Jump to content

RUTX08 Firmware Downloads: Difference between revisions

no edit summary
No edit summary
No edit summary
(4 intermediate revisions by the same user not shown)
Line 7: Line 7:
==Changelog==
==Changelog==
<!--NEW_FW-->
<!--NEW_FW-->
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.8/RUTX/RUTX_R_00.07.08_WEBUI.bin RUTX_R_00.07.08]</span></b> | 2024.07.18===
* <b>New</b>
** <b>Network</b>
*** 802.1X: added client support
*** DNS: added inherited server status to configuration page
*** HTTPS DNS Proxy: added new HTTPS DNS Proxy package to package manager
** <b>Services</b>
*** Data to Server: added 'Lua script' data input
*** Input/Output: added ability to configure gpio debounce timer and changed default gpio debounce timer value from 200 ms to 10 ms
*** IPsec: added initial XFRM support
*** MQTT Modbus Gateway: added JSON message type format
*** OpenVPN: added DCO support
** <b>System</b>
*** API Core: added option to configure api session timeout
*** Certificates: added "Let's encrypt" certificate generation
*** PAM: added RADIUS external user support
*** UI Core: added data analytics support
*** Update Firmware: added warning message about device being temporarily unreachable on firmware update
* <b>Improvements</b>
** <b>Network</b>
*** DNS: separated field "DNS forwardings" into two: one for simple server forwarding other for domain-specific
*** DNS: moved "DNS Forwardings", "Listen interfaces", "Exclude interfaces", "Local service only", options to advanced tab
*** Firewall: improved protocol field in all firewall pages by making that "All" value would be mutually exclusive with any other value
*** Multi WAN: improved interface status representation when using load balancing
*** Network: added more options for "IPv6 assignment length" field
** <b>Services</b>
*** Azure IoT Hub: added DPS symmetric key attestation support
*** Azure IoT Hub: added Direct Method support
*** Azure IoT Hub: added Plug and Play integration
*** Azure IoT Hub: added link to "Data to Server" page
*** Data to Server: added support for multiple filters
*** Data to Server: improved HTTP output hostname definition with automatic protocol specification in URL
*** Data to Server: improved MQTT input connection handling
*** DNP3 Client: added option to enable/disable service
*** GRE: increased Inbound and Outbound key limit to 4294967295
*** Input/Output: added custom name support in I/O status page
*** IPsec: added certificate warning message
*** Modbus Server: added mobile last month and last week usage registers
*** Mosquitto: added large package size check for MQTT clients
*** MQTT Modbus Gateway: improved mosquitto reconnect time and service will try to recover few times before exiting
*** MQTT Publisher: improved MQTT connection handling
*** OPC UA Client: added security modes
*** OPC UA Server: added security modes
*** OPC UA Server: added service status display
*** OpenVPN: added support for decrypting private key when uploading a configuration file
*** OpenVPN: improved instance status state
*** OpenVPN: added options to specify an IP address pool for dynamic assignment to clients
*** Over IP: added label to show how many servers a client is connected to
*** Over IP: connect on data feature will not disconnect immediately after data transfer but wait for inactivity timeout
*** Over IP: increased TLS handshake timeout to 10 seconds
*** SMPP: added brute-force prevention
*** SMPP: added TLS/SSL support
*** SNMP: changed interface module OID structure
*** SNMP: improved User-based Security Model (USM) brute force attack prevention measures
*** Stunnel: improved global instance settings dependencies
*** emailrelay: updated version to 2.4.1
*** OpenVPN: updated version to 2.6.9
*** stunnel: updated version to 5.72
*** Tailscale: updated version to 1.68.1
** <b>System</b>
*** Access Control: added certificate key length warnings
*** Access Control: adjusted access control when all pages are blocked
*** Access Control: added certificate file download for CLI to work on all browsers
*** API Core: implemented functionality to include warning messages for vulnerable certificates
*** Package Manager: added multi package actions
*** Package Manager: added status filter
*** Package Manager: moved package upload action to main page
*** Package Manager: added links to installed packages pages
*** Package Manager: refactored "Packages" page
*** Package Manager: updated opkg repository link to use https
*** RutOS: improved GPL example page to align with new software architecture
*** Troubleshoot: added support for multiple syslog servers
*** UI Core: added additional message with IP address to loading screen for scenarios when redirect to different IP address happens
*** UI Core: added toast message hiding when text is too long
*** Update Firmware: added 'Firmware version' data in screen after firmware upload
*** WebUI: added functionality to cancel loading screen if it takes 30 or more seconds
*** WebUI: removed all ubus method calls from webui
*** WebUI: improved language caching
*** WebUI: added password generator for first login modal
*** WebUI: added sticky position to side menu
*** WebUI: added default password hint to login error message
*** WebUI: added warning messages for low-security certificates
*** Kernel: updated version to 5.10.217
*** libexpat: updated version to 2.6.2
*** SSL/TLS: updated version to 3.0.14
*** vue: updated version to 3.4
* <b>Fix</b>
