Pi-hole FTL v6.6.1 and Core v6.4.2 Released!

As always, please read through the changelogs before updating with pihole -up

Don’t forget, you can use Teleporter to export your configuration. It can be found under the settings menu of the web interface or on the command line with pihole-FTL --teleporter

Docker has been tagged as 2026.04.1

Highlights

This release is mostly about addressing two security advisories – one in FTL and one in Core. We’d like to thank the researchers who responsibly disclosed these issues.

Full details for both advisories can be found at the following links:

• pi-hole/pi-hole/security/advisories/GHSA-6w8x-p785-6pm4 reported by @mjkim610
• pi-hole/FTL/security/advisories/GHSA-9cqv-839p-gpq2 reported by @anuraagbaishya

Details of all other fixes can be found below!

FTL v6.6.1

What’s Changed

• Add new GET /api/config/_properties endpoint by @DL6ER in #2356
• Fix thread-safety issues causing SIGSEGV under concurrent API load by @DL6ER in #2835
• fix: fix rare race condition for SHM strings in API handlers by @DL6ER in #2833
• Accept punycode domains that libidn2 rejects under IDNA2008 by @DL6ER in #2838
• Improve shutdown diagnostics to identify SIGTERM source by @DL6ER in #2839
• Resolve empty backtraces when addr2line is not installed by @DL6ER in #2831
• Improve thread-safety for concurrent API requests by @DL6ER in #2847
• Don’t skip device lookup when resolver.macNames is disabled by @DL6ER in #2846
• Fix linker error when compiling w/o optimization by @aeolio in #2850
• Clarify dns.blockESNI wording by @darkexplosiveqwx in #2784
• Preserve log file path config when fopen fails by @DL6ER in #2834

Security advisories

• pi-hole/pi-hole/security/advisories/GHSA-6w8x-p785-6pm4
  • Fixed with :
• pi-hole/FTL/security/advisories/GHSA-9cqv-839p-gpq2
  • Fixed with :

New Contributors

• @darkexplosiveqwx made their first contribution in #2784

Full Changelog: v6.6…v6.6.1

Core v6.4.2

What’s Changed

• Fix ownership permissions for containing directories in fix_owner_per… by @PromoFaux in #6589
• Remove reference to /usr/local/bin/COL_TABLE by @darkexplosiveqwx in #6594
• Skip apt cache update when pihole-meta is current by @PromoFaux in #6581
• Set versions in /etc/pihole/versions to null if script fails by @yubiuser in #6550
• Wipe version file before creating a new one by @yubiuser in #6538
• Remove redundant touching of logfiles from systemd Service by @yubiuser in #6601
• Loosen requirements for local file access for gravity by @yubiuser in #6430
• Fix permission for *.etag files after gravity run by @yubiuser in #6353
• add logrotate to DEB and RPM dependencies by @darkexplosiveqwx in #6524
• Improve gravity error message including curl exit code and errormsg by @rdwebdesign in #6605

Security advisories

• pi-hole/pi-hole/security/advisories/GHSA-6w8x-p785-6pm4
  • Fixed with :

Full Changelog: v6.4.1…v6.4.2