Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update adguard/adguardhome Docker tag to v0.107.54 #207

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Oct 23, 2024

This PR contains the following updates:

Package Update Change
adguard/adguardhome (source) patch v0.107.52 -> v0.107.54

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.


Release Notes

AdguardTeam/AdGuardHome (adguard/adguardhome)

v0.107.54

Compare Source

See also the v0.107.54 GitHub milestone.

NOTE: Add new changes BELOW THIS COMMENT.
-->

Security
  • Incorrect handling of sensitive files permissions on Windows (#​7314).
Changed
  • Improved filtering performance (#​6818).
Fixed
  • Repetitive statistics log messages (#​7338).
  • Custom client cache (#​7250).
  • Missing runtime clients with information from the system hosts file on first
    AdGuard Home start (#​7315).

v0.107.53

Compare Source

See also the v0.107.53 GitHub milestone.

Security
  • Previous versions of AdGuard Home allowed users to add any system file it had
    access to as filters, exposing them to be world-readable. To prevent this,
    AdGuard Home now allows adding filtering-rule list files only from files
    matching the patterns enumerated in the filtering.safe_fs_patterns property
    in the configuration file.

    We thank @​itz-d0dgy for reporting this vulnerability, designated
    CVE-2024-36814, to us.

  • Additionally, AdGuard Home will now try to change the permissions of its files
    and directories to more restrictive ones to prevent similar vulnerabilities
    as well as limit the access to the configuration.

    We thank @​go-compile for reporting this vulnerability, designated
    CVE-2024-36586, to us.

  • Go version has been updated to prevent the possibility of exploiting the Go
    vulnerabilities fixed in 1.23.2.

Added
  • Support for 64-bit RISC-V architecture (#​5704).
  • Ecosia search engine is now supported in safe search (#​5009).
Changed
  • Upstream server URL domain names requirements has been relaxed and now follow
    the same rules as their domain specifications.
Configuration changes

In this release, the schema version has changed from 28 to 29.

  • The new array filtering.safe_fs_patterns contains glob patterns for paths of
    files that can be added as local filtering-rule lists. The migration should
    add list files that have already been added, as well as the default value,
    $DATA_DIR/userfilters/*.
Fixed
  • Property clients.runtime_sources.dhcp in the configuration file not taking
    effect.
  • Stale Google safe search domains list (#​7155).
  • Bing safe search from Edge sidebar (#​7154).
  • Text overflow on the query log page (#​7119).
Known issues
  • Due to the complexity of the Windows permissions architecture and poor support
    from the standard Go library, we have to postpone the proper automated Windows
    fix until the next release.

    Temporary workaround: Set the permissions of the AdGuardHome directory
    to more restrictive ones manually. To do that:

    1. Locate the AdGuardHome directory.
    2. Right-click on it and navigate to Properties → Security → Advanced.
    3. (You might need to disable permission inheritance to make them more
      restricted.)
    4. Adjust to give the Full control access to only the user which runs
      AdGuard Home. Typically, Administrator.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate renovate bot changed the title Update adguard/adguardhome Docker tag to v0.107.53 Update adguard/adguardhome Docker tag to v0.107.54 Nov 6, 2024
@renovate renovate bot force-pushed the renovate/adguard-adguardhome-0.x branch from 4081312 to ae2a695 Compare November 6, 2024 14:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant