Page MenuHomeVyOS Platform

1.3.3
Updated 418 Days AgoPublic

Security

  • T4970: pin OCaml pcre package to avoid JIT support

New features and improvements

  • T5098: PPPoE client holdoff configuration
  • T5033: generate-public-key command fails for address with multiple public keys like GitHub
  • T4971: Radius attribute "Framed-Pool" for PPPoE
  • T4949: Backport "monitor log" and "show log" op-mode definitions from current to equuleus
  • T4948: pppoe: add CLI option to allow definition of host-uniq flag
  • T4947: Support mounting container volumes as ro or rw
  • T4922: Add ssh-client source-interface CLI option
  • T4898: Add mtu config option for dummy interfaces
  • T4812: IPsec ability to show all configured connections
  • T4809: radvd: Allow use of AdvRASrcAddress
  • T4785: snmp: Allow !, @, * and # in community name
  • T4743: Enable IPv6 address for Dynamic DNS
  • T4727: Add RADIUS rate limit support to PPTP server
  • T4683: Add kitty-terminfo package to build
  • T4575: vyos.utill add new wrapper "rc_cmd" to get the return code and output
  • T4219: support incoming-interface (iif) in local PBR
  • T3937: Rewrite "show system memory" in Python to make it usable as a library function
  • T2769: Add VRF support for syslog
  • T2603: pppoe-server: reduce min MTU
  • T1993: Extended pppoe rate-limiter
  • T1024: Policy Based Routing by DSCP
  • T578: Support Linux Container

Bug fixes

  • T5186: QoS test cannot pass for 1.3
  • T5176: http-api: update vyos-http-api-tools for FastAPI security vulnerability
  • T5175: http-api: error in MultiPart parser for FastAPI version >= 0.91.0
  • T5152: Telegraf agent hostname isn't qualified
  • T5136: Possible config corruption on upgrade
  • T5066: Different GRE tunnel but same tunnel keys error
  • T5047: Recreate only a specific container
  • T5017: Bug with validator interface-name
  • T5011: Some interface drivers don't support min_mtu and max_mtu and verify_mtu check should be skipped
  • T4993: Can't delete conntrack ignore rule
  • T4992: Incorrect check is_local_address for bgp neighbor with option ip_nonlocal_bind set
  • T4978: KeyError: 'memory' container_config['memory'] on upgrading to 1.4-rolling-202302041536
  • T4975: CLI does not work after cutting off the power or reset
  • T4955: Openconnect radiusclient.conf generating with extra authserver
  • T4939: VRRP command no-preempt not work as expected
  • T4918: Odd show interface behavior
  • T4902: snmpd: exclude container storage from monitoring
  • T4896: ospfv3: Fix broken not-advertise option
  • T4884: Missing a community6 in snmpd config
  • T4872: Op-mode show openvpn misses a case when parsing for tunnel IP
  • T4799: PowerDNS >= 4.7 does not get reloaded by vyos-hostsd
  • T4730: Conntrack-sync error - listen-address is not the correct type in config as it should be
  • T4709: TCP MSS clamping broken in equuleus
  • T4702: Wireguard peers configuration is not synchronized with CLI
  • T4680: Telegraf prometheus-client listen-address invalid format
  • T4679: OpenVPN site-to-site incorrect check for IPv6 local and remote address
  • T4671: linux-firmware package is missing symlinks defined in WHENCE file
  • T4668: Adding/removing members from bond doesn't work/results in incorrect interface state
  • T4664: Add validation to reject whitespace in tag node value names
  • T4648: PPPoE: Ignore default router from RA when PPPoE default-route is set to none
  • T4642: proxy: hyphen not allowed in proxy URL
  • T4630: Prevent attempts to use the same interface as a source interface for pseudo-ethernet and MACsec at the same time
  • T4628: ConfigTree() throws ValueError() if tagNode contains whitespaces
  • T4582: Router-advert: Preferred lifetime cannot equal valid lifetime in PIOs
  • T4533: Radius clients don’t have simple permissions
  • T4312: Telegraf configuration doesn't accept IPs for URL
  • T4177: Strip-private doesn't work for service monitoring
  • T4153: Monitor bandwidth-test initiate not working
  • T4117: Does not possible to configure PoD/CoA for L2TP vpn
  • T2838: Ethernet device names changing, multiple hw-id being added
  • T2516: vyos-container: cannot configure ethernet interface
  • T2189: Adding a large port-range will take ~ 20 minutes to commit

Other resolved issues

  • T5243: Default route is inactive if an interface has multiple ip addresses of the same subnet in 1.3.2 Equuleus
  • T5111: pppd-dns.service startup failed
  • T5008: MACsec CKN of 32 chars is not allowed in CLI, but works fine
  • T5007: Interface multicast setting is invalid
  • T4999: vyos.util backport dict_search_recursive
  • T4925: Need to add the possibility to configure Pseudo-Random Functions (PRF) in IKEv2
  • T4906: ipsec connections shows only one connection as up
  • T4900: Cache intermediary results of get_config_diff in Config instance
  • T4875: Replace Python validator 'interface-name' to avoid Python startup cost
  • T4832: dhcp: Add IPv6-only dhcp option support (RFC 8925)
  • T4798: Migrate the file-exists validator away from Python
  • T4652: Upgrade PowerDNS recursor to 4.7 series
  • T4625: Update ocserv to current revision (1.1.6)
  • T4511: IPv6 DNS lookup
  • T4381: OpenVPN: Add "Tunnel IP" column in "show openvpn server" operational command
  • T4122: interface ip address config missing after upgrade from 1.2.8 to 1.3.0 (when redirect is configured?)
  • T3608: Standardize warnings from configure scripts
  • T3083: Add feature event-handler
  • T2913: Failure to install fpm while building builder docker image
  • T1875: Add the ability to use network address as BGP neighbor (bgp listen range)
  • T1288: FRR: rewrite staticd backend (/opt/vyatta/share/vyatta-cfg/templates/protocols/static/*)
Last Author
dmbaturin
Last Edited
May 29 2023, 1:49 PM

Event Timeline

dmbaturin edited the content of this document. (Show Details)
dmbaturin edited the content of this document. (Show Details)
dmbaturin changed the title from 1.3.3 to 1.3.1.Sep 22 2022, 10:56 AM
dmbaturin edited the content of this document. (Show Details)
dmbaturin changed the title from 1.3.1 to 1.3.3.Sep 22 2022, 10:58 AM
dmbaturin edited the content of this document. (Show Details)