpected shutdown event |
| + | *** Modbus Client: added 64bit data types |
| + | *** IPerf3: added iPerf3 to Package Manager |
| + | *** DNP3 Outstation: added I/O objects |
| + | *** Hotspot: added domain and subdomain options for external landing page |
| + | *** Over IP: added option 'Keep alive enable' |
| + | ** <b>System</b> |
| + | *** WebUI: added the ability to generate random passwords for password input fields |
| + | *** WebUI: added reset to “Factory defaults” option |
| + | *** System: changed firmware certificate verification tool |
| + | *** IP Block: added time-based login attempt blocking |
| + | *** WebUI: added firmware update notification support |
| + | *** PAM: added the ability to set port for TACACS+ |
| + | *** Logging: added multiple remote syslog servers support |
| + | * <b>Improvements</b> |
| + | ** <b>Network</b> |
| + | *** Static Leases: added possibility to use MAC with wildcard |
| + | *** Topology: changed network devices scanning application |
| + | *** WebUI: improved design of Status - LAN page |
| + | *** DHCP: simplified DHCP configurations in other pages and moved full DHCP configuration to a separate page |
| + | *** DHCP: removed default disabled server configuration for WAN interface |
| + | *** WebUI: simplified data entry of DNS forwardings by separating hostname and IP address fields |
| + | *** BGP: added Virtual Routing and Forwarding (VRF) support |
| + | *** BGP: added multiple BGP instance support |
| + | *** WebUI: adjusted responsive design breakpoints |
| + | *** HNAT: improved WAN->LAN packet offloading |
| + | *** WebUI: added an information icon and disabled delete button for wireless instance when it is associated with a hotspot interface |
| + | *** Wireless: improved hidden AP handling when showing scan results |
| + | *** Wireless: added a range of channels to 5 Ghz radio to use as fallback if it drops after radar detection when using DFS channel |
| + | *** Dnsmasq: updated dnsmasq to version 2.89 |
| + | ** <b>Services</b> |
| + | *** Wireguard: added option to bind tunnel to a specific interface |
| + | *** OPC UA Client: added limits (10 servers, 20 groups, 50 nodes per server, 50 values per group) |
| + | *** DLMS Client: increased maximum count of connection sections to 30 |
| + | *** DLMS Client: added short name referencing |
| + | *** SNMP: set strict default community access when IPv6 address is used |
| + | *** SNMP: improved sysName OID to set device's hostname |
| + | *** Network Shares: moved to Package Manager |
| + | *** Hotspot: moved MAC blocking option from Access Control to Hotspot page |
| + | *** WebUI: added MAC authentication support when using RADIUS authentication mode |
| + | *** WebUI: moved licenses to footer |
| + | *** OpenVPN: added the bridge option for selecting the network device to be bridged with |
| + | *** OpenVPN: added possibility to create more than one TAP client |
| + | *** SSTP: updated package version to 1.0.19 |
| + | *** Mosquitto: updated package version to 2.0.17 |
| + | *** Tailscale: updated package version to 1.62.1 |
| + | ** <b>System</b> |
| + | *** WebUI: added more strict password requirements for restoring backup |
| + | *** SMTP: added option to either not verify SMTP server or upload SMTP server's CA file to verify authenticity |
| + | *** WebUI: Added the ability to choose the ROOT CA when using certificates from the device |
| + | *** WebUI: unified time format to ISO8601 across the entire WebUI |
| + | *** WebUI: added ability to choose imported certificate and key as 'Server certificate' and 'Server key' in 'Access Control' |
| + | *** WebUI: added 'Hosts' and 'IP Addresses' options for 'Simple' certificate generation and certificate signing |
| + | *** WebUI: changed firmware update option to server as a default option |
