Jump to content

TRB140 Firmware Downloads: Difference between revisions

no edit summary
No edit summary
No edit summary
(7 intermediate revisions by the same user not shown)
Line 7: Line 7:
==Changelog==
==Changelog==
<!--NEW_FW-->
<!--NEW_FW-->
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.8/TRB1/TRB1_R_00.07.08_WEBUI.bin TRB1_R_00.07.08]</span></b> | 2024.07.18===
* <b>New</b>
** <b>Network</b>
*** DNS: added inherited server status to configuration page
*** HTTPS DNS Proxy: added new HTTPS DNS Proxy package to package manager
*** Mobile: added SIM card lock/unlock functionality in Mobile->Utilities page
*** Mobile: added SIM card PIN change functionality in Mobile->Utilities page
*** Mobile: added new Mobile->Limits page which shows information and allows to configure Data and SMS limits
*** Mobile: added DFOTA support for RG520N modems
*** Mobile: added nr-arfcn display to mobile status page
*** Mobile: added dfota support for devices with RG520N-EB modem
** <b>Services</b>
*** Data to Server: added 'Lua script' data input
*** Input/Output: added ability to configure gpio debounce timer and changed default gpio debounce timer value from 200 ms to 10 ms
*** IPsec: added initial XFRM support
*** MQTT Modbus Gateway: added JSON message type format
*** OpenVPN: added DCO support
** <b>System</b>
*** API Core: added option to configure api session timeout
*** Certificates: added "Let's encrypt" certificate generation
*** PAM: added RADIUS external user support
*** UI Core: added data analytics support
*** Update Firmware: added warning message about device being temporarily unreachable on firmware update
* <b>Improvements</b>
** <b>Network</b>
*** DNS: separated field "DNS forwardings" into two: one for simple server forwarding other for domain-specific
*** DNS: moved "DNS Forwardings", "Listen interfaces", "Exclude interfaces", "Local service only", options to advanced tab
*** Firewall: improved protocol field in all firewall pages by making that "All" value would be mutually exclusive with any other value
*** Mobile: improved IMS context initialization
*** Mobile: updated SMS memory management for multipart SMS
*** Mobile: added error message when attempting to enable the SIM switch without any criteria set
*** Mobile: added informative message in SIM switch page when Data/SMS limit criteria are enabled but the limits themselves are not set up
*** Mobile: moved operator list allowlist/blocklist selection to Network selection page
*** Mobile: refactored Scanned operators modal, added repeat scan button
*** Mobile: added ability to view previously scanned operators in Network selection and Operator lists pages
*** Mobile: added ability to edit operator list name and initiate scans for operators in Operator lists page
*** Mobile: updated operator code field list to include APNs from the APN database in Operator lists page
*** Mobile: split Mobile->General page into three pages: General, Connection and Utilities pages
*** Mobile: added mobile interface with highest priority APN configuration in Mobile->General page
*** Mobile: added icons with hints which show SIM card, operator, data connection statuses in Mobile->General page
*** Mobile: moved Mobile data limit section to a tab in WAN page
*** Mobile: added informative message in WAN page to indicate whether the connection will be made using APN from APN database, empty or custom APN
*** Mobile: improved logging of ping error messages
*** Mobile: added 5G SA/NSA mode selection
*** Mobile: improved modem updater to stop ping reboot service while update is in progress
*** Mobile: improved the handling of denied messages upon SIM switch
*** Mobile: added notification when a multi-IMSI SIM card is using Auto APN
*** Mobile: added validation to not allow passthrough and bridge mode when one already exists
*** Mobile: improved safeguards for modem services startup
*** Mobile: improved modem update status display
*** Mobile: added corrupted mobile statistics database restoration functionallity
*** Mobile: improved setting of IPv4 and IPv6 types inside the modules
*** Mobile: improved provider name parsing