Releases: AdguardTeam/AdGuardHome
AdGuard Home v0.107.31
A hotfix release to fix two major issues in the previous release.
Full changelog
See also the v0.107.31 GitHub milestone.
Fixed
AdGuard Home v0.108.0-b.35
Changes compared to the previous beta, v0.108.0-b.34. See CHANGELOG.md for all changes.
Full changelog
Security
- Go version has been updated to prevent the possibility of exploiting the CVE-2023-29402, CVE-2023-29403, and CVE-2023-29404 Go vulnerabilities fixed in Go 1.19.10.
Added
- The ability to edit rewrite rules via
PUT /control/rewrite/update
HTTP API (#1577).
Fixed
-
Unquoted IPv6 bind hosts with trailing colons erroneously considered unspecified addresses are now properly validated (#5752).
NOTE: the Docker healthcheck script now also doesn't interpret the
""
value as unspecified address. -
Incorrect
Content-Type
header value inPOST /control/version.json
andGET /control/dhcp/interfaces
HTTP APIs (#5716).
AdGuard Home v0.107.30
A small bugfix and security release. We are working on new features in future releases.
Full changelog
See also the v0.107.30 GitHub milestone.
Security
- Go version has been updated to prevent the possibility of exploiting the CVE-2023-29402, CVE-2023-29403, and CVE-2023-29404 Go vulnerabilities fixed in Go 1.19.10.
Fixed
-
Unquoted IPv6 bind hosts with trailing colons erroneously considered unspecified addresses are now properly validated (#5752).
NOTE: the Docker healthcheck script now also doesn't interpret the
""
value as unspecified address. -
Incorrect
Content-Type
header value inPOST /control/version.json
andGET /control/dhcp/interfaces
HTTP APIs (#5716). -
Provided bootstrap servers are now used to resolve the hostnames of plain UDP/TCP upstream servers.
AdGuard Home v0.108.0-b.34
Changes compared to the previous beta, v0.108.0-b.33. See CHANGELOG.md for all changes.
Full changelog
Added
- The ability to exclude client activity from the query log or statistics by editing client's settings on the respective page in the UI (#1717, #4299).
Changed
- Stored DHCP leases moved from
leases.db
todata/leases.json
. The file format has also been optimized.
Fixed
-
Provided bootstrap servers are now used to resolve the hostnames of plain UDP/TCP upstream servers.
-
The
github.com/mdlayher/raw
dependency has been temporarily returned to support raw connections on Darwin (#5712). -
Incorrect recording of blocked results as “Blocked by CNAME or IP” in the query log (#5725).
-
All Safe Search services are unchecked by default.
-
Panic when a DNSCrypt stamp is invalid (#5721).
AdGuard Home v0.107.29
Our previous release took place on the International Day of Human Space Flight, but it seems like our rocket was not able to take off smoothly 😅. In this release, we're fixing a few annoying bugs as well as putting a shine on the client ignoring feature.
Full changelog
See also the v0.107.29 GitHub milestone.
Added
- The ability to exclude client activity from the query log or statistics by editing client's settings on the respective page in the UI (#1717, #4299).
Changed
- Stored DHCP leases moved from
leases.db
todata/leases.json
. The file format has also been optimized.
Fixed
-
The
github.com/mdlayher/raw
dependency has been temporarily returned to support raw connections on Darwin (#5712). -
Incorrect recording of blocked results as “Blocked by CNAME or IP” in the query log (#5725).
-
All Safe Search services are unchecked by default.
-
Panic when a DNSCrypt stamp is invalid (#5721).
AdGuard Home v0.108.0-b.33
Changes compared to the previous beta, v0.108.0-b.32. See CHANGELOG.md for all changes.
Full changelog
Added
-
The ability to exclude client activity from the query log or statistics by using the new properties
ignore_querylog
andignore_statistics
of the items of theclients.persistent
array (#1717, #4299). The UI changes are coming in the upcoming releases. -
Better profiling information when
debug_pprof
is set totrue
. -
IPv6 support in Safe Search for some services.
Fixed
AdGuard Home v0.107.28
Finally, a nice big update with lots of new features 😌. Among them, we want to highlight a couple of noticeable quality-of-life changes that have been requested for a long time.
Global protection pause
First of all, there's now a way to pause protection for a set period, ranging from 30 seconds to an entire day. This is great for when you need to access a site that's mistakenly blocked, or when you want to temporarily disable AdGuard Home without turning it off completely.
Once the pause time is out, AdGuard Home will switch protection back on.
