Turris OS 3.11.24

Hi,

Turris OS 3.11.23 was released 6 months ago. When can we expect a new release with security updates. The openssl version of Turris OS 3.11.23 is affected by at least this vulnerability. Thank you.

1 Like

I’m hoping TOS3 is near EOL, and our next upgrade will be to TOS5. But that day isn’t today, and if the seamless TOS5 upgrade from TOS3 release isn’t very soon, then another TOS3 release should be done to maintain product quality.

1 Like

I do not know that TOS 3.x.x has been updated. Regular users have system updates enabled and have gradually switched to TOS 4 and now the current TOS 5. You have apparently disabled system updates.

It is not logical to create updates for 3 versions of the operating system. The changes also depend on the development of the default OpenWrt. It’s similar to requesting Windows XP updates after Microsoft :slight_smile:

Maybe the wiser will give you better news

1 Like

There has never been automatic switch from 3.x to 4.x (or higher). So far at least. That is (surely) the main motivation to keep 3.x patched up (to some extent). Actually one of my Omnias with automatic updates is still on 3.x, used only as AP+switch.

1 Like

sorry for inaccurate information … I am on TOS 5

1 Like

So… No one knows? No ETA? Not even a guess?

Cmon, 3.x is great.
I have 0 downtimes with it, so I dont need a change.

4 Likes

Indeed, no downtimes, most errors mitigated …so why the hell to change to 4.x to 5.x :smiley: ?
Personally i am a bit of scared to do upgrade as i have many tweaks on my Omnia since i’ve got it, i went from initial version by updates till 3.11.x :slight_smile: , no medikit applied so far…

2 Likes

Hello guys,

I see that I am a little late for this party even though the forum is just for our community, and we don’t ensure that we will respond to each thread, which you create. We don’t have simply enough manpower, and if we were looking for someone who is going to be responsible for the forum, then it would not be a full-time job for him/her. There are some job offers, and we still don’t count on someone dedicated only to the forum as our priority remains to reply to tickets via the support system.

Thus it does not make any sense to create posts like something new as we don’t provide support here. You are looking for this article in our documentation for Getting help.

Thanks for pointing CVEs related to OpenSSL. There are two CVEs.

  • CVE-2021-3711 (does not apply to Turris OS 3.x, and fixed in Turris OS 5.2.6)
  • CVE-2021-3712 (apply to Turris OS 3.x and fixed in Turris OS 5.2.6)

This is not what we are going to fix in Turris OS 3.x as there is a used version, which is out of support, and we don’t pay for extended support for it. Also, Turris OS 3.x as said is getting EoL soon.

In the security advisory, there is mentioned this:

Users of these versions should upgrade to OpenSSL 1.1.1.

Then feel free to do it. The version is present in Turris OS 5.x. If you want to stay secured and safe, then there are two options for Turris Omnia router.

  1. opt-in migration

We will soon trigger to all users migration, so it’s now or never. If I am not mistaken, then there will be at least/only one release for Turris OS 3.x, when we will trigger the migration to get rid of Turris OS 3.x.

  1. re-flash

If you are lucky to have blue router Turris 1.0 and Turris 1.1, then you need to follow this article:

1 Like