Gluon 2019.1.2

Bugfixes

• Fixes a buffer-overflow vulnerability in libubox, a core component of OpenWrt (CVE-2020-7248)

• Fixes a vulnerability in the OpenWrt package manager (opkg). By using this vulnerability, an attacker could bypass the integrity check of the package artifacts. (CVE-2020-7982)

Other Changes

• Linux kernel has been updated to either

  • 4.9.211 (ar71xx, brcm2708, mpc85xx) or

  • 4.14.167 (ipq40xx, ipq806x, mvebu, ramips, sunxi, x86).

Known issues

• Out of memory situations with high client count on ath9k. (#1768)

• The integration of the BATMAN_V routing algorithm is incomplete.

  • Mesh neighbors don’t appear on the status page. (#1726)

    Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput metric.

  • Throughput values are not correctly acquired for different interface types. (#1728)

    This affects virtual interface types like bridges and VXLAN.

• Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (#94)

  Reducing the TX power in the Advanced Settings is recommended.

• The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (#496)

  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).

• Inconsistent respondd API (#522)

  The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.

• Frequent reboots due to out-of-memory or high load due to memory pressure on weak hardware especially in larger meshes (#1243)

  Optimizations in Gluon 2018.1 have significantly improved memory usage. There are still known bugs leading to unreasonably high load that we hope to solve in future releases.