TRB145 Firmware Downloads: Difference between revisions
no edit summary
Gytispieze (talk | contribs) m (Text replacement - "---- * Global changelog for <b>R_00.07.07.3</b> - LINK" to "* <b>Fix</b> ** <b>Network</b> *** WebUI: fixed port advertisement change ** <b>System</b> *** FOTA: fixed config when upgrading from older firmware with keep settings * <b>CVE Patches</b> ** CVE-2024-31950 ** CVE-2024-31951 ----") |
Gytispieze (talk | contribs) No edit summary |
||
| (3 intermediate revisions by the same user not shown) | |||
| Line 7: | Line 7: | ||
==Changelog== | ==Changelog== | ||
<!--NEW_FW--> | <!--NEW_FW--> | ||
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.8/TRB1/TRB1_R_00.07.08_WEBUI.bin TRB1_R_00.07.08]</span></b> | 2024.07.18=== | |||
* <b>New</b> | |||
** <b>Network</b> | |||
*** DNS: added inherited server status to configuration page | |||
*** HTTPS DNS Proxy: added new HTTPS DNS Proxy package to package manager | |||
*** Mobile: added SIM card lock/unlock functionality in Mobile->Utilities page | |||
*** Mobile: added SIM card PIN change functionality in Mobile->Utilities page | |||
*** Mobile: added new Mobile->Limits page which shows information and allows to configure Data and SMS limits | |||
*** Mobile: added DFOTA support for RG520N modems | |||
*** Mobile: added nr-arfcn display to mobile status page | |||
*** Mobile: added dfota support for devices with RG520N-EB modem | |||
** <b>Services</b> | |||
*** Data to Server: added 'Lua script' data input | |||
*** Input/Output: added ability to configure gpio debounce timer and changed default gpio debounce timer value from 200 ms to 10 ms | |||
*** IPsec: added initial XFRM support | |||
*** MQTT Modbus Gateway: added JSON message type format | |||
*** OpenVPN: added DCO support | |||
** <b>System</b> | |||
*** API Core: added option to configure api session timeout | |||
*** Certificates: added "Let's encrypt" certificate generation | |||
*** PAM: added RADIUS external user support | |||
*** UI Core: added data analytics support | |||
*** Update Firmware: added warning message about device being temporarily unreachable on firmware update | |||
* <b>Improvements</b> | |||
** <b>Network</b> | |||
*** DNS: separated field "DNS forwardings" into two: one for simple server forwarding other for domain-specific | |||
*** DNS: moved "DNS Forwardings", "Listen interfaces", "Exclude interfaces", "Local service only", options to advanced tab | |||
*** Firewall: improved protocol field in all firewall pages by making that "All" value would be mutually exclusive with any other value | |||
*** Mobile: improved IMS context initialization | |||
*** Mobile: updated SMS memory management for multipart SMS | |||
*** Mobile: added error message when attempting to enable the SIM switch without any criteria set | |||
*** Mobile: added informative message in SIM switch page when Data/SMS limit criteria are enabled but the limits themselves are not set up | |||
*** Mobile: moved operator list allowlist/blocklist selection to Network selection page | |||
*** Mobile: refactored Scanned operators modal, added repeat scan button | |||
*** Mobile: added ability to view previously scanned operators in Network selection and Operator lists pages | |||
*** Mobile: added ability to edit operator list name and initiate scans for operators in Operator lists page | |||
*** Mobile: updated operator code field list to include APNs from the APN database in Operator lists page | |||
*** Mobile: split Mobile->General page into three pages: General, Connection and Utilities pages | |||
*** Mobile: added mobile interface with highest priority APN configuration in Mobile->General page | |||
*** Mobile: added icons with hints which show SIM card, operator, data connection statuses in Mobile->General page | |||
*** Mobile: moved Mobile data limit section to a tab in WAN page | |||
*** Mobile: added informative message in WAN page to indicate whether the connection will be made using APN from APN database, empty or custom APN | |||
*** Mobile: improved logging of ping error messages | |||
*** Mobile: added 5G SA/NSA mode selection | |||
*** Mobile: improved modem updater to stop ping reboot service while update is in progress | |||
*** Mobile: improved the