Blog

Thank You for Being Part of the V6 Beta!

We want to take a moment to express our heartfelt gratitude to each of you for participating in our beta program. Your feedback, support, and enthusiasm have been invaluable as we continue to enhance and improve the Pi-hole experience. ✨ The Party Continues! The journey doesn’t stop here! The next phase is now available on…
Read more

Preparing for the v6 release

A little over 10 months ago, we announced the beginning of a beta testing round for Pi-hole v6. We’re excited to share that after countless hours of testing, feedback, and fine-tuning, we believe it’s now (very nearly) ready for release! The response from our community has been incredible, with over 250 discussion threads on our…
Read more

Pi-hole Core v5.18 released to fix an Authenticated Arbitrary File Read with root privileges vulnerability

A vulnerability was recently discovered in Pi-hole’s gravity script that would allow for any system file to be arbitrarily read and presented to an authenticated user on the web interface. This release mitigates the vulnerability by limiting gravity’s ability to read local file’s to only those that are explicitly readable by anyone on the system.…
Read more

DNSSEC fix generally released.

Please run `pihole -up` to update Pi-hole with the fixes noted in the previous post. Thanks!

A lock

Fixing two new DNSSEC vulnerabilities

  Today, we have been informed about two DNSSEC vulnerabilities in dnsmasq, which Pi-hole FTL is forked from. Both vulnerabilities, via specially crafted DNSSEC answers, can lead DNSSEC validators down a very CPU intensive and time costly validation/NSEC3 hash calculation path. This results in degraded performance and denial of service in trivially orchestrated attacks. In…
Read more

Pi-hole FTL v5.24, and Core v5.17.3 released

As always, please read through the changelog before updating with pihole -up. (A new tag for docker image will arrive in due course.) While the majority of our development effort is currently focused on the running v6.0 beta, we are absolutely dedicated to supporting and enhancing v5. We understand that many users continue to depend…
Read more

Pi-hole V6 Beta Testing

It’s no secret that we’ve been working on the next iteration of Pi-hole for quite some time now (Nearly four years!). You may have seen mentions of v6.0 floating around on our Github, Discourse, or Reddit channels. Today we’re looking to ask some of the more brave users to help us test and troubleshoot it

PSA: Renaming the web repo

What’s happening? We will be renaming the current web repo from AdminLTE to web Why is this happening? The web repo started off life a long time ago as a fork of popular admin dashboard template AdminLTE (building on their demo template). What we probably should have done in retrospect was start from scratch and embed…
Read more

Pi-hole FTL v5.23, Web v5.20 and Core v5.17 released

As always, please read through the changelog before updating with pihole -up. (A new tag for docker image will arrive in due course.) Highlights The list parsing functionality of Gravity is now handled by FTL which makes it much faster and less memory/storage intensive. (#1559 & #5275) RISC V support (#5196) Add local network scanning…
Read more

Pi-hole FTL v5.22, Web v5.19 and Core v5.16.1 released

As always, please read through the changelog before updating with pihole -up. (A new tag for docker image will arrive in due course.) Highlights A long time ago (in this galaxy…) we dropped gravity’s support for parsing Adblock Plus (ABP) style lists (v4.3.2 release notes). The parsing implementation we had in place at the time…
Read more