AdGuardHome

148 readers
1 users here now

Dedicated to AdGuard Home, specifically

founded 2 years ago
MODERATORS
1
3
submitted 8 months ago* (last edited 8 months ago) by [email protected] to c/adguardhome
 
 

I had this blocked domain from an Android device: www.goooooooooooooooooooooooooooooooooooooooooooooooooooooooooogle.com

It was blocked by HaGeZi's Normal DNS Blocklist.

I see an entry in VirusTotal: https://www.virustotal.com/gui/domain/www.goooooooooooooooooooooooooooooooooooooooooooooooooooooooooogle.com

2
 
 

I'm looking to block telemetry, phoning home, etc - anything to increase online privacy without sacrificing functionality. I plan to set up a VLAN in the future but in the meantime a guest network will have to suffice.

3
 
 

Full changelog See also the v0.107.41 GitHub milestone.

Security

  • Go version has been updated to prevent the possibility of exploiting the CVE2023-45283 and CVE-2023-45284 Go vulnerabilities fixed in Go 1.20.11.

Added

  • Ability to specify subnet lengths for IPv4 and IPv6 addresses, used for rate limiting requests, in the configuration file (#6368).

  • Ability to specify multiple domain specific upstreams per line, e.g. [/domain1/../domain2/]upstream1 upstream2 .. upstreamN (#4977).

Changed

  • Increased the height of the ready-to-use filter lists dialog (#6358).
  • Improved logging of authentication failures (#6357).

Configuration changes

  • New properties dns.ratelimit_subnet_len_ipv4 and dns.ratelimit_subnet_len_ipv6 have been added to the configuration file (#6368).

Fixed

  • Schedule timezone not being sent (#6401).
  • Average request processing time calculation (#6220).
  • Redundant truncation of long client names in the Top Clients table (#6338).
  • Scrolling column headers in the tables (#6337).
  • $important,dnsrewrite rules not overriding allowlist rules (#6204).
  • Dark mode DNS rewrite background (#6329).
  • Issues with QUIC and HTTP/3 upstreams on Linux (#6335).
4
 
 

Fixed

  • Incorrect original answer when a response is filtered (#6183).
  • Comments in the Fallback DNS servers field in the UI (#6182).
  • Empty or default Safe Browsing and Parental Control settings (#6181).
  • Various UI issues.
5
 
 

#Security

  • Go version has been updated to prevent the possibility of exploiting the CVE-2023-29409 Go vulnerability fixed in Go 1.20.7.

#Deprecated

  • Go 1.20 support. Future versions will require at least Go 1.21 to build.

#Fixed

  • Inability to block queries for the root domain, such as NS . queries, using the Disallowed domains feature on the DNS settings page (#6049). Users who want to block . queries should use the |.^ AdBlock rule or a similar regular expression.
  • Client hostnames not resolving when upstream server responds with zero-TTL records (#6046).
6
 
 

Changed Improved reliability filtering-rule list updates on Unix systems.

Fixed Occasional client information lookup failures that could lead to the DNS server getting stuck (#6006).

bufio.Scanner: token too long and other errors when trying to add filtering-rule lists with lines over 1024 bytes long or containing cosmetic rules (#6003).

Removed Default exposure of the non-standard ports 784 and 8853 for DNS-over-QUIC in the Dockerfile.

7
 
 

This release improves the security of AdGuard Home and fixes a few larger issues.

Safe Browsing and CPU spikes Back in June we released a security update to AdGuard Home with a few bugfixes. Ironically, it brought about another bug. Safe Browsing and Parental Control weren't working properly since then, which in some cases led to lowered performance, random crashes, and huge CPU spikes.

It took us an entire month to get to the bottom of this, and it certainly would have taken even longer if not for the awesome community members: @bigwookie, @TheCableGuy99, and others. It turned out that “The Big Bug” was, in fact, three smaller bugs in a trenchcoat. And they were all mercilessly dealt with in this update.

Docker HEALTHCHECK Docker users should note that the Docker HEALTHCHECK mechanism has been removed, since it was causing a lot of issues, especially when used with Podman and other popular Docker tools.

Full changelog

8
 
 

Bugs need to be fixed, and that's just what we did in this release 🔧. Besides that, we've been working on internal improvements that will make it easier to add new features in future releases.

Added The new command-line flag --web-addr is the address to serve the web UI on, in the host:port format.

The ability to set inactivity periods for filtering blocked services, both globally and per client, in the configuration file (#951). The UI changes are coming in the upcoming releases.

The ability to edit rewrite rules via PUT /control/rewrite/update HTTP API and the Web UI (#1577).

See full changelog

9
 
 

A hotfix release to fix a major issue in the previous release.

Full changelog

  • DNSCrypt upstream not resetting the client and resolver information on dialing errors