| + | *** WebUI: improved first login password change logic |
| + | *** Certificates: updated Root CA certificates |
| + | *** GPL: added offline package preparation command for GPL builds |
| + | *** Speedtest: added multiple connections support to improve accuracy |
| + | *** Libcap: updated package version to 2.69 |
| + | * <b>Fix</b> |
| + | ** <b>Network</b> |
| + | *** Topology: fixed showing interfaces with assigned VLAN |
| + | *** WebUI: fixed static routing creation for GRE instance |
| + | *** Network: fixed DHCPv4 relay mode enabling |
| + | *** Failover: fixed Failover missing active rules when using multiple source and destination IP addresses |
| + | *** WebUI: fixed network and failover interface metric sorting synchronization issue |
| + | *** WebUI: fixed failover rule policy save issue with newly added WAN interface |
| + | *** Interfaces: fixed failover value for new WAN being taken from WAN that was just deleted |
| + | *** Wireless: fixed Wifi Scanner not saving scanned WiFi SSIDs |
| + | *** Wireless: fixed missing CCMP-256 and GCMP-256 cipher types in scan results |
| + | *** Wireless: fixed missing GCMP-256 cipher when using WPA3-EAP encryption in Client mode |
| + | *** Wireless: fixed skipped MAC address value for interface in Client mode |
| + | *** Wireless: fixed setup issue when client or mesh interfaces are configured on both radios |
| + | *** Wireless: fixed changing regulatory domain configuration |
| + | *** WebUI: fixed mesh nodes not being shown in Status->Wireless->Interfaces page |
| + | *** WebUI: fixed proposed configuration settings when connecting to a mesh point network |
| + | *** MultiAP: fixed client not switching to another AP if incorrect password was provided |
| + | *** HNAT: fixed multicast packet leakage when 'Hardware flow offloading' is enabled |
| + | ** <b>Services</b> |
| + | *** Modbus Client: allow using negative floating point values in requests |
| + | *** Azure IoT Hub: fixed Data to Server minor WebUI dependency bugs |
| + | *** Data to Server: fixed DLMS data formating |
| + | *** Data to Server: fixed Network link state data display |
| + | *** DLMS Client: fixed segfault while reading profile generic COSEM object |
| + | *** DLMS Client: fixed profile generic entries reading |
| + | *** DLMS Client: fixed application memory allocation issues |
| + | *** SSTP: fixed route adding when default route is enabled |
| + | *** SNMP: fixed VLAN OID naming |
| + | *** OpenVPN: added fixes for instance status tracking functionality |
| + | *** OpenVPN: resolved uptime counting issues |
| + | *** PPTP: fixed PPTP instance deletion problem |
| + | *** Azure IoT Hub: fixed 'contentType' telemetry message parameter |
| + | *** Hotspot: fixed password validation for locally created users and signed-up users |
| + | *** Hotspot: fixed session invalidation after deleting registered user |
| + | *** Hotspot: fixed firewall rule creation |
| + | *** PPTP: fixed problem related with routes when failover is enabled |
| + | *** USB Tools: fixed to not display a non-existent MSD |
| + | *** Modbus TCP Over Serial Gateway: fixed gateway returning corrupted data with larger baud rates |
| + | *** WebUI: fixed data loading error in Input/Output > Post/Get page |
| + | *** UPnP: updated package version to 2.3.4 |
| + | ** <b>System</b> |
| + | *** Package Manager: fixed spinner message when restarting network after package upload or download |
| + | *** Package Manager: fixed supported devices check when installing a package from server |
| + | *** WebUI: fixed language install from uploaded package after upgrade with keep settings |
| + | *** WebUI: fixed an issue when a user was not logged out after changing profiles |
| + | *** Telnet: fixed segmentation fault during concurrent connections |