Better Safe Search controls
Secondly, you can now fine-tune Safe Search settings by enabling or disabling it for specific services like Google, Bing, YouTube, and more.
The same can be done on a per-client basis as well. Another minor improvement to the Safe Search is better support for IPv6 addresses.
Acknowledgements
A special thanks to our open-source contributor, @Gobd, as well as to everyone who filed and inspected issues, added translations, and helped us test this release!
Full changelog
See also the v0.107.28 GitHub milestone.
Added
-
The ability to exclude client activity from the query log or statistics by using the new properties
ignore_querylog
andignore_statistics
of the items of theclients.persistent
array (#1717, #4299). The UI changes are coming in the upcoming releases. -
Better profiling information when
debug_pprof
is set totrue
. -
IPv6 support in Safe Search for some services.
-
The ability to make bootstrap DNS lookups prefer IPv6 addresses to IPv4 ones using the new
dns.bootstrap_prefer_ipv6
configuration file property (#4262). -
Docker container's healthcheck (#3290).
-
The new HTTP API
POST /control/protection
, that updates protection state and adds an optional pause duration (#1333). The format of request body is described inopenapi/openapi.yaml
. The duration of this pause could also be set with the propertyprotection_disabled_until
in thedns
object of the YAML configuration file. -
The ability to create a static DHCP lease from a dynamic one more easily (#3459).
-
Two new HTTP APIs,
PUT /control/stats/config/update
andGET control/stats/config
, which can be used to set and receive the query log configuration. Seeopenapi/openapi.yaml
for the full description. -
Two new HTTP APIs,
PUT /control/querylog/config/update
andGET control/querylog/config
, which can be used to set and receive the statistics configuration. Seeopenapi/openapi.yaml
for the full description. -
The ability to set custom IP for EDNS Client Subnet by using the DNS-server configuration section on the DNS settings page in the UI (#1472).
-
The ability to manage Safe Search for each service by using the new
safe_search
property (#1163).
Changed
- ARPA domain names containing a subnet within private networks now also considered private, behaving closer to RFC 6761 (#5567).
Configuration Changes
In this release, the schema version has changed from 17 to 20.
-
Property
statistics.interval
, which in schema versions 19 and earlier used to be an integer number of days, is now a string with a human-readable duration:# BEFORE: 'statistics': # … 'interval': 1 # AFTER: 'statistics': # … 'interval': '24h'
To rollback this change, convert the property back into days and change the
schema_version
back to19
. -
The
dns.safesearch_enabled
property has been replaced withsafe_search
object containing per-service settings. -
The
clients.persistent.safesearch_enabled
property has been replaced withsafe_search
object containing per-service settings.# BEFORE: 'safesearch_enabled': true # AFTER: 'safe_search': 'enabled': true 'bing': true 'duckduckgo': true 'google': true 'pixabay': true 'yandex': true 'youtube': true
To rollback this change, move the value of
dns.safe_search.enabled
into thedns.safesearch_enabled
, then removedns.safe_search
property. Do the same client's specificclients.persistent.safesearch
and then change theschema_version
back to17
.
Deprecated
-
The
POST /control/safesearch/enable
HTTP API is deprecated. Use the newPUT /control/safesearch/settings
API. -
The
POST /control/safesearch/disable
HTTP API is deprecated. Use the newPUT /control/safesearch/settings
API -
The
safesearch_enabled
property is deprecated in the following HTTP APIs:GET /control/clients
;POST /control/clients/add
;POST /control/clients/update
;GET /control/clients/find?ip0=...&ip1=...&ip2=...
.
Check
openapi/openapi.yaml
for more details. -
The
GET /control/stats_info
HTTP API; use the newGET /control/stats/config
API instead.NOTE: If interval is custom then it will be equal to
90
days for compatibility reasons. Seeopenapi/openapi.yaml
andopenapi/CHANGELOG.md
. -
The
POST /control/stats_config
HTTP API; use the newPUT /control/stats/config/update
API instead. -
The
GET /control/querylog_info
HTTP API; use the newGET /control/querylog/config
API instead.NOTE: If interval is custom then it will be equal to
90
days for compatibility reasons. Seeopenapi/openapi.yaml
andopenapi/CHANGELOG.md
. -
The
POST /control/querylog_config
HTTP API; use the newPUT /control/querylog/config/update
API instead.
Fixed
- Logging of the client's IP address after failed login attempts (#5701).
