diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index dbe2bad3762..bc2caa31258 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,7 +1,7 @@ 'name': 'build' 'env': - 'GO_VERSION': '1.18.6' + 'GO_VERSION': '1.18.7' 'NODE_VERSION': '14' 'on': diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 64719a3e71b..1028b6b10f4 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -1,7 +1,7 @@ 'name': 'lint' 'env': - 'GO_VERSION': '1.18.6' + 'GO_VERSION': '1.18.7' 'on': 'push': diff --git a/CHANGELOG.md b/CHANGELOG.md index 1e5ea68774e..fa81d81f68f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,18 +18,43 @@ and this project adheres to ## [v0.108.0] - TBA (APPROX.) --> +## Added + +- The ability to put [ClientIDs][clientid] into DNS-over-HTTPS hostnames as + opposed to URL paths ([#3418]). Note that AdGuard Home checks the server name + only if the URL does not contain a ClientID. + +[#3418]: https://github.com/AdguardTeam/AdGuardHome/issues/3418 + +[clientid]: https://github.com/AdguardTeam/AdGuardHome/wiki/Clients#clientid + +## [v0.107.16] - 2022-10-07 + +This is a security update. There is no GitHub milestone, since no GitHub issues +were resolved. + +## Security + +- Go version has been updated to prevent the possibility of exploiting the + CVE-2022-2879, CVE-2022-2880, and CVE-2022-41715 Go vulnerabilities fixed in + [Go 1.18.7][go-1.18.7]. + +[go-1.18.7]: https://groups.google.com/g/golang-announce/c/xtuG5faxtaU + + + ## [v0.107.15] - 2022-10-03 See also the [v0.107.15 GitHub milestone][ms-v0.107.15]. @@ -52,7 +77,7 @@ experimental and may break or change in the future. explicitly enabled by setting the new property `dns.serve_http3` in the configuration file to `true`. - DNS-over-HTTP upstreams can now upgrade to HTTP/3 if the new configuration - file property `use_http3_upstreams` is set to `true`. + file property `dns.use_http3_upstreams` is set to `true`. - Upstreams with forced DNS-over-HTTP/3 and no fallback to prior HTTP versions using the `h3://` scheme. @@ -166,7 +191,7 @@ See also the [v0.107.12 GitHub milestone][ms-v0.107.12]. ### Security -- Go version was updated to prevent the possibility of exploiting the +- Go version has been updated to prevent the possibility of exploiting the CVE-2022-27664 and CVE-2022-32190 Go vulnerabilities fixed in [Go 1.18.6][go-1.18.6]. @@ -287,7 +312,7 @@ See also the [v0.107.9 GitHub milestone][ms-v0.107.9]. ### Security -- Go version was updated to prevent the possibility of exploiting the +- Go version has been updated to prevent the possibility of exploiting the CVE-2022-32189 Go vulnerability fixed in [Go 1.18.5][go-1.18.5]. Go 1.17 support has also been removed, as it has reached end of life and will not receive security updates. @@ -330,7 +355,7 @@ See also the [v0.107.8 GitHub milestone][ms-v0.107.8]. ### Security -- Go version was updated to prevent the possibility of exploiting the +- Go version has been updated to prevent the possibility of exploiting the CVE-2022-1705, CVE-2022-32148, CVE-2022-30631, and other Go vulnerabilities fixed in [Go 1.17.12][go-1.17.12]. @@ -366,7 +391,7 @@ See also the [v0.107.7 GitHub milestone][ms-v0.107.7]. ### Security -- Go version was updated to prevent the possibility of exploiting the +- Go version has been updated to prevent the possibility of exploiting the [CVE-2022-29526], [CVE-2022-30634], [CVE-2022-30629], [CVE-2022-30580], and [CVE-2022-29804] Go vulnerabilities. - Enforced password strength policy ([#3503]). @@ -523,7 +548,7 @@ See also the [v0.107.6 GitHub milestone][ms-v0.107.6]. ### Security - `User-Agent` HTTP header removed from outgoing DNS-over-HTTPS requests. -- Go version was updated to prevent the possibility of exploiting the +- Go version has been updated to prevent the possibility of exploiting the [CVE-2022-24675], [CVE-2022-27536], and [CVE-2022-28327] Go vulnerabilities. ### Added @@ -578,7 +603,7 @@ were resolved. ### Security -- Go version was updated to prevent the possibility of exploiting the +- Go version has been updated to prevent the possibility of exploiting the [CVE-2022-24921] Go vulnerability. [CVE-2022-24921]: https://www.cvedetails.com/cve/CVE-2022-24921 @@ -591,7 +616,7 @@ See also the [v0.107.4 GitHub milestone][ms-v0.107.4]. ### Security -- Go version was updated to prevent the possibility of exploiting the +- Go version has been updated to prevent the possibility of exploiting the [CVE-2022-23806], [CVE-2022-23772], and [CVE-2022-23773] Go vulnerabilities. ### Fixed @@ -1328,11 +1353,12 @@ See also the [v0.104.2 GitHub milestone][ms-v0.104.2]. -[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.15...HEAD +[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.16...HEAD +[v0.107.16]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.15...v0.107.16 [v0.107.15]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.14...v0.107.15 [v0.107.14]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.13...v0.107.14 [v0.107.13]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.12...v0.107.13 diff --git a/Makefile b/Makefile index b4823bb73d1..cca890174ad 100644 --- a/Makefile +++ b/Makefile @@ -34,7 +34,7 @@ YARN_INSTALL_FLAGS = $(YARN_FLAGS) --network-timeout 120000 --silent\ --ignore-engines --ignore-optional --ignore-platform\ --ignore-scripts -V1API = 0 +NEXTAPI = 0 # Macros for the build-release target. If FRONTEND_PREBUILT is 0, the # default, the macro $(BUILD_RELEASE_DEPS_$(FRONTEND_PREBUILT)) expands @@ -63,7 +63,7 @@ ENV = env\ PATH="$${PWD}/bin:$$( "$(GO.MACRO)" env GOPATH )/bin:$${PATH}"\ RACE='$(RACE)'\ SIGN='$(SIGN)'\ - V1API='$(V1API)'\ + NEXTAPI='$(NEXTAPI)'\ VERBOSE='$(VERBOSE)'\ VERSION='$(VERSION)'\ diff --git a/bamboo-specs/release.yaml b/bamboo-specs/release.yaml index ddd957348a2..4232b734e80 100644 --- a/bamboo-specs/release.yaml +++ b/bamboo-specs/release.yaml @@ -7,7 +7,7 @@ # Make sure to sync any changes with the branch overrides below. 'variables': 'channel': 'edge' - 'dockerGo': 'adguard/golang-ubuntu:5.1' + 'dockerGo': 'adguard/golang-ubuntu:5.2' 'stages': - 'Build frontend': @@ -322,7 +322,7 @@ # need to build a few of these. 'variables': 'channel': 'beta' - 'dockerGo': 'adguard/golang-ubuntu:5.1' + 'dockerGo': 'adguard/golang-ubuntu:5.2' # release-vX.Y.Z branches are the branches from which the actual final release # is built. - '^release-v[0-9]+\.[0-9]+\.[0-9]+': @@ -337,4 +337,4 @@ # are the ones that actually get released. 'variables': 'channel': 'release' - 'dockerGo': 'adguard/golang-ubuntu:5.1' + 'dockerGo': 'adguard/golang-ubuntu:5.2' diff --git a/bamboo-specs/test.yaml b/bamboo-specs/test.yaml index fe26bd10f67..81796e1f273 100644 --- a/bamboo-specs/test.yaml +++ b/bamboo-specs/test.yaml @@ -5,7 +5,7 @@ 'key': 'AHBRTSPECS' 'name': 'AdGuard Home - Build and run tests' 'variables': - 'dockerGo': 'adguard/golang-ubuntu:5.1' + 'dockerGo': 'adguard/golang-ubuntu:5.2' 'stages': - 'Tests': diff --git a/client/src/__locales/en.json b/client/src/__locales/en.json index e059c9f4466..b986dea1c49 100644 --- a/client/src/__locales/en.json +++ b/client/src/__locales/en.json @@ -215,6 +215,7 @@ "example_upstream_udp": "regular DNS (over UDP, hostname);", "example_upstream_dot": "encrypted <0>DNS-over-TLS;", "example_upstream_doh": "encrypted <0>DNS-over-HTTPS;", + "example_upstream_doh3": "encrypted DNS-over-HTTPS with forced <0>HTTP/3 and no fallback to HTTP/2 or below;", "example_upstream_doq": "encrypted <0>DNS-over-QUIC;", "example_upstream_sdns": "<0>DNS Stamps for <1>DNSCrypt or <2>DNS-over-HTTPS resolvers;", "example_upstream_tcp": "regular DNS (over TCP);", @@ -605,7 +606,7 @@ "blocklist": "Blocklist", "milliseconds_abbreviation": "ms", "cache_size": "Cache size", - "cache_size_desc": "DNS cache size (in bytes).", + "cache_size_desc": "DNS cache size (in bytes). To disable caching, leave empty.", "cache_ttl_min_override": "Override minimum TTL", "cache_ttl_max_override": "Override maximum TTL", "enter_cache_size": "Enter cache size (bytes)", diff --git a/client/src/components/Logs/Cells/ClientCell.js b/client/src/components/Logs/Cells/ClientCell.js index 669f1c0acdc..9467f14ebe3 100644 --- a/client/src/components/Logs/Cells/ClientCell.js +++ b/client/src/components/Logs/Cells/ClientCell.js @@ -121,7 +121,7 @@ const ClientCell = ({ {options.map(({ name, onClick, disabled }) => ( ; const blockClientButton =