| + | *** CLI: fixed enter key issue on mobile chromium based browsers |
| + | *** System Users: fixed SSH session close after deleting user or disabling SSH access |
| + | *** Profiles: fixed profile migration with installed packages |
| + | *** PAM: updated libpam to version 1.6.0 |
| + | *** JavaVM: fixed package installation |
| + | *** WebUI: fixed Hotspot log page table search functionality |
| + | *** Speedtest: fix missing download speed on some servers |
| + | * <b>CVE Patches</b> |
| + | ** CVE-2022-4603 |
| + | ** CVE-2022-23308 |
| + | ** CVE 2022-45061 |
| + | ** CVE-2023-0466 |
| + | ** CVE-2023-6129 |
| + | ** CVE-2023-7042 |
| + | ** CVE 2023-24329 |
| + | ** CVE 2023-27043 |
| + | ** CVE-2023-42366 |
| + | ** CVE-2023-46218 |
| + | ** CVE-2023-46219 |
| + | ** CVE-2023-46752 |
| + | ** CVE-2023-46753 |
| + | ** CVE-2023-48795 |
| + | ** CVE-2024-2397 |
| + | ** CVE-2024-25062 |
| + | ** CVE-2024-27913 |
| + | ** CVE-2024-22365 |
| + | ===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.10/RUTX/RUTX_R_00.07.06.10_WEBUI.bin RUTX_R_00.07.06.10]</span></b> | 2024.04.04=== |
| + | ---- |
| + | * <b>Fix</b> |
| + | ** <b>System</b> |
| + | *** Ledman: fixed memory leak |
| + | ===<b>RUTX_R_00.07.06.8</b> | 2024.03.25=== |
| + | * Firmware <b>R_00.07.06.8</b> was removed due to an issue with inefficient memory allocation for LED control. |
| + | ---- |
| + | * <b>Improvements</b> |
| + | ** <b>Services</b> |
| + | *** IPSec: disabled libgmp in favor of openssl |
| + | *** IPSec: updated Strongswan to 5.9.6 |
| + | * <b>Fix</b> |
| + | ** <b>Services</b> |
| + | *** IPSec: increased charon load timeout |
| + | *** IPSec: fixed loading of large private keys |
| + | ===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.6/RUTX/RUTX_R_00.07.06.6_WEBUI.bin RUTX_R_00.07.06.6]</span></b> | 2024.03.04=== |
| + | ---- |
| + | * <b>New</b> |
| + | ** <b>Services</b> |
| + | *** Added domain and subdomain options for external landing page in Hotspot |
| + | * <b>Improvements</b> |
| + | ** <b>System</b> |
| + | *** Minified *.svg WebUI files to save space on the device |
| + | *** Removed unused easy-rsa package to increase free space |
| + | * <b>Fix</b> |
| + | ** <b>Network</b> |
| + | *** Fixed the issue with Wireless bgscan functionality not operating correctly |
| + | ** <b>Services</b> |
| + | *** Fixed OverIP serial utility issue where after some time server mode can't accept incoming connections anymore |
| + | ===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.5/RUTX/RUTX_R_00.07.06.5_WEBUI.bin RUTX_R_00.07.06.5]</span></b> | 2024.02.21=== |
| + | ---- |
| + | * <b>Improvements</b> |
| + | ** <b>Network</b> |
| + | *** Improved DMZ to use its source zone on port forwards creation |
| + | ** <b>System</b> |
| + | *** Updated netifd version to 2024-01-04 |
| + | *** Updated PPP package version to 2.4.9 |
| + | *** Updated E2fsprogs package version to 1.47.0 |
| + | *** Updated Musl package version to 1.2.4 |
| + | * <b>Fix</b> |
| + | ** <b>Network</b> |
| + | *** Fixed an issue where DNS resolution failed for wireless clients connected to an access point configured on a specific VLAN |
| + | ** <b>Services</b> |
| + | *** Fixed Modbus TCP Over Serial Gateway crash occurring at start up in some edge cases |
| + | *** Fixed tailscale VPN firewall zone creation issue |
| + | ** <b>WebUI</b> |
| + | *** Fixed action descriptions in the traffic rules table |
| + | ** <b>System</b> |
| + | *** Fixed WiFi LED indication when access point is turned off |
| + | *** Fixed year 2038 problem with time counter overflow |
| + | ===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.3/RUTX/RUTX_R_00.07.06.3_WEBUI.bin RUTX_R_00.07.06.3]</span></b> | 2024.01.17=== |
| + | ---- |
| + | * <b>Improvements</b> |
| + | ** <b>Services</b> |
