We released RC2 of Turris OS 3.11.20
- There is updated unbound and msmtp.
- Most noticable change is related to security vulnerability known as NAT Slipstreaming (CVE-2020-28041). Because of that, we removed package kmod-nathelper-extra from our user list, which was part of default installation and disabled it by default to be sure. The version of Turris OS 5.x is not vulnerable as since kernel 4.7 and up automatic helper assignment in kernel is turned off by default. We would like to thank you to Saverio Proto, who reported this issue to us.
This could affect some services like SIP, TFTP, GRE protocol.