Update adguard/adguardhome Docker tag to v0.107.54 #207
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v0.107.52
->v0.107.54
Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
AdguardTeam/AdGuardHome (adguard/adguardhome)
v0.107.54
Compare Source
See also the v0.107.54 GitHub milestone.
NOTE: Add new changes BELOW THIS COMMENT.
-->
Security
Changed
Fixed
AdGuard Home start (#7315).
v0.107.53
Compare Source
See also the v0.107.53 GitHub milestone.
Security
Previous versions of AdGuard Home allowed users to add any system file it had
access to as filters, exposing them to be world-readable. To prevent this,
AdGuard Home now allows adding filtering-rule list files only from files
matching the patterns enumerated in the
filtering.safe_fs_patterns
propertyin the configuration file.
We thank @itz-d0dgy for reporting this vulnerability, designated
CVE-2024-36814, to us.
Additionally, AdGuard Home will now try to change the permissions of its files
and directories to more restrictive ones to prevent similar vulnerabilities
as well as limit the access to the configuration.
We thank @go-compile for reporting this vulnerability, designated
CVE-2024-36586, to us.
Go version has been updated to prevent the possibility of exploiting the Go
vulnerabilities fixed in 1.23.2.
Added
Changed
the same rules as their domain specifications.
Configuration changes
In this release, the schema version has changed from 28 to 29.
filtering.safe_fs_patterns
contains glob patterns for paths offiles that can be added as local filtering-rule lists. The migration should
add list files that have already been added, as well as the default value,
$DATA_DIR/userfilters/*
.Fixed
clients.runtime_sources.dhcp
in the configuration file not takingeffect.
Known issues
Due to the complexity of the Windows permissions architecture and poor support
from the standard Go library, we have to postpone the proper automated Windows
fix until the next release.
Temporary workaround: Set the permissions of the
AdGuardHome
directoryto more restrictive ones manually. To do that:
AdGuardHome
directory.restricted.)
Full control
access to only the user which runsAdGuard Home. Typically,
Administrator
.Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.