Gluon 2019.1.2

Bugfixes

  • Fixes a buffer-overflow vulnerability in libubox, a core component of OpenWrt (CVE-2020-7248)
  • Fixes a vulnerability in the OpenWrt package manager (opkg). By using this vulnerability, an attacker could bypass the integrity check of the package artifacts. (CVE-2020-7982)

Other Changes

  • Linux kernel has been updated to either
    • 4.9.211 (ar71xx, brcm2708, mpc85xx) or
    • 4.14.167 (ipq40xx, ipq806x, mvebu, ramips, sunxi, x86).

Known issues

  • Out of memory situations with high client count on ath9k. (#1768)

  • The integration of the BATMAN_V routing algorithm is incomplete.

    • Mesh neighbors don’t appear on the status page. (#1726)
      Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput
      metric.
    • Throughput values are not correctly acquired for different interface types.
      This affects virtual interface types like bridges and VXLAN.
  • Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (#94)

    Reducing the TX power in the Advanced Settings is recommended.

  • The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (#496)

    This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).

  • Inconsistent respondd API (#522)

    The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.

  • Frequent reboots due to out-of-memory or high load due to memory pressure on weak hardware especially in larger meshes (#1243)

    Optimizations in Gluon 2018.1 have significantly improved memory usage. There are still known bugs leading to unreasonably high load that we hope to solve in future releases.