handling of denied messages upon SIM switch | |||
*** Mobile: added notification when a multi-IMSI SIM card is using Auto APN | |||
*** Mobile: added validation to not allow passthrough and bridge mode when one already exists | |||
*** Mobile: improved safeguards for modem services startup | |||
*** Mobile: improved modem update status display | |||
*** Mobile: added corrupted mobile statistics database restoration functionallity | |||
*** Mobile: improved setting of IPv4 and IPv6 types inside the modules | |||
*** Mobile: improved provider name parsing for SLM750 modem | |||
*** Multi WAN: improved interface status representation when using load balancing | |||
*** Network: added more options for "IPv6 assignment length" field | |||
** <b>Services</b> | |||
*** Azure IoT Hub: added DPS symmetric key attestation support | |||
*** Azure IoT Hub: added Direct Method support | |||
*** Azure IoT Hub: added Plug and Play integration | |||
*** Azure IoT Hub: added link to "Data to Server" page | |||
*** Data to Server: added support for multiple filters | |||
*** Data to Server: improved HTTP output hostname definition with automatic protocol specification in URL | |||
*** Data to Server: improved MQTT input connection handling | |||
*** DNP3 Client: added option to enable/disable service | |||
*** GRE: increased Inbound and Outbound key limit to 4294967295 | |||
*** Input/Output: added custom name support in I/O status page | |||
*** IPsec: added certificate warning message | |||
*** Mobile Utilities: added interface option to sms_utils cellular command | |||
*** Mobile Utilities: improved error log message | |||
*** Mobile Utilities: improved naming of I/O pins in initial I/O status rule | |||
*** Mobile Utilities: sms utilities authentication brute force prevention | |||
*** Modbus Server: added mobile last month and last week usage registers | |||
*** Modem Control: disabled canonical mode by default for partial mode. Now full/partial mode input from serial port works the same way | |||
*** Mosquitto: added large package size check for MQTT clients | |||
*** MQTT Modbus Gateway: improved mosquitto reconnect time and service will try to recover few times before exiting | |||
*** MQTT Publisher: improved MQTT connection handling | |||
*** OPC UA Client: added security modes | |||
*** OPC UA Server: added security modes | |||
*** OPC UA Server: added service status display | |||
*** OpenVPN: added support for decrypting private key when uploading a configuration file | |||
*** OpenVPN: improved instance status state | |||
*** OpenVPN: added options to specify an IP address pool for dynamic assignment to clients | |||
*** Over IP: added label to show how many servers a client is connected to | |||
*** Over IP: connect on data feature will not disconnect immediately after data transfer but wait for inactivity timeout | |||
*** Over IP: increased TLS handshake timeout to 10 seconds | |||
*** SMPP: added brute-force prevention | |||
*** SMPP: added TLS/SSL support | |||
*** SMS Utilities: added security warning in "Authorization method" configuration | |||
*** SNMP: changed interface module OID structure | |||
*** SNMP: improved User-based Security Model (USM) brute force attack prevention measures | |||
*** Stunnel: improved global instance settings dependencies | |||
*** emailrelay: updated version to 2.4.1 | |||
*** OpenVPN: updated version to 2.6.9 | |||
*** stunnel: updated version to 5.72 | |||
** <b>System</b> | |||
*** Access Control: added certificate key length warnings | |||
*** Access Control: adjusted access control when all pages are blocked | |||
*** Access Control: added certificate file download for CLI to work on all browsers | |||
*** API Core: implemented functionality to include warning messages for vulnerable certificates | |||
*** Boot: improved modem startup reliability | |||
*** Package Manager: added multi package actions | |||
*** Package Manager: added status filter | |||
*** Package Manager: moved package upload action to main page | |||
*** Package Manager: added links to installed packages pages | |||
*** Package Manager: refactored "Packages" page | |||
*** Package Manager: updated opkg repository link to use https | |||
*** RutOS: improved GPL example page to