AdGuard Home v0.108.0-b.50

Changes compared to the previous beta, v0.108.0-b.49. See CHANGELOG.md for all changes.

Acknowledgements

A special thanks to our open-source contributor, @jefferyto, as well as to everyone who filed and inspected issues, added translations, and helped us test this release!

Full changelog

Added

• Ability to disable plain-DNS serving through configuration file if an encrypted protocol is already used (#1660).

• Ability to specify rate limiting settings in the Web UI (#6369).

Changed

Configuration changes

• The new property dns.serve_plain_dns has been added to the configuration file (#1660).

• The property dns.bogus_nxdomain is now validated more strictly.

• Added new properties clients.persistent.*.upstreams_cache_enabled and clients.persistent.*.upstreams_cache_size that describe cache configuration for each client's custom upstream configuration.

Fixed

• ipset entries family validation (#6420).

• Pre-filling the New static lease window with data (#6402).

• Protection pause timer synchronization (#5759).

AdGuard Home v0.108.0-b.49

Changes compared to the previous beta, v0.108.0-b.48. See CHANGELOG.md for all changes.

Acknowledgements

A special thanks to our open-source contributor, @TimTheBig, as well as to everyone who filed and inspected issues, added translations, and helped us test this release!

Full changelog

See also the [v0.107.41 GitHub milestone][ms-v0.107.41].

Security

• Go version has been updated to prevent the possibility of exploiting the CVE-2023-45283 and CVE-2023-45284 Go vulnerabilities fixed in Go 1.20.11.

Added

• Ability to specify subnet lengths for IPv4 and IPv6 addresses, used for rate limiting requests, in the configuration file (#6368).

• Ability to specify multiple domain specific upstreams per line, e.g. [/domain1/../domain2/]upstream1 upstream2 .. upstreamN (#4977).

Changed

• Increased the height of the ready-to-use filter lists dialog (#6358).

• Improved logging of authentication failures (#6357).

Configuration changes

• New properties dns.ratelimit_subnet_len_ipv4 and dns.ratelimit_subnet_len_ipv6 have been added to the configuration file (#6368).

Fixed

• Schedule timezone not being sent (#6401).

• Average request processing time calculation (#6220).

• Redundant truncation of long client names in the Top Clients table (#6338).

• Scrolling column headers in the tables (#6337).

• $important,dnsrewrite rules not overriding allowlist rules (#6204).

• Dark mode DNS rewrite background (#6329).

• Issues with QUIC and HTTP/3 upstreams on Linux (#6335).

AdGuard Home v0.107.41

Bugs are as certain as the change of the seasons 📆. However, in this release we have not only fixed quite a few of them, but also added some features that will make it easier to configure AdGuard Home and protect it from DDoS attacks!

Acknowledgements

A special thanks to our open-source contributor, @TimTheBig, as well as to everyone who filed and inspected issues, added translations, and helped us test this release!

Full changelog

See also the v0.107.41 GitHub milestone.

Security

• Go version has been updated to prevent the possibility of exploiting the CVE-2023-45283 and CVE-2023-45284 Go vulnerabilities fixed in Go 1.20.11.

Added

• Ability to specify subnet lengths for IPv4 and IPv6 addresses, used for rate limiting requests, in the configuration file (#6368).

• Ability to specify multiple domain specific upstreams per line, e.g. [/domain1/../domain2/]upstream1 upstream2 .. upstreamN (#4977).

Changed

• Increased the height of the ready-to-use filter lists dialog (#6358).

• Improved logging of authentication failures (#6357).

Configuration changes

• New properties dns.ratelimit_subnet_len_ipv4 and dns.ratelimit_subnet_len_ipv6 have been added to the configuration file (#6368).

Fixed

• Schedule timezone not being sent (#6401).

• Average request processing time calculation (#6220).

• Redundant truncation of long client names in the Top Clients table (#6338).

• Scrolling column headers in the tables (#6337).

• $important,dnsrewrite rules not overriding allowlist rules (#6204).

• Dark mode DNS rewrite background (#6329).

• Issues with QUIC and HTTP/3 upstreams on Linux (#6335).

AdGuard Home v0.107.40

What could be spookier than bugs preventing people from using their networks 👻? Luckily, we're here to bust them with this hotfix release!

Full changelog

See also the v0.107.40 GitHub milestone.

Changed

• Block and Unblock buttons of the query log moved to the tooltip menu (#684).

Fixed

• Dashboard tables scroll issue (#6180).

• The time shown in the statistics is one hour less than the current time (#6296).

• Issues with QUIC and HTTP/3 upstreams on FreeBSD (#6301).

• Panic on clearing query log (#6304).

AdGuard Home v0.108.0-b.48

Changes compared to the previous beta, v0.108.0-b.47. See CHANGELOG.md for all changes.

Full changelog

Changed

• "Block" and "Unblock" buttons of the query log moved to the tooltip menu (#684).

Fixed

• Dashboard tables scroll issue (#6180).
• Issues with QUIC and HTTP/3 upstreams on FreeBSD (#6301).
• Panic on clearing query log (#6304).
• The time shown in the statistics is one hour less than the current time (#6296).

AdGuard Home v0.108.0-b.47

Changes compared to the previous beta, v0.108.0-b.46. See CHANGELOG.md for all changes.

Full changelog

Security

• Go version has been updated to prevent the possibility of exploiting the CVE-2023-39323 and CVE-2023-39325 Go vulnerabilities fixed in Go 1.20.9 and Go 1.20.10.

Added

• Ability to edit static leases on DHCP settings page (#1700).