** <b>Network</b>
*** Devices: fixed missing API devices status endpoint permission
*** DHCP: fixed "DHCP option" allow empty input value
*** DHCP: fixed IPv4 leases being not correctly shown when NTP synchronizes time
*** DHCP: fixed DHCP error that occurred after changing the subnet of the LAN IP address in the setup wizard
*** Dynamic routes: fixed duplicated external routes cards
*** Firewall: fixed firewall zone validation when adding interfaces
*** Network: fixed overriding MAC address for interfaces that are bridged
*** Network: fixed instances of device dropping packets when configured with masquerading disabled and 'Hardware flow offload' enabled
** <b>Services</b>
*** BACnet: fixed incorrect BACnet IP port used for sending responses
*** BGP: fixed route map sequence going out of range
*** BGP: fixed listen range field allowing multiple entries
*** DLMS: fixed DLMS test response format
*** DLMS: fixed COSEM group validation
*** DLMS: fixed API POST error for /dlms/devices/config endpoint
*** DLMS: fixed serial connection not working after reboot
*** DNP3 Client: fixed to allow reading objects past 255 index
*** DNP3 Client: fixed incorrect hints
*** DNP3 Outstation: fixed serial outstation starting issues
*** I/O Juggler: fixed improper dout action config handling
*** I/O Juggler: updated profile change action
*** Input/Output: allow unselecting all Post/Get access methods
*** IPsec: fixed connectivity issues when using WAN failover
*** IPsec: fixed the instance status when the local firewall option is disabled
*** Modbus Client: fixed test request option validation
*** Modbus Client: fixed alarm output action display values
*** Modbus Client: fixed incorrect period hint
*** Modbus Server: fixed APN register not clearing APN
*** Modbus Server: fixed 148 and 164 modbus registers
*** Modbus Server: fixed incorrect hints
*** NTRIP: fixed NTRIP NMEA generation timestamp and coordinates errors
*** NTRIP: fixed configuration reading with several instances added
*** OPC UA Server: fixed not starting while modem is down
*** OpenVPN: fixed displaying imported files from device
*** OpenVPN: fixed the private key decryption for cases when a password is used
*** OpenVPN: fixed data cipher migration
*** Over IP: fixed connect on data initiating TCP connection after few data transfers
*** Overview: fixed issue when devices without WiFi send additional request without data
*** SMPP: fixed username bypass problem
*** SMPP: fixed password validation
*** SNMP: fixed GSM mSignal OID value type
*** SNMP: fixed GSM module memory leaks
*** SSTP: fixed functionality when the default route option is not enabled
*** Web Filter: fixed whitelist not working for some hosts when using IPv6
** <b>System</b>
*** Administration: fixed repeated validation on cleared inputs and added validation when new password matches the old one
*** API Core: fixed API method validation during upload action
*** API Core: fixed error messages for POST method
*** API Core: fixed option list validation
*** Boot: fixed factory settings restore (firstboot) not deleting hidden files
*** Events Log: fixed refresh button in event log table
*** IP Block: fixed adding MAC addresses back to whitelist when unblocking all of them
*** Memory Expansion: fixed enable validation
*** Recipients: made phone number field required
*** Setup Wizard: fixed lan ip step not changing ip address
*** Troubleshoot: fixed system log and kernel log buttons to be enabled with read only rights
*** Update Firmware: fixed misleading "Firmware version" status of "N/A" to "FOTA service is disabled" when FOTA is disabled
*** Update Firmware: fixed issue when infinite spinner appears after updating device firmware from server without having internet connection
* <b>CVE Patches</b>
** Patched CVE-2023-52425
** Patched CVE-2023-52530
** Patched CVE-2024-25629
** Patched CVE-2024-28757
----
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.7.3/RUTX/RUTX_R_00.07.07.3_WEBUI.bin RUTX_R_00.07.07.3]</span></b> | 2024.06.25===
* <b>Fix</b>
** <b>Network</b>
*** WebUI: fixed port advertisement change
** <b>System</b>
*** FOTA: fixed config when upgrading from older firmware with keep settings
* <b>CVE Patches</b>
** CVE-2024-31950
** CVE-2024-31951
----
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.7.2/RUTX/RUTX_R_00.07.07.2_WEBUI.bin RUTX_R_00.07.07.2]</span></b> | 2024.06.12===
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.7.2/RUTX/RUTX_R_00.07.07.2_WEBUI.bin RUTX_R_00.07.07.2]</span></b> | 2024.06.12===
* <b>Improvements</b>
** <b>Network</b>
*** Zerotier: added backup WAN interface blacklisting if WAN failover is enabled
** <b>Services</b>
*** SNMP: added bruteforce attack prevention when using SNMP v3 user
*** L2TP: improved reconnect attempt logic
** <b>System</b>
*** SSH: removed weak SSH algorithms
*** Telnet: moved to Package Manager
* <b>Fix</b>
** <b>Network</b>
*** BGP: fixed instance migration issues
*** HNAT: fixed cases of unintended forwarding when LAN and WAN subnets overlap
*** HNAT: fixed instances of device misrouting packets to wired LAN when 'Hardware Flow Offloading' was enabled
** <b>Services</b>
*** DMVPN: fixed duplicate NHRP map entries creation
*** OpenVPN: added fixes for the insecure tls-cert-profile option usage
** <b>System</b>
*** IP Block: fixed blocking of UDP traffic
* <b>CVE Patches</b>
** CVE-2024-31948
----
----
* Global changelog for <b>R_00.07.07.2</b> - [[Global RUTOS changelog#R_00.07.07.2|LINK]]
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.7.1/RUTX/RUTX_R_00.07.07.1_WEBUI.bin RUTX_R_00.07.07.1]</span></b> | 2024.05.03===
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.7.1/RUTX/RUTX_R_00.07.07.1_WEBUI.bin RUTX_R_00.07.07.1]</span></b> | 2024.05.03===
----
----
Line 537: Line 719:
*** Patched CVE-2023-29469 vulnerability
*** Patched CVE-2023-29469 vulnerability
*** Patched CVE-2023-31490 vulnerability
*** Patched CVE-2023-31490 vulnerability
*** Patched CVE-2023-36369 vulnerability
*** Patched CVE-2021-36369 vulnerability
*** Patched CVE-2023-40283 vulnerability
*** Patched CVE-2023-40283 vulnerability
*** Patched CVE-2023-48174 vulnerability
*** Patched CVE-2023-48174 vulnerability