align with new software architecture | |||
*** Troubleshoot: refactored Modem debug section to display responses in single field, added clear button to remove received responses | |||
*** Troubleshoot: added support for multiple syslog servers | |||
*** UI Core: added additional message with IP address to loading screen for scenarios when redirect to different IP address happens | |||
*** UI Core: added toast message hiding when text is too long | |||
*** Update Firmware: added 'Firmware version' data in screen after firmware upload | |||
*** WebUI: added functionality to cancel loading screen if it takes 30 or more seconds | |||
*** WebUI: removed all ubus method calls from webui | |||
*** WebUI: improved language caching | |||
*** WebUI: added password generator for first login modal | |||
*** WebUI: added sticky position to side menu | |||
*** WebUI: added default password hint to login error message | |||
*** WebUI: added warning messages for low-security certificates | |||
*** Kernel: updated version to 5.4.276 | |||
*** libexpat: updated version to 2.6.2 | |||
*** SSL/TLS: updated version to 3.0.14 | |||
*** vue: updated version to 3.4 | |||
* <b>Fix</b> | |||
** <b>Network</b> | |||
*** Devices: fixed missing API devices status endpoint permission | |||
*** DHCP: fixed "DHCP option" allow empty input value | |||
*** DHCP: fixed IPv4 leases being not correctly shown when NTP synchronizes time | |||
*** DHCP: fixed DHCP error that occurred after changing the subnet of the LAN IP address in the setup wizard | |||
*** Dynamic routes: fixed duplicated external routes cards | |||
*** Firewall: fixed firewall zone validation when adding interfaces | |||
*** Mobile: fixed low signal reconnect being available on modems where it is not supported | |||
*** Mobile: fixed gsmctl -E output to return only json values | |||
*** Mobile: fixed Carrier Aggregation signal strength info | |||
*** Mobile: fixed wrong mobile data limit used data format for sms messages | |||
*** Mobile: fixed duplicate data connection event reporting | |||
*** Mobile: fixed an issue where low signal notifications were displayed without a SIM card | |||
*** Mobile: fixed modem serial number acquisition after modem reboot | |||
*** Mobile: fixed an issue when 4G-only network type selection may have resulted in a slower connection to the operator | |||
*** Mobile: fixed issue where USSD responses were returned in HEX format instead of text format for EC200A module | |||
*** Mobile: fixed issue where DHCP filter was not set correctly for RG501Q | |||
*** Mobile: fixed modem restart using gsmctl | |||
*** Mobile: fixed an issue where the wrong IP address was used after a DFOTA upgrade | |||
*** Network: fixed overriding MAC address for interfaces that are bridged | |||
*** Network: fixed not getting IP address when switching LAN to WAN | |||
*** Realtime Traffic: fixed mobile usage by week day translation by device language | |||
*** SQM: fixed missing PPP mobile device selection in SQM configuration | |||
** <b>Services</b> | |||
*** BACnet: fixed incorrect BACnet IP port used for sending responses | |||
*** BGP: fixed route map sequence going out of range | |||
*** BGP: fixed listen range field allowing multiple entries | |||
*** Call Utilities: fixed table header switch to be disabled if no rules were created | |||
*** DLMS: fixed DLMS test response format | |||
*** DLMS: fixed COSEM group validation | |||
*** DLMS: fixed API POST error for /dlms/devices/config endpoint | |||
*** DLMS: fixed serial connection not working after reboot | |||
*** DNP3 Client: fixed to allow reading objects past 255 index | |||
*** DNP3 Client: fixed incorrect hints | |||
*** DNP3 Outstation: fixed serial outstation starting issues | |||
*** I/O Juggler: fixed improper dout action config handling | |||
*** I/O Juggler: updated profile change action | |||
*** Input/Output: allow unselecting all Post/Get access methods | |||
*** Input/Output: fixed issue when onewire configuration is not saved | |||
*** IPsec: fixed connectivity issues when using WAN failover | |||
*** IPsec: fixed the instance status when the local firewall option is disabled | |||
*** Ledman: fixed issue when after some time network type LED starts blinking | |||
*** Modbus