This time, I don’t have good news. It was disclosed to us one serious issue, which makes Foris vulnerable to possible cross-site scripting. It could be a problem if you have exposed Foris in a public way. Because of that, there is a new update of Turris OS, which fixes this Foris vulnerability and there are two other things, which might be interesting for you. There are an updated kernel and fixed Syslog warning in the resolver dynamic domain script.
We would like to thank Mr. Volcz, who hasn’t publicly disclosed this issue and reported this issue to us first.
If you are using Turris OS 3.x, we will introduce a new update soon, where we will fix this issue.
reForis fails to generate diagnostics for me (all checkboxes selected). Foris succeeds in that.
EDIT: no changes or actions work in reForis for me apparently, just browsing. I briefly saw a “session expired” message; failures often redirect me to the notifications page (and always keep me logged in).
EDIT2: over IPv4 it’s OK, only happens when I use https://[my:IPv6:address::1] (or without the “s”)
MOX classic, WiFi, .5 GB, 5.1.5 HBK, simple config, update to 5.1.6 OK, after reboot SSH, reForris & LuCI working (WiFI: radio0 5 GHz seemed lost, after another restart alive - I noticed such situation some time ago as well, restart brought it back).
Guys, thank you for sharing with us the bug regarding IPv6 and reForis. My colleague created an issue [1] on our GitLab, where we will try to investigate this issue. I give it try and I am not able to reproduce it in the Stable release and in the Testing branch, there wasn’t any update for reForis. That’s going to be introduced in Turris OS 5.2.0!
Forum is not a bug tracker and if you have such experience that DHCP server is not working for you, feel free to add more details to the issue, which is created on our GitLab if it is similar or the same issue. It could be related to your settings or misconfiguration, but without sharing details with us e.g. sending diagnostics it is hard to know what is going on. If you think that the issue is different than what was linked, please reach our Technical Support department and follow instructions in Getting help article. For now, I am aware that it happens sometimes to @vcunat, but so far we were not able to reproduce it, but it works after a few restarts, which is not good, but it does not happen to anyone else.
Currently, I don’t have any plans to add a link to Git repositories that has been changed. For that, there are Git tags and file git-hash on our repository, so you go through all changes done in each release. Maybe I would change my mind if there is going to be demand for it.
It’s also happening once upon a time (same as for @vcunat ). Sadly I cannot share more specific details about network setup, except parts of logs I appended to the issue thread (which seems at least parly relevant).
Thanks for sharing the link to relevant add_lease issue, I was being suspisious it has something to with my issue.
I tried to test this situation (i.e. evoke it) by multiple time reboot MOX (5x+) - but this time it always come up with both WiFis… I suspect it somehow depends on updates (if I remember well all cases (,2+) of loosing one WiFi were after some update of MOX). If I encounter this situation again I’ll send you diagnostics. I hope it’s not false alarm but I can’t exclude it, sorry.
Another attempt: pkgupdate via SSH (remember I’m in HBK branch) - after update in both reForris and LuCI only one WiFi (WiFi2 - 2.4 GHz)… diagnostics via reForris will be sent to support… hope it’ll help you to find why
