|
|
本帖最后由 514422325 于 2017-5-13 21:44 编辑
Asuswrt-Merlin Changelog
========================
380.66 (12-May-2017)
- NEW: Merged with GPL 380_7378
Notable changes:
* Port forwards can select a specific source IP
* Security fixes for CVE-2017-5891, CVE-2017-5892
and CVE-2017-6547
Note:
* If you are experiencing new wifi stability
issues, try disabling Airtime Fairness on
the Wireless -> Professional page (on all
bands).
- NEW: Option to disable Wanduck's constant DNS probing
for WAN state (Tools -> Other Settings)
- NEW: Allow disabling the use of DH, by entering
"none" in the DH field for OpenVPN server config.
- NEW: Added new Internet redirection mode to OpenVPN clients
called "Policy Rule (Strict)". The difference from the
existing "Policy Rule" mode is that in strict mode,
only rules that specifically target the tunnel's
interface will be used. This ensures that you don't
leak traffic through global or other tunnel routes,
however it also means any static route you might have
defined at the WAN level will not be copied either.
- CHANGED: Ovpn importer now recognizes the "port" and
"reneg-sec" parameters.
- CHANGED: Ovpn importer now support a third argument for
the "remote" parameter, allowing to specify the
protocol.
- CHANGED: Updated Tor to 0.2.9.10
- CHANGED: Updated nano to 2.8.1
- CHANGED: Updated OpenVPN to 2.4.2
- CHANGED: Updated LZ4 to 1.7.5 (used by OpenVPN)
- CHANGED: SSL certificate generated for httpds will now
contain SANs for hostname, router.asus.com, IP
and DDNS hostname.
- CHANGED: Make minidlna always use the same uuid, based on
the LAN MAC (original patch by john9527)
- CHANGED: Better feedback provided when an ovpn file upload
generates a problem due to a key/cert that's
not provided inline. Inform the user which of
these he will need to manually provide.
- CHANGED: Disable bridge multicast_snooping, as this should be
unnecessary, and it could interfere with EMF, UPNP and
other multicast applications. Can be re-enabled from
the Tools -> Other Settings page.
- REMOVED: The Virtual Server page no longer allows users to
edit existing port forwards (our existing code is
incompatible with Asus's newer webui code and will
need to be re-implemented.)
- FIXED: WOL page fails to load if adding a client with a
quote in its name.
- FIXED: Couldn't add a DHCP reservation client if its name
contained a quote.
- FIXED: New outbound connections weren't logged if firewall
logging was enabled.
- FIXED: OpenVPN server didn't always work properly in udp mode
when in a dual stack IPv4/IPv6 environment (backport
from GPL 382_9736)
- FIXED: When disabling NCP support in OpenVPN, the router
could still be trying to use it if the remote end
had it enabled.
- FIXED: Potential CVE-2016-10229 security issue in kernel
(unsure whether our kernel was vulnerable or not)
- FIXED: ovpn file import would fail to import auth hash or
cipher if they weren't uppercase.
- FIXED: Couldn't edit SMB permissions if the disk had
multiple partitions (Asus bug) (patch by
Jeremy Goss)
- FIXED: Exporting a client.ovpn file with no existing CA
could generate garbled output in the generated
file.
更新机型: RT-AC5300
RT-AC3200
RT-AC3100
RT-AC88U
RT-AC87U/RT-AC87R
RT-AC68U/RT-AC1900/RT-AC66U B1/RT-AC68R
RT-AC66U
RT-AC56U
RT-N66U
链接: http://pan.baidu.com/s/1c2ks19I
|
|
/1 
苏公网安备 32050502000499号
窥视卡
雷达卡
发表于 2017-5-13 21:41:13
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡
