This is a small security-oriented update. This AdGuard Home version requires Go v1.17 and later to build, because older Go versions receive no further support, including security patches.
Aside from that, we've slightly updated $dnsrewrite modifier to support the user-defined Discovery of Designated Resolvers (DDR). We are planning on continuing to make more improvements to it in the future updates, see #4463.
The rest are minor changes and ever-present bugfixes.
Acknowledgements
A special thanks to our open-source contributor, @Hill-98, as well as to everyone who filed and inspected issues, added translations, and helped us test this release!
Full Changelog
See also the v0.107.6 GitHub milestone.
Security
User-AgentHTTP header removed from outgoing DNS-over-HTTPS requests.- Go version was updated to prevent the possibility of exploiting the CVE-2022-24675, CVE-2022-27536, and CVE-2022-28327 vulnerabilities.
Added
- Support for SVCB/HTTPS parameter
dohpathin filtering rules with thednsrewritemodifier according to the RFC draft (#4463).
Changed
- Filtering rules with the
dnsrewritemodifier that create SVCB or HTTPS responses should useechinstead ofechconfigto conform with the latest drafts.
Deprecated
- SVCB/HTTPS parameter name
echconfigin filtering rules with thednsrewritemodifier. Useechinstead. v0.109.0 will remove support for the outdated nameechconfig. - Obsolete
--no-mem-optimizationoption (#4437). v0.109.0 will remove the flag completely.
Fixed
-
I/O timeout errors when checking for the presence of another DHCP server.
-
Network interfaces being incorrectly labeled as down during installation.
-
Rules for blocking the QQ service (#3717).
Removed
- Go 1.16 support, since that branch of the Go compiler has reached end of life and doesn't receive security updates anymore.