| + | *** Increased DLMS Client connection timeout for TCP sockets |
| + | * <b>Fix</b> |
| + | ** <b>Services</b> |
| + | *** Fixed DLMS Client memory leak with profile generic COSEM class |
| + | *** Fixed function 5 not working with high register numbers in MQTT Modbus Gateway service |
| + | ** <b>WebUI</b> |
| + | *** Fixed Events Log sorting and search features |
| + | ** <b>System</b> |
| + | *** Patched CVE-2024-0193 vulnerability |
| + | *** Patched CVE-2023-51779 vulnerability |
| + | *** Updated OpenSSH to 9.6p1 version, fixed CVE-2023-51385 and CVE-2023-51384 |
| + | *** Fixed profile migrations, added error handling when trying to change profile while it is still applying |
| + | ===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.1/RUTX/RUTX_R_00.07.06.1_WEBUI.bin RUTX_R_00.07.06.1]</span></b> | 2024.01.04=== |
| + | |
| + | * <b>Fix</b> |
| + | ** <b>Services</b> |
| + | *** Fixed issue with NTPclient zombie processes |
| + | |
| + | ===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6/RUTX/RUTX_R_00.07.06_WEBUI.bin RUTX_R_00.07.06]</span></b> | 2023.12.20=== |
| + | |
| + | * <b>New</b> |
| + | ** <b>Network</b> |
| + | *** Added 802.11v BSS Transition Management and 802.11k Radio Resource Measurement |
| + | ** <b>Services</b> |
| + | *** Added OPC UA Server |
| + | *** Added the ability to set port for TACACS+ in PAM service |
| + | *** Added switch to enable using root certificate authority for MQTT alarms in Modbus Client services |
| + | *** Added new alarm action "Ubus event" in Modbus Client services |
| + | *** Added new input "Modbus alarms" in Data to Server service |
| + | *** Added wget ping subtype support in Events Reporting service |
| + | *** Added new I/O SNMP OID that returns numeric I/O state |
| + | *** Added TLS support for OverIP serial functionality |
| + | ** <b>WebUI</b> |
| + | *** Added Tailscale VPN support |
| + | *** Renewed user interface design |
| + | *** Added network interface name change functionality |
| + | *** Added last resort configuration option for multiwan policy rules |
| + | ** <b>System</b> |
| + | *** Added ability to enable/disable SSH access for specific users in System Users |
| + | *** API support |
| + | |
| + | * <b>Improvements</b> |
| + | ** <b>Network</b> |
| + | *** Added two radio support on one SSID in Wireless |
| + | ** <b>Services</b> |
| + | *** Expanded GRE VPN keep alive functionality to disable routes from unreachable tunnel |
| + | *** Added PKCS#12 certificate container authentication method in IPsec VPN |
| + | *** Added TLV message_payload support for SNMP service |
| + | *** Added Purple.ai configuration profile |
| + | *** Replaced option "No leading zeros" with "Remove all zeros" in Over IP serial functionality |
| + | *** Added reboot on storage device disappearance and re-appearance |
| + | ** <b>WebUI</b> |
| + | *** Improved Events Log page loading by adding asynchronous pagination |
| + | *** Removed requirement for Diffie-Hellman parameters in OpenVPN service |
| + | *** Added improvements for creating OpenVPN IPv6 configurations |
| + | *** Added auto redirect after changing router's IP address or port |
| + | *** Added "Interface" dropdown for interfaces selection in Wake on LAN service |
| + | *** Increased Data to Server service MQTT topic length limit to 65535 characters |
| + | *** Added OSPF external routes section to Status page |
| + | *** Moved device menu entry “Reboot” to header menu |
| + | *** Moved WiFi scanner page to Services section |
| + | ** <b>System</b> |
| + | *** Added Mosquitto CVE patch 2023-28366 |
| + | *** Added Mosquitto CVE patch 2023-3592 |
| + | *** Updated hostapd version to 2023-09-08 |
| + | *** Updated cURL version to 8.4.0 |
| + | *** Updated kernel version to 5.10.199 |
| + | *** Updated Mac80211 version to 6.1.24 |