for SLM750 modem
*** Multi WAN: improved interface status representation when using load balancing
*** Network: added more options for "IPv6 assignment length" field
** <b>Services</b>
*** Azure IoT Hub: added DPS symmetric key attestation support
*** Azure IoT Hub: added Direct Method support
*** Azure IoT Hub: added Plug and Play integration
*** Azure IoT Hub: added link to "Data to Server" page
*** Data to Server: added support for multiple filters
*** Data to Server: improved HTTP output hostname definition with automatic protocol specification in URL
*** Data to Server: improved MQTT input connection handling
*** DNP3 Client: added option to enable/disable service
*** GRE: increased Inbound and Outbound key limit to 4294967295
*** Input/Output: added custom name support in I/O status page
*** IPsec: added certificate warning message
*** Mobile Utilities: added interface option to sms_utils cellular command
*** Mobile Utilities: improved error log message
*** Mobile Utilities: improved naming of I/O pins in initial I/O status rule
*** Mobile Utilities: sms utilities authentication brute force prevention
*** Modbus Server: added mobile last month and last week usage registers
*** Mosquitto: added large package size check for MQTT clients
*** MQTT Modbus Gateway: improved mosquitto reconnect time and service will try to recover few times before exiting
*** MQTT Publisher: improved MQTT connection handling
*** OPC UA Client: added security modes
*** OPC UA Server: added security modes
*** OPC UA Server: added service status display
*** OpenVPN: added support for decrypting private key when uploading a configuration file
*** OpenVPN: improved instance status state
*** OpenVPN: added options to specify an IP address pool for dynamic assignment to clients
*** SMPP: added brute-force prevention
*** SMPP: added TLS/SSL support
*** SMS Utilities: added security warning in "Authorization method" configuration
*** SNMP: changed interface module OID structure
*** SNMP: improved User-based Security Model (USM) brute force attack prevention measures
*** Stunnel: improved global instance settings dependencies
*** emailrelay: updated version to 2.4.1
*** OpenVPN: updated version to 2.6.9
*** stunnel: updated version to 5.72
** <b>System</b>
*** Access Control: added certificate key length warnings
*** Access Control: adjusted access control when all pages are blocked
*** Access Control: added certificate file download for CLI to work on all browsers
*** API Core: implemented functionality to include warning messages for vulnerable certificates
*** Boot: improved modem startup reliability
*** Package Manager: added multi package actions
*** Package Manager: added status filter
*** Package Manager: moved package upload action to main page
*** Package Manager: added links to installed packages pages
*** Package Manager: refactored "Packages" page
*** Package Manager: updated opkg repository link to use https
*** RutOS: improved GPL example page to align with new software architecture
*** Troubleshoot: refactored Modem debug section to display responses in single field, added clear button to remove received responses
*** Troubleshoot: added support for multiple syslog servers
*** UI Core: added additional message with IP address to loading screen for scenarios when redirect to different IP address happens
*** UI Core: added toast message hiding when text is too long
*** Update Firmware: added 'Firmware version' data in screen after firmware upload
*** WebUI: added functionality to cancel loading screen if it takes 30 or more seconds
*** WebUI: removed all ubus method calls from webui
*** WebUI: improved language caching
*** WebUI: added password generator for first login modal
*** WebUI: added sticky position to side menu
*** WebUI: added default password hint to login error message
*** WebUI: added warning messages for low-security certificates
*** Kernel: updated version to 5.4.276
*** libexpat: updated version to 2.6.2
*** SSL/TLS: updated version to 3.0.14
*** vue: updated version to 3.4
* <b>Fix</b>