• Ability to specify for how long clients should cache a filtered response, using the Blocked response TTL field on the DNS settings page (#4569).

Changed

• ipset entries are updated more often (#6233).

• Node.JS 16 is now required to build the frontend.

Fixed

• Incorrect domain-specific upstream matching for DS queries (#6156).

• Improper validation of password length (#6280).

• Wrong algorithm for filtering self addresses from the list of private upstream DNS servers (#6231).

• An accidental change in DNS rewrite priority (#6226).

AdGuard Home v0.107.39

The spooky season may soon be upon us 🎃, but we're not afraid to ship a new release with some new features and a few bug fixes!

Full changelog

See also the v0.107.39 GitHub milestone.

Security

• Go version has been updated to prevent the possibility of exploiting the CVE-2023-39323 and CVE-2023-39325 Go vulnerabilities fixed in Go 1.20.9 and Go 1.20.10.

Added

• Ability to edit static leases on DHCP settings page (#1700).

• Ability to specify for how long clients should cache a filtered response, using the Blocked response TTL field on the DNS settings page (#4569).

Changed

• ipset entries are updated more often (#6233).

• Node.JS 16 is now required to build the frontend.

Fixed

• Incorrect domain-specific upstream matching for DS queries (#6156).

• Improper validation of password length (#6280).

• Wrong algorithm for filtering self addresses from the list of private upstream DNS servers (#6231).

• An accidental change in DNS rewrite priority (#6226).

AdGuard Home v0.108.0-b.46

Changes compared to the previous beta, v0.108.0-b.45. See CHANGELOG.md for all changes.

Full changelog

Fixed

• Incorrect original answer when a response is filtered (#6183).

• Comments in the Fallback DNS servers field in the UI (#6182).

• Empty or default Safe Browsing and Parental Control settings (#6181).

• Various UI issues.

AdGuard Home v0.107.38

Releases are like fruit: the tastier the apple, the more likely there's a bug in it somewhere. It turns out that our previous release was quite delicious! This hotfix is meant to deal with all the remaining bugs.

Full changelog

See also the v0.107.38 GitHub milestone.

Fixed

• Incorrect original answer when a response is filtered (#6183).

• Comments in the Fallback DNS servers field in the UI (#6182).

• Empty or default Safe Browsing and Parental Control settings (#6181).

• Various UI issues.

AdGuard Home v0.108.0-b.45

Changes compared to the previous beta, v0.108.0-b.44. See CHANGELOG.md for all changes.

Acknowledgements

A special thanks to our open-source contributor, @ssrahul96, as well as to everyone who filed and inspected issues, added translations, and helped us test this release!

Full changelog

Security

• Go version has been updated to prevent the possibility of exploiting the CVE-2023-39318, CVE-2023-39319, and CVE-2023-39320 Go vulnerabilities fixed in Go 1.20.8.

Added

• AdBlock-style syntax support for ignored domains in logs and statistics (#5720).

• Strict-Transport-Security header in the HTTP API and DNS-over-HTTPS responses when HTTPS is forced (#2998). See RFC 6797.

• UI for the schedule of the service-blocking pause (#951).

Changed

Configuration Changes

In this release, the schema version has changed from 25 to 27.

• Ignore rules blocking . in querylog.ignored and statistics.ignored have been migrated to AdBlock syntax (|.^). To rollback this change, restore the rules and change the schema_version back to 26.

• Filtering-related settings have been moved from dns section of the YAML configuration file to the new section filtering:

  # BEFORE:
  'dns':
      'filtering_enabled': true
      'filters_update_interval': 24
      'parental_enabled': false
      'safebrowsing_enabled': false
      'safebrowsing_cache_size': 1048576
      'safesearch_cache_size': 1048576
      'parental_cache_size': 1048576
      'safe_search':
          'enabled': false
          'bing': true
          'duckduckgo': true
          'google': true
          'pixabay': true
          'yandex': true
          'youtube': true
      'rewrites': []
      'blocked_services':
          'schedule':
              'time_zone': 'Local'
          'ids': []
      'protection_enabled':        true,
      'blocking_mode':             'custom_ip',
      'blocking_ipv4':             '1.2.3.4',
      'blocking_ipv6':             '1:2:3::4',
      'blocked_response_ttl':      10,
      'protection_disabled_until': 'null',
      'parental_block_host':       'p.dns.adguard.com',
      'safebrowsing_block_host':   's.dns.adguard.com'
  
  # AFTER:
  'filtering':
      'filtering_enabled': true
      'filters_update_interval': 24
      'parental_enabled': false
      'safebrowsing_enabled': false
      'safebrowsing_cache_size': 1048576
      'safesearch_cache_size': 1048576
      'parental_cache_size': 1048576
      'safe_search':
          'enabled': false
          'bing': true
          'duckduckgo': true
          'google': true
          'pixabay': true
          'yandex': true
          'youtube': true
      'rewrites': []
      'blocked_services':
          'schedule':
              'time_zone': 'Local'
          'ids': []
      'protection_enabled':        true,
      'blocking_mode':             'custom_ip',
      'blocking_ipv4':             '1.2.3.4',
      'blocking_ipv6':             '1:2:3::4',
      'blocked_response_ttl':      10,
      'protection_disabled_until': 'null',
      'parental_block_host':       'p.dns.adguard.com',
      'safebrowsing_block_host':   's.dns.adguard.com',

  To rollback this change, remove the new object filtering, set back filtering properties in dns section, and change the schema_version back to 25.

Fixed

• Incorrect display date on statistics graph (#5793).

• Missing query log entries and statistics on service restart (#6100).