Turris OS 6.4.3 RC released!

Dear Turris users,

we just released a release candidate for Turris OS 6.4.3. There are several security updates and bugfixes as usual, but there is also a little bit of new behavior.

Over the time, we have been enhancing support for various LTE cards and we plan to continue doing so. This release will actually automatically configure any LTE card it finds if there is no PIN required. Hope you will find that useful.

We are also testing a new alternative client for our Dynamic Firewall. You can enable it in package lists.

As always, we appreciate any feedback and how are the new features working for you. Full release notes follow.

:rocket: New Features
• dynfw: New experimental client
• drivers: More packages are automatically installed based on devices present
• drivers: Automatic setup of supported 3/4/5G with PIN-less SIM

:pushpin: Updates
• kernel: update to version 5.10.194 and 5.15.130
• curl: update to version 8.3.0
• openssl: update to version 1.1.1w
• wget: update to version 1.21.4
• php8-pecl-sodium replaced with php8-mod-sodium
• msmtp: update to version 1.8.24
• omnia-mcutool: updated to version 0.2 and packaged firmware

:bug: Bug Fixes
• switch-branch: reinstall all packages when switching between branches
• schnapps: fix regexp for ssh uri
• foris-storage-plugin: explicitly add more dependencies
• resolver-conf: fix calling of script to fill entries from DHCP
• resolver-conf: fix superfluous reloads on some IPv6 networks

4 Likes

Thanks. Could you share a bit more info on the experimental Sentinel client?

1 Like

It is a reimplementation of a client for Dynamic Firewall, written in C so in theory it should have a smaller memory footprint, but at the same time there is a variant with support for nftables. We are considering to switching to it as it seems Ok in current test, but we want to try some broader testing first.

2 Likes

MOX classic, HBK branch, .5 GB, 2x WiFi, simple config. All seems OK.

1 Like

Maybe you should prepare to include curl 8.4.0 if it is not to much work. It wil include a fix for a severity high cve.
It is scheduled to be rekeased the 11th Oct.

https://curl.se/docs/releases.html

2 Likes

6.4.2 → 6.4.3 RC1 update ok (no new problems introduced), no unintended cable/wifi or internet downtime. Restart needed.


Turris Omnia 2017, 1 GB RAM, dead eMMC, system running from mSATA SSD, original wifi cards. Storage plugin enabled, LXC containers, tor relay, USB HDD shared over samba4 and minidlna, SQM, Hardwario gateway + MQTT IoT bridge, OpenVPN, PPtP VPN, morce.


After enabling the experimental sentinel client, I see only this:

# pkgupdate 
INFO:Target Turris OS: 6.4.3
WARN:Request not satisfied to install package: sentinel-dynfw-c-client-iptables

Don’t worry, it is on our radar and we will update it once it is out :wink:

2 Likes

Could you explain more please?

2 Likes

omnia-mcutool v0.2 brings many new features and improvements over the older v0.1. See Commits · 0.2 · Turris / omnia-mcutool · GitLab for details. The packaged firmware is available here: Releases · Turris / HardWare / omnia_hw_ctrl · GitLab.

1 Like

It is a tool to update and control the firmware in MCU of Turris Omnia. After the final release, we are planning to send out to the forum a short howto to help people update the firmware and get some new cool features :wink:

4 Likes

After enabling the experimental sentinel client, I see only this:

It has been fixed in RC2 and the experimental client should work correctly. Please select only one of the dynfw clients. ReForis allows to check both but it will not work.

There’s no RC2 my router on hbt could find. I installed RC1 and since then it reports no further updates. And I still can’t install the experimental client.

If this is a requirement, it should be explicitly mentioned in the reforis packages list page.

There’s no RC2 my router on hbt could find.

It has been released yesterday, ca. 2 hours before the final 6.4.3. Your router has probably installed only the final version.

And I still can’t install the experimental client.

Please try to remove both clients and then install the experimental one.

If this is a requirement, it should be explicitly mentioned in the reforis packages list page.

Yes, it’s true. I’ll create an issue for it.

I have manually approved updates. I’ve only approved RC1. No approval request since then (even after manually clicking “Check updates” in reforis).

Thanks!

No approval request since then (even after manually clicking “Check updates” in reforis).

You probably missed the interval between RC2 and HBS. But it’s irrelevant now as RC2 became the final/stable version.

I haven’t received any update notification after rc1. Neither rc2, nor stable. Is there a way to tell whether I’m on rc1 or stable now? Which package was updated in rc2?

The only thing that was updated in RC2 was the experimental dynfw client and how it is installed. If you didn’t installed it, then there should be no difference between RC1 and RC2 and thus no update.

Great and what about u-boot update?

There is no U-Boot update mentioned in release notes :wink:

1 Like