** <b>Network</b>
*** Devices: fixed missing API devices status endpoint permission
*** DHCP: fixed "DHCP option" allow empty input value
*** DHCP: fixed IPv4 leases being not correctly shown when NTP synchronizes time
*** DHCP: fixed DHCP error that occurred after changing the subnet of the LAN IP address in the setup wizard
*** Dynamic routes: fixed duplicated external routes cards
*** Firewall: fixed firewall zone validation when adding interfaces
*** Mobile: fixed low signal reconnect being available on modems where it is not supported
*** Mobile: fixed gsmctl -E output to return only json values
*** Mobile: fixed Carrier Aggregation signal strength info
*** Mobile: fixed wrong mobile data limit used data format for sms messages
*** Mobile: fixed duplicate data connection event reporting
*** Mobile: fixed an issue where low signal notifications were displayed without a SIM card
*** Mobile: fixed modem serial number acquisition after modem reboot
*** Mobile: fixed an issue when 4G-only network type selection may have resulted in a slower connection to the operator
*** Mobile: fixed issue where USSD responses were returned in HEX format instead of text format for EC200A module
*** Mobile: fixed issue where DHCP filter was not set correctly for RG501Q
*** Mobile: fixed modem restart using gsmctl
*** Mobile: fixed an issue where the wrong IP address was used after a DFOTA upgrade
*** Network: fixed overriding MAC address for interfaces that are bridged
*** Network: fixed not getting IP address when switching LAN to WAN
*** Ports Settings: fixed port advertisement change
*** Realtime Traffic: fixed mobile usage by week day translation by device language
*** SQM: fixed missing PPP mobile device selection in SQM configuration
** <b>Services</b>
*** BACnet: fixed incorrect BACnet IP port used for sending responses
*** BGP: fixed route map sequence going out of range
*** BGP: fixed listen range field allowing multiple entries
*** Call Utilities: fixed table header switch to be disabled if no rules were created
*** DLMS: fixed DLMS test response format
*** DLMS: fixed COSEM group validation
*** DLMS: fixed API POST error for /dlms/devices/config endpoint
*** DLMS: fixed serial connection not working after reboot
*** DNP3 Client: fixed to allow reading objects past 255 index
*** DNP3 Client: fixed incorrect hints
*** DNP3 Outstation: fixed serial outstation starting issues
*** I/O Juggler: fixed improper dout action config handling
*** I/O Juggler: updated profile change action
*** Input/Output: allow unselecting all Post/Get access methods
*** Input/Output: fixed issue when onewire configuration is not saved
*** IPsec: fixed connectivity issues when using WAN failover
*** IPsec: fixed the instance status when the local firewall option is disabled
*** Ledman: fixed issue when after some time network type LED starts blinking
*** Modbus Client: fixed test request option validation
*** Modbus Client: fixed alarm output action display values
*** Modbus Client: fixed incorrect period hint
*** Modbus Server: fixed APN register not clearing APN
*** Modbus Server: fixed 148 and 164 modbus registers
*** Modbus Server: fixed incorrect hints
*** OPC UA Server: fixed not starting while modem is down
*** OpenVPN: fixed displaying imported files from device
*** OpenVPN: fixed the private key decryption for cases when a password is used
*** OpenVPN: fixed data cipher migration
*** Overview: fixed issue when devices without WiFi send additional request without data
*** SMPP: fixed username bypass problem
*** SMPP: fixed password validation
*** SMS Gateway: fixed SMS to Email recipient formatting according to RFC5322
*** SNMP: fixed GSM mSignal OID value type
*** SNMP: fixed GSM module memory leaks
*** SSTP: fixed functionality when the default route option is not enabled
*** Web Filter: fixed whitelist not working for some hosts when using IPv6
** <b>System</b>
*** Administration: fixed repeated validation on cleared inputs and added validation when new password matches the old one
*** API Core: fixed API method validation during upload action
*** API Core: fixed error messages for POST method
*** API Core: fixed option list validation
*** Boot: fixed