1.3.3
1.3.3
Security
- T4970: pin OCaml pcre package to avoid JIT support
New features and improvements
- T5098: PPPoE client holdoff configuration
- T5033: generate-public-key command fails for address with multiple public keys like GitHub
- T4971: Radius attribute "Framed-Pool" for PPPoE
- T4949: Backport "monitor log" and "show log" op-mode definitions from current to equuleus
- T4948: pppoe: add CLI option to allow definition of host-uniq flag
- T4947: Support mounting container volumes as ro or rw
- T4922: Add ssh-client source-interface CLI option
- T4898: Add mtu config option for dummy interfaces
- T4812: IPsec ability to show all configured connections
- T4809: radvd: Allow use of AdvRASrcAddress
- T4785: snmp: Allow !, @, * and # in community name
- T4743: Enable IPv6 address for Dynamic DNS
- T4727: Add RADIUS rate limit support to PPTP server
- T4683: Add kitty-terminfo package to build
- T4575: vyos.utill add new wrapper "rc_cmd" to get the return code and output
- T4219: support incoming-interface (iif) in local PBR
- T3937: Rewrite "show system memory" in Python to make it usable as a library function
- T2769: Add VRF support for syslog
- T2603: pppoe-server: reduce min MTU
- T1993: Extended pppoe rate-limiter
- T1024: Policy Based Routing by DSCP
- T578: Support Linux Container
Bug fixes
- T5186: QoS test cannot pass for 1.3
- T5176: http-api: update vyos-http-api-tools for FastAPI security vulnerability
- T5175: http-api: error in MultiPart parser for FastAPI version >= 0.91.0
- T5152: Telegraf agent hostname isn't qualified
- T5136: Possible config corruption on upgrade
- T5066: Different GRE tunnel but same tunnel keys error
- T5047: Recreate only a specific container
- T5017: Bug with validator interface-name
- T5011: Some interface drivers don't support min_mtu and max_mtu and verify_mtu check should be skipped
- T4993: Can't delete conntrack ignore rule
- T4992: Incorrect check is_local_address for bgp neighbor with option ip_nonlocal_bind set
- T4978: KeyError: 'memory' container_config['memory'] on upgrading to 1.4-rolling-202302041536
- T4975: CLI does not work after cutting off the power or reset
- T4955: Openconnect radiusclient.conf generating with extra authserver
- T4939: VRRP command no-preempt not work as expected
- T4918: Odd show interface behavior
- T4902: snmpd: exclude container storage from monitoring
- T4896: ospfv3: Fix broken not-advertise option
- T4884: Missing a community6 in snmpd config
- T4872: Op-mode show openvpn misses a case when parsing for tunnel IP
- T4799: PowerDNS >= 4.7 does not get reloaded by vyos-hostsd
- T4730: Conntrack-sync error - listen-address is not the correct type in config as it should be
- T4709: TCP MSS clamping broken in equuleus
- T4702: Wireguard peers configuration is not synchronized with CLI
- T4680: Telegraf prometheus-client listen-address invalid format
- T4679: OpenVPN site-to-site incorrect check for IPv6 local and remote address
- T4671: linux-firmware package is missing symlinks defined in WHENCE file
- T4668: Adding/removing members from bond doesn't work/results in incorrect interface state
- T4664: Add validation to reject whitespace in tag node value names
- T4648: PPPoE: Ignore default router from RA when PPPoE default-route is set to none
- T4642: proxy: hyphen not allowed in proxy URL
- T4630: Prevent attempts to use the same interface as a source interface for pseudo-ethernet and MACsec at the same time
- T4628: ConfigTree() throws ValueError() if tagNode contains whitespaces
- T4582: Router-advert: Preferred lifetime cannot equal valid lifetime in PIOs
- T4533: Radius clients don’t have simple permissions
- T4312: Telegraf configuration doesn't accept IPs for URL
- T4177: Strip-private doesn't work for service monitoring
- T4153: Monitor bandwidth-test initiate not working
- T4117: Does not possible to configure PoD/CoA for L2TP vpn
- T2838: Ethernet device names changing, multiple hw-id being added
- T2516: vyos-container: cannot configure ethernet interface
- T2189: Adding a large port-range will take ~ 20 minutes to commit
Other resolved issues
- T5243: Default route is inactive if an interface has multiple ip addresses of the same subnet in 1.3.2 Equuleus
- T5111: pppd-dns.service startup failed
- T5008: MACsec CKN of 32 chars is not allowed in CLI, but works fine
- T5007: Interface multicast setting is invalid
- T4999: vyos.util backport dict_search_recursive
- T4925: Need to add the possibility to configure Pseudo-Random Functions (PRF) in IKEv2
- T4906: ipsec connections shows only one connection as up
- T4900: Cache intermediary results of get_config_diff in Config instance
- T4875: Replace Python validator 'interface-name' to avoid Python startup cost
- T4832: dhcp: Add IPv6-only dhcp option support (RFC 8925)
- T4798: Migrate the file-exists validator away from Python
- T4652: Upgrade PowerDNS recursor to 4.7 series
- T4625: Update ocserv to current revision (1.1.6)
- T4511: IPv6 DNS lookup
- T4381: OpenVPN: Add "Tunnel IP" column in "show openvpn server" operational command
- T4122: interface ip address config missing after upgrade from 1.2.8 to 1.3.0 (when redirect is configured?)
- T3608: Standardize warnings from configure scripts
- T3083: Add feature event-handler
- T2913: Failure to install fpm while building builder docker image
- T1875: Add the ability to use network address as BGP neighbor (bgp listen range)
- T1288: FRR: rewrite staticd backend (/opt/vyatta/share/vyatta-cfg/templates/protocols/static/*)
Tags
None
Referenced Files
None
Subscribers
None
- Last Author
- dmbaturin
- Last Edited
- May 29 2023, 1:49 PM