Client: fixed test request option validation | |||
*** Modbus Client: fixed alarm output action display values | |||
*** Modbus Client: fixed incorrect period hint | |||
*** Modbus Server: fixed APN register not clearing APN | |||
*** Modbus Server: fixed 148 and 164 modbus registers | |||
*** Modbus Server: fixed incorrect hints | |||
*** Modem Control: fixed API POST request validation | |||
*** NTRIP: fixed NTRIP NMEA generation timestamp and coordinates errors | |||
*** NTRIP: fixed configuration reading with several instances added | |||
*** OPC UA Server: fixed not starting while modem is down | |||
*** OpenVPN: fixed displaying imported files from device | |||
*** OpenVPN: fixed the private key decryption for cases when a password is used | |||
*** OpenVPN: fixed data cipher migration | |||
*** Over IP: fixed issue where serial device does not recover after modem reboot | |||
*** Over IP: fixed connect on data initiating TCP connection after few data transfers | |||
*** Overview: fixed issue when devices without WiFi send additional request without data | |||
*** SMPP: fixed username bypass problem | |||
*** SMPP: fixed password validation | |||
*** SMS Gateway: fixed SMS to Email recipient formatting according to RFC5322 | |||
*** SNMP: fixed GSM mSignal OID value type | |||
*** SNMP: fixed GSM module memory leaks | |||
*** SSTP: fixed functionality when the default route option is not enabled | |||
*** Web Filter: fixed whitelist not working for some hosts when using IPv6 | |||
** <b>System</b> | |||
*** Administration: fixed repeated validation on cleared inputs and added validation when new password matches the old one | |||
*** API Core: fixed API method validation during upload action | |||
*** API Core: fixed error messages for POST method | |||
*** API Core: fixed option list validation | |||
*** Boot: fixed factory settings restore (firstboot) not deleting hidden files | |||
*** Events Log: fixed refresh button in event log table | |||
*** IP Block: fixed adding MAC addresses back to whitelist when unblocking all of them | |||
*** Recipients: made phone number field required | |||
*** Setup Wizard: fixed lan ip step not changing ip address | |||
*** Troubleshoot: fixed system log and kernel log buttons to be enabled with read only rights | |||
*** Update Firmware: fixed misleading "Firmware version" status of "N/A" to "FOTA service is disabled" when FOTA is disabled | |||
*** Update Firmware: fixed issue when infinite spinner appears after updating device firmware from server without having internet connection | |||
* <b>CVE Patches</b> | |||
** Patched CVE-2023-52425 | |||
** Patched CVE-2023-52530 | |||
** Patched CVE-2024-25629 | |||
** Patched CVE-2024-28757 | |||
---- | |||
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.7.3/TRB1/TRB1_R_00.07.07.3_WEBUI.bin TRB1_R_00.07.07.3]</span></b> | 2024.06.25=== | ===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.7.3/TRB1/TRB1_R_00.07.07.3_WEBUI.bin TRB1_R_00.07.07.3]</span></b> | 2024.06.25=== | ||
* <b>Fix</b> | * <b>Fix</b> | ||
** <b>System</b> | ** <b>System</b> | ||
*** FOTA: fixed config when upgrading from older firmware with keep settings | *** FOTA: fixed config when upgrading from older firmware with keep settings | ||
| Line 42: | Line 248: | ||
---- | ---- | ||
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.7.1/TRB1/TRB1_R_00.07.07.1_WEBUI.bin TRB1_R_00.07.07.1]</span></b> | 2024.05.03=== | ===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.7.1/TRB1/TRB1_R_00.07.07.1_WEBUI.bin TRB1_R_00.07.07.1]</span></b> | 2024.05.03=== | ||
* <b>New</b> | * <b>New</b> | ||
** <b>Network</b> | ** <b>Network</b> | ||
| Line 187: | Line 392: | ||
** CVE-2024-27913 | ** CVE-2024-27913 | ||
** CVE-2024-22365 | ** CVE-2024-22365 | ||
---- | |||
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.10/TRB1/TRB1_R_00.07.06.10_WEBUI.bin TRB1_R_00.07.06.10]</span></b> | 2024.04.04=== | ===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.10/TRB1/TRB1_R_00.07.06.10_WEBUI.bin TRB1_R_00.07.06.10]</span></b> | 2024.04.04=== | ||
* <b>Fix</b> | |||
** <b>System</b> | |||
*** Ledman: fixed memory leak | |||
---- | ---- | ||
===<b>TRB1_R_00.07.06.8</b> | 2024.03.25=== | ===<b>TRB1_R_00.07.06.8</b> | 2024.03.25=== | ||