factory settings restore (firstboot) not deleting hidden files
*** Events Log: fixed refresh button in event log table
*** IP Block: fixed adding MAC addresses back to whitelist when unblocking all of them
*** Recipients: made phone number field required
*** Setup Wizard: fixed lan ip step not changing ip address
*** Troubleshoot: fixed system log and kernel log buttons to be enabled with read only rights
*** Update Firmware: fixed misleading "Firmware version" status of "N/A" to "FOTA service is disabled" when FOTA is disabled
*** Update Firmware: fixed issue when infinite spinner appears after updating device firmware from server without having internet connection
* <b>CVE Patches</b>
** Patched CVE-2023-52425
** Patched CVE-2023-52530
** Patched CVE-2024-25629
** Patched CVE-2024-28757
----
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.7.3/TRB1/TRB1_R_00.07.07.3_WEBUI.bin TRB1_R_00.07.07.3]</span></b> | 2024.06.25===
* <b>Fix</b>
** <b>Network</b>
*** WebUI: fixed port advertisement change
** <b>System</b>
*** FOTA: fixed config when upgrading from older firmware with keep settings
* <b>CVE Patches</b>
** CVE-2024-31950
** CVE-2024-31951
----
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.7.2/TRB1/TRB1_R_00.07.07.2_WEBUI.bin TRB1_R_00.07.07.2]</span></b> | 2024.06.12===
* <b>Improvements</b>
** <b>Network</b>
*** Mobile: improved communication stability with eSIM
** <b>Services</b>
*** SNMP: added bruteforce attack prevention when using SNMP v3 user
*** L2TP: improved reconnect attempt logic
** <b>System</b>
*** SSH: removed weak SSH algorithms
*** Telnet: moved to Package Manager
* <b>Fix</b>
** <b>Network</b>
*** BGP: fixed instance migration issues
*** Mobile: fixed forced APN configuration
** <b>Services</b>
*** DMVPN: fixed duplicate NHRP map entries creation
*** OpenVPN: added fixes for the insecure tls-cert-profile option usage
** <b>System</b>
*** IP Block: fixed blocking of UDP traffic
* <b>CVE Patches</b>
** CVE-2024-31948
----
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.7.1/TRB1/TRB1_R_00.07.07.1_WEBUI.bin TRB1_R_00.07.07.1]</span></b> | 2024.05.03===
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.7.1/TRB1/TRB1_R_00.07.07.1_WEBUI.bin TRB1_R_00.07.07.1]</span></b> | 2024.05.03===
----
* <b>New</b>
* <b>New</b>
** <b>Network</b>
** <b>Network</b>
Line 96: Line 327:
*** Network: fixed DHCPv4 relay mode enabling
*** Network: fixed DHCPv4 relay mode enabling
*** Mobile: fixed PIN code set after modem restart
*** Mobile: fixed PIN code set after modem restart
*** Mobile: fixed cases where 5G NSA network type was shown incorrectly
*** Mobile: fixed an issue where using SIM change command on one SIM slot modems would reset connection
*** Mobile: fixed an issue where using SIM change command on one SIM slot modems would reset connection
*** Mobile: fixed an issue where message storage would not be checked correctly
*** Mobile: fixed an issue where message storage would not be checked correctly
Line 157: Line 387:
** CVE-2024-27913
** CVE-2024-27913
** CVE-2024-22365
** CVE-2024-22365
----
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.10/TRB1/TRB1_R_00.07.06.10_WEBUI.bin TRB1_R_00.07.06.10]</span></b> | 2024.04.04===
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.10/TRB1/TRB1_R_00.07.06.10_WEBUI.bin TRB1_R_00.07.06.10]</span></b> | 2024.04.04===
* <b>Fix</b>
** <b>System</b>
*** Ledman: fixed memory leak
----
----
* Global changelog for <b>R_00.07.06.10</b> - [[Global RUTOS changelog#R_00.07.06.10|LINK]]
===<b>TRB1_R_00.07.06.8</b> | 2024.03.25===
===<b>TRB1_R_00.07.06.8</b> | 2024.03.25===
Firmware <b>R_00.07.06.8</b> was removed due to an issue with inefficient memory allocation for LED control.
* <b>New</b>
** <b>WebUI</b>
*** Added eSIM support
* <b>Improvements</b>
** <b>Services</b>
*** IPSec: disabled libgmp in favor of openssl
*** IPSec: updated Strongswan to 5.9.6
* <b>Fix</b>
** <b>Services</b>
*** IPSec: increased charon load timeout
*** IPSec: fixed loading of large private keys
----
----
* Firmware <b>R_00.07.06.8</b> was removed due to an issue with inefficient memory allocation for LED control.
