Turris OS 4.0.2 is released into HBT - Testing branch

#1

Dear Turris users,

We are pleased to announce the release of Turris OS 4.0.2 is now available HBT (Testing) branch. This release is for Turris MOX and Turris Omnia routers. In this release, there is a new feature, which was requested here on the forum and we heard your voices.

  • In the About tab of administration interface Foris tab, you can now find details, which Turris OS branch you are using.

turris-about-tab
turris-about-tab.png919×255 12 KB

Full release notes for this release:

  • added missing hardening package list
  • fixed autodetection of router address in Foris OpenVPN
  • irssi: updated to version 1.2.2, fix CVE-2019-15717
  • sudo: updated to version 1.8.28p1, fix CVE-2019-14287
  • bind: updated to version 9.11.11
  • openldap: updated to version 2.4.48, fix CVE-2019-13565
  • kernel: updated to version 4.14.151
  • libpcap: updated to version 1.9.1, fix CVE-2019-1516{1,2,3,4,5}
  • tcpdump: updated to version 4.9.3, fix multiple CVEs
  • python: updated to version 2.7.17
  • foris: updated to version 100.6
  • foris-controller: updated to version 1.0.6
  • python[3]-cryptography: fix CVE-2018-10903
  • enable RTC NVMEM access for Turris 1.x
  • ustream-ssl: CVE-2019-5101, CVE-2019-5102
  • iptables-geoip-mod: fixed compilation
    and fixed issue that it can not open file for reading when you boot your Turris MOX from another Turris router, which was running Turris OS 4.x

If you would like to try this release, you need to switch to branch hbt with the following command in command-line interface:

switch-branch hbt

Any feedback regarding this release is appreciated.

#2

Known issue:

  • package perl-device-usb is not available for Turris MOX router.
  • reForis is not compiled in this RC release for now.
#3

This post was flagged by the community and is temporarily hidden.

#4

Turris OS 4.0.2 po instalaci LXC utilities přestane fungovat opkg update

Collected errors:

při odstranění balíčku wget-nossl,opkg update funguje (baliček se sám časem znovu nainstaluje)

#5

This post was flagged by the community and is temporarily hidden.

#6

4 posts were split to a new topic: Hidden topic in release topic

#10

nevím zda to má s tím něco společného ale https://repo.turris.cz/hbt/lists/lxc.lua řádek 8 odkaz vede do hbs

#11

That link to HBS is not a problem. It is condition to migrate old versions of updater to new setup. That is intentional.

The problem is described here: https://gitlab.labs.nic.cz/turris/turris-build/issues/92
Thank you for reporting it.

2 Likes
#12

Nothing has changed. Mox is not working …

root@turris:~# netboot-manager regen -f
Regenerating configuration...
Getting new rootfs...
Downloading 'https://repo.turris.cz/hbs/netboot/mox-netboot-latest.tar.gz'
Connecting to 217.31.192.69:443
Writing to '/srv/turris-netboot/rootfs/rootfs-new.tar.gz'
/srv/turris-netboot/ 100% |*******************************| 42066k  0:00:00 ETA
Download completed (43075675 bytes)
Downloading 'https://repo.turris.cz/hbs/netboot/mox-netboot-latest.tar.gz.sha256'
Connecting to 217.31.192.69:443
Writing to '/srv/turris-netboot/rootfs/rootfs-new.tar.gz.sha256'
/srv/turris-netboot/ 100% |*******************************|    98   0:00:00 ETA
Download completed (98 bytes)
Downloading 'https://repo.turris.cz/hbs/netboot/mox-netboot-latest.tar.gz.sig'
Connecting to 217.31.192.69:443
Writing to '/srv/turris-netboot/rootfs/rootfs-new.tar.gz.sig'
/srv/turris-netboot/ 100% |*******************************|   151   0:00:00 ETA
Download completed (151 bytes)
rootfs-new.tar.gz: OK
Cannot open file '/etc/opkg/keys//xxxxxxxxxxxxx' for reading
Tampered tarball

Same as under 4.0.1 … Post here

After I updated to 4.0.X I just have a bricked mox, which get not listed over netboot-manager or elsewhere …

I realy need soon a solution for my problems withs netbooting MOX. 6 Month ago I received my “early bird MOX”. Under 3.11 I got him running after some investigations, but just for a week or two, then I had to make a factoryreset again to get him back online. Then I installed 4.0.x, because I hoped it will get better, but the result was, that he doesn´t work at all in the moment.

#13

Hello there, running TurrisOS 4.0.2 99fcf8f / LuCI branch (git-19.305.00515-5a05075) on a Mox classic, and was wondering why adblock is working, but not loading the lists anymore. It does all work, but the result is 0. This is since a week or so?

Nov 8 07:18:11 turrisMOX adblock-3.5.5-2[29132]: blocklist with overall 0 domains loaded successfully (CZ.NIC Turris Mox Board, TurrisOS 4.0.2 99fcf8f/4.0.2)

best, DIKKE

#14

znovu vyzkoušeno a funguje do té doby než uživatel ručně nainstaluje balíček wget, pkgupdate následně odstraní balíček wget a nahradí ho balíčkem wget-nossl

#15

There were some changes for netboot tarball itself, but it is going to be fixed only when we release Turris OS 4.0.2 from Testing branch into Stable branch (hbs). As you can see in your output it downloads the tarball from hbs branch. If you would like in the meantime you can modify the source code of netboot (/etc/bin/netboot-manager) to download it from hbt, but those changes will be overridden by the update.

#16

Ok, I would like to try it out till next update. What exactly I have to do?

#17

Je tohle dostupné už i pro turris 1.x ? TOS 4.0.1 (turris1x-medkit-latest.tar.gz) jsem zkoušel a updater mi skončil na nedustopnosti balíku kmod-mmc-fsl-p2020

#18

Thank you, opkg remove wget-nossl resolved the fact opkg update was failing with the same error you quoted in your post. Also as mentioned above, the package will re-install itself with the next update unless you do something like this:

echo -e '\nUninstall("wget-nossl")' >> /etc/updater/conf.d/example.lua; pkgupdate