| + | *** Added RMS data display to generated troubleshoot |
| + | *** Added downloaded Package Manager packages list to generated troubleshoot |
| + | *** Added process activity load list to generated troubleshoot |
| + | *** Changed default OPKG feed to use Teltonika's URL |
| + | |
| + | * <b>Fix</b> |
| + | ** <b>Network</b> |
| + | *** Fixed DMVPN firewall rule creation issues |
| + | *** Fixed RUTX VLAN keep settings issue when WAN port configuration are overwritten with 1st vlan |
| + | *** Fixed Failover missing active rules when using multiple source and destination IP addresses |
| + | *** Fixed unstable Wireless mesh connection |
| + | *** Fixed low Wireless mesh throughput |
| + | *** Fixed concurrent Wireless STA and AP functionality on 5 GHz band |
| + | ** <b>Services</b> |
| + | *** Fixed SSH module enable in PAM service |
| + | *** Added minimum free space check when saving logs to flash in Logging service |
| + | *** Fixed "Set multiple coils" function sending too many bytes in Modbus Client services |
| + | *** Fixed multiple Events Reporting messages being sent when Firewall configuration is changed |
| + | *** Fixed VRRP instances advertising wrong virtual IPs |
| + | *** Added Hotspot information in SNMP MIB file |
| + | *** Fixed registered Hotspot Local Users showing random username |
| + | *** Fixed selection of MAC Auth for LAN interfaces in Hotspot service |
| + | *** Fixed inconsistent Hotspot login behaviour when using MAC Auth with Password |
| + | *** fixed instance shutdown after last local user deletion |
| + | *** Fixed RMS Hotspot data display for devices without WiFi support |
| + | *** Fixed serial timeout not working in Over IP serial functionality |
| + | *** Removed "Echo" option in Modbus TCP over Serial functionality |
| + | *** Fixed CRC verification failing when CRC is correct in Modbus TCP over Serial functionality |
| + | *** Fixed crash when getting unexpected messages from RTU in Modbus TCP over Serial functionality |
| + | ** <b>WebUI</b> |
| + | *** Fixed side menu style issues when Japanese language is used |
| + | *** Fixed displaying of vendor names in Topology page |
| + | *** Fixed language packs being selectable when still in Package Manager queue |
| + | *** Added ability to configure IPv6 BGP peer |
| + | *** Fixed RelayD configuration issues after keep settings |
| + | *** Fixed realtime graphs responsive design issues |
| + | *** Fixed Network Shares users deletion |
| + | *** Fixed not all LAN interfaces shown in dropdown in Hotspot service page |
| + | *** Fixed wireless realtime data to show signal as unavailable with no connected clients |
| + | *** Fixed WiFi scanner disconnecting AP users |
| + | *** Fixed setup wizard errors in Wireless configuration page |
| + | ** <b>System</b> |
| + | *** Patched FRR CVE-2023-38406 |
| + | *** Patched FRR CVE-2023-38407 |
| + | *** Patched FRR CVE-2023-41358 |
| + | *** Patched FRR CVE-2023-41360 |
| + | *** Patched FRR CVE-2023-41909 |
| + | *** Patched FRR CVE-2023-47234 |
| + | *** Patched FRR CVE-2023-47235 |
| + | *** Patched OpenSSL CVE-2023-3446 |
| + | *** Patched OpenSSL CVE-2023-3817 |
| + | *** Patched LibXML2 CVE-2023-39615 |
| + | *** Patched LibXML2 CVE-2023-45322 |
| + | *** Patched FFMPEG CVE-2021-28429 |
| + | *** Patched FFMPEG CVE-2022-48434 |
| + | *** Patched dnsmasq CVE-2023-28450 |
| + | *** Fixed running out of space when SSHFS is mounted in /tmp while generating troubleshoot |
| + | *** Fixed WebUI access after upgrading from legacy RutOS version |
| + | |
| ===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.5.4/RUTX/RUTX_R_00.07.05.4_WEBUI.bin RUTX_R_00.07.05.4]</span></b> | 2023.11.09=== | | ===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.5.4/RUTX/RUTX_R_00.07.05.4_WEBUI.bin RUTX_R_00.07.05.4]</span></b> | 2023.11.09=== |
| | | |