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.6/TRB1/TRB1_R_00.07.06.6_WEBUI.bin TRB1_R_00.07.06.6]</span></b> | 2024.03.04===
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.6/TRB1/TRB1_R_00.07.06.6_WEBUI.bin TRB1_R_00.07.06.6]</span></b> | 2024.03.04===
* <b>New</b>
** <b>Services</b>
*** Added domain and subdomain options for external landing page in Hotspot
* <b>Improvements</b>
** <b>System</b>
*** Minified *.svg WebUI files to save space on the device
*** Removed unused easy-rsa package to increase free space
* <b>Fix</b>
** <b>Network</b>
*** Fixed mobile daily data usage representation
----
----
* Global changelog for <b>R_00.07.06.6</b> - [[Global RUTOS changelog#R_00.07.06.6|LINK]]
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.5/TRB1/TRB1_R_00.07.06.5_WEBUI.bin TRB1_R_00.07.06.5]</span></b> | 2024.02.21===
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.5/TRB1/TRB1_R_00.07.06.5_WEBUI.bin TRB1_R_00.07.06.5]</span></b> | 2024.02.21===
* <b>New</b>
** <b>Network</b>
*** Added support for multi line USSD
* <b>Improvements</b>
** <b>Network</b>
*** Improved DMZ to use its source zone on port forwards creation
** <b>System</b>
*** Updated netifd version to 2024-01-04
*** Updated PPP package version to 2.4.9
*** Updated E2fsprogs package version to 1.47.0
*** Updated Musl package version to 1.2.4
* <b>Fix</b>
** <b>Services</b>
*** Fixed issue of OPC UA Server service not launching
** <b>WebUI</b>
*** Fixed action descriptions in the traffic rules table
*** fixed BACnet allow remote access functionality
** <b>System</b>
*** Fixed year 2038 problem with time counter overflow
----
----
* Global changelog for <b>R_00.07.06.5</b> - [[Global RUTOS changelog#R_00.07.06.5|LINK]]
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.4/TRB1/TRB1_R_00.07.06.4_WEBUI.bin TRB1_R_00.07.06.4]</span></b> | 2024.01.18===
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.4/TRB1/TRB1_R_00.07.06.4_WEBUI.bin TRB1_R_00.07.06.4]</span></b> | 2024.01.18===
* <b>Improvements</b>
** <b>Services</b>
*** Increased DLMS Client connection timeout for TCP sockets
* <b>Fix</b>
** <b>Services</b>
*** Fixed DLMS Client memory leak with profile generic COSEM class
** <b>WebUI</b>
*** Fixed Events Log sorting and search features
** <b>System</b>
*** Patched CVE-2024-0193 vulnerability
*** Patched CVE-2023-51779 vulnerability
*** Updated OpenSSH to 9.6p1 version, fixed CVE-2023-51385 and CVE-2023-51384
*** Fixed profile migrations, added error handling when trying to change profile while it is still applying
----
----
* Global changelog for <b>R_00.07.06.4</b> - [[Global RUTOS changelog#R_00.07.06.4|LINK]]
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.2/TRB1/TRB1_R_00.07.06.2_WEBUI.bin TRB1_R_00.07.06.2]</span></b> | 2024.01.04===
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.2/TRB1/TRB1_R_00.07.06.2_WEBUI.bin TRB1_R_00.07.06.2]</span></b> | 2024.01.04===
* <b>Fix</b>
* <b>Fix</b>
Line 178: Line 461:
** <b>System</b>
** <b>System</b>
*** Fixed device resetting to a different password instead of unique default password inscribed on the device.
*** Fixed device resetting to a different password instead of unique default password inscribed on the device.
 
----
===<b>TRB1_R_00.07.06</b> | 2023.12.20===
===<b>TRB1_R_00.07.06</b> | 2023.12.20===
<b>Note:</b> Firmware version <i>TRB1_R_00.07.06</i> was removed due to an issue when resetting the device failed to revert the password to the specified unique code inscribed on the device.
<b>Note:</b> Firmware version <i>TRB1_R_00.07.06</i> was removed due to an issue when resetting the device failed to revert the password to the specified unique code inscribed on the device.
Line 567: Line 850:
*** Patched CVE-2023-29469 vulnerability
*** Patched CVE-2023-29469 vulnerability
*** Patched CVE-2023-31490 vulnerability
*** Patched CVE-2023-31490 vulnerability
*** Patched CVE-2023-36369 vulnerability
*** Patched CVE-2021-36369 vulnerability
*** Patched CVE-2023-48174 vulnerability
*** Patched CVE-2023-48174 vulnerability
*** Delayed Custom Scripts execution on boot, after storage devices are mounted
*** Delayed Custom Scripts execution on boot, after storage devices are mounted