Firmware <b>R_00.07.06.8</b> was removed due to an issue with inefficient memory allocation for LED control. | |||
* <b>New</b> | |||
** <b>WebUI</b> | |||
*** Added eSIM support | |||
* <b>Improvements</b> | |||
** <b>Services</b> | |||
*** IPSec: disabled libgmp in favor of openssl | |||
*** IPSec: updated Strongswan to 5.9.6 | |||
* <b>Fix</b> | |||
** <b>Services</b> | |||
*** IPSec: increased charon load timeout | |||
*** IPSec: fixed loading of large private keys | |||
---- | ---- | ||
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.6/TRB1/TRB1_R_00.07.06.6_WEBUI.bin TRB1_R_00.07.06.6]</span></b> | 2024.03.04=== | ===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.6/TRB1/TRB1_R_00.07.06.6_WEBUI.bin TRB1_R_00.07.06.6]</span></b> | 2024.03.04=== | ||
* <b>Improvements</b> | |||
** <b>System</b> | |||
*** Minified *.svg WebUI files to save space on the device | |||
*** Removed unused easy-rsa package to increase free space | |||
* <b>Fix</b> | |||
** <b>Network</b> | |||
*** Fixed mobile daily data usage representation | |||
** <b>Services</b> | |||
*** Fixed OverIP serial utility issue where after some time server mode can't accept incoming connections anymore | |||
---- | ---- | ||
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.5/TRB1/TRB1_R_00.07.06.5_WEBUI.bin TRB1_R_00.07.06.5]</span></b> | 2024.02.21=== | ===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.5/TRB1/TRB1_R_00.07.06.5_WEBUI.bin TRB1_R_00.07.06.5]</span></b> | 2024.02.21=== | ||
* <b>New</b> | |||
** <b>Network</b> | |||
*** Added support for multi line USSD | |||
* <b>Improvements</b> | |||
** <b>Network</b> | |||
*** Improved DMZ to use its source zone on port forwards creation | |||
** <b>System</b> | |||
*** Updated netifd version to 2024-01-04 | |||
*** Updated PPP package version to 2.4.9 | |||
*** Updated E2fsprogs package version to 1.47.0 | |||
*** Updated Musl package version to 1.2.4 | |||
* <b>Fix</b> | |||
** <b>Services</b> | |||
*** Fixed Modbus TCP Over Serial Gateway crash occurring at start up in some edge cases | |||
*** Fixed issue of OPC UA Server service not launching | |||
** <b>WebUI</b> | |||
*** Fixed action descriptions in the traffic rules table | |||
*** fixed BACnet allow remote access functionality | |||
** <b>System</b> | |||
*** Fixed year 2038 problem with time counter overflow | |||
---- | ---- | ||
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.4/TRB1/TRB1_R_00.07.06.4_WEBUI.bin TRB1_R_00.07.06.4]</span></b> | 2024.01.18=== | ===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.4/TRB1/TRB1_R_00.07.06.4_WEBUI.bin TRB1_R_00.07.06.4]</span></b> | 2024.01.18=== | ||
* <b>Improvements</b> | |||
** <b>Services</b> | |||
*** Increased DLMS Client connection timeout for TCP sockets | |||
* <b>Fix</b> | |||
** <b>Services</b> | |||
*** Fixed DLMS Client memory leak with profile generic COSEM class | |||
*** Fixed function 5 not working with high register numbers in MQTT Modbus Gateway service | |||
** <b>WebUI</b> | |||
*** Fixed Events Log sorting and search features | |||
** <b>System</b> | |||
*** Patched CVE-2024-0193 vulnerability | |||
*** Patched CVE-2023-51779 vulnerability | |||
*** Updated OpenSSH to 9.6p1 version, fixed CVE-2023-51385 and CVE-2023-51384 | |||
*** Fixed profile migrations, added error handling when trying to change profile while it is still applying | |||
---- | ---- | ||
===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.2/TRB1/TRB1_R_00.07.06.2_WEBUI.bin TRB1_R_00.07.06.2]</span></b> | 2024.01.04=== | ===<b><span class="plainlinks">[https://firmware.teltonika-networks.com/7.6.2/TRB1/TRB1_R_00.07.06.2_WEBUI.bin TRB1_R_00.07.06.2]</span></b> | 2024.01.04=== | ||
* <b>Fix</b> | * <b>Fix</b> | ||
| Line 603: | Line 862: | ||
*** Patched CVE-2023-29469 vulnerability | *** Patched CVE-2023-29469 vulnerability | ||
*** Patched CVE-2023-31490 vulnerability | *** Patched CVE-2023-31490 vulnerability | ||
*** Patched CVE- | *** Patched CVE-2021-36369 vulnerability | ||
*** Patched CVE-2023-48174 vulnerability | *** Patched CVE-2023-48174 vulnerability | ||
*** Delayed Custom Scripts execution on boot, after storage devices are mounted | *** Delayed Custom Scripts execution on boot, after storage devices are mounted | ||