AdGuard Home v0.108.0-b.32
Changes compared to the previous beta, v0.108.0-b.31. See CHANGELOG.md for all changes.
Full changelog
Security
- Go version has been updated to prevent the possibility of exploiting the CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, and CVE-2023-24538 Go vulnerabilities fixed in Go 1.19.8.
Added
- The ability to make bootstrap DNS lookups prefer IPv6 addresses to IPv4 ones using the new
dns.bootstrap_prefer_ipv6
configuration file property (#4262).
AdGuard Home v0.107.27
This is a security and bugfix release. There are no changes besides the update of the Go programming language version and fixes to a few bugs.
More substantial changes are to come in the subsequent updates.
Full changelog
See also the v0.107.27 GitHub milestone.
Security
- Go version has been updated to prevent the possibility of exploiting the CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, and CVE-2023-24538 Go vulnerabilities fixed in Go 1.19.8.
Fixed
AdGuard Home v0.108.0-b.31
Changes compared to the previous beta, v0.108.0-b.30. See CHANGELOG.md for all changes.
A special thanks to our open-source contributor, @Gobd, as well as to everyone who filed and inspected issues, added translations, and helped us test this release!
Full changelog
Added
-
Docker container's healthcheck (#3290).
-
The new HTTP API
POST /control/protection
, that updates protection state and adds an optional pause duration (#1333). The format of request body is described inopenapi/openapi.yaml
. The duration of this pause could also be set with the config fieldprotection_disabled_until
indns
section of the YAML configuration file. -
The ability to create a static DHCP lease from a dynamic one more easily (#3459).
-
Two new HTTP APIs,
PUT /control/stats/config/update
andGET control/stats/config
, which can be used to set and receive the query log configuration. See openapi/openapi.yaml for the full description. -
Two new HTTP APIs,
PUT /control/querylog/config/update
andGET control/querylog/config
, which can be used to set and receive the statistics configuration. See openapi/openapi.yaml for the full description. -
The ability to set custom IP for EDNS Client Subnet by using the DNS-server configuration section on the DNS settings page in the UI (#1472).
-
The ability to manage safesearch for each service by using the new
safe_search
field (#1163).
Changed
- ARPA domain names containing a subnet within private networks now also considered private, behaving closer to RFC 6761 (#5567).
Configuration Changes
In this release, the schema version has changed from 17 to 20.
-
Property
statistics.interval
, which in schema versions 19 and earlier used to be an integer number of days, is now a string with a human-readable duration:# BEFORE: 'statistics': # … 'interval': 1 # AFTER: 'statistics': # … 'interval': '24h'
To rollback this change, convert the property back into days and change the
schema_version
back to19
. -
The
dns.safesearch_enabled
field has been replaced withsafe_search
object containing per-service settings. -
The
clients.persistent.safesearch_enabled
field has been replaced withsafe_search
object containing per-service settings.# BEFORE: 'safesearch_enabled': true # AFTER: 'safe_search': 'enabled': true 'bing': true 'duckduckgo': true 'google': true 'pixabay': true 'yandex': true 'youtube': true
To rollback this change, move the value of
dns.safe_search.enabled
into thedns.safesearch_enabled
, then removedns.safe_search
field. Do the same client's specificclients.persistent.safesearch
and then change theschema_version
back to17
.
Deprecated
-
The
POST /control/safesearch/enable
HTTP API is deprecated. Use the newPUT /control/safesearch/settings
API. -
The
POST /control/safesearch/disable
HTTP API is deprecated. Use the newPUT /control/safesearch/settings
API -
The
safesearch_enabled
field is deprecated in the following HTTP APIs:GET /control/clients
;POST /control/clients/add
;POST /control/clients/update
;GET /control/clients/find?ip0=...&ip1=...&ip2=...
.
Check
openapi/openapi.yaml
for more details. -
The
GET /control/stats_info
HTTP API; use the newGET /control/stats/config
API instead.NOTE: If interval is custom then it will be equal to
90
days for compatibility reasons. See openapi/openapi.yaml andopenapi/CHANGELOG.md
. -
The
POST /control/stats_config
HTTP API; use the newPUT /control/stats/config/update
API instead. -
The
GET /control/querylog_info
HTTP API; use the newGET /control/querylog/config
API instead.NOTE: If interval is custom then it will be equal to
90
days for compatibility reasons. See openapi/openapi.yaml andopenapi/CHANGELOG.md
. -
The
POST /control/querylog_config
HTTP API; use the newPUT /control/querylog/config/update
API instead.