Just a quick note to say we have pushed out a small bugfix release for the web component to address a couple of security issues reported to us. As ever, read the release notes before updating. GHSA-g3w6-q4fg-p8x8 – “Stored XSS Vulnerability in the Pi-hole Webinterface” reported by both Dariusz Gońda and @awareseven GHSA-5cm9-6p3m-v259 – “(Authenticated)…
Read more
As always, please read through the changelog before updating to the beta versions. Read first: Please do not run this if you are not comfortable with digging into any issues that may arise. That said, we would like to have some support in making sure we have every imaginable configuration covered before release. Pi-hole can…
Read more
We have just pushed a hotfix release for FTL which should hopefully resolve some database issues that we have been seeing reported. If you have been affected by issues with the database (not everyone has), the general advice is to mv the database (/etc/pihole/pihole-FTL.db) to a .bak if you’d like, else just rm it, and…
Read more
As always, please read through the changelog before updating with pihole -up. Highlights More details for your adlists The web dashboard does now provide health-status and statistics about downloaded and processed adlists. You can see when they were last downloaded, when they were last changed and it they work at all or contain invalid domains.…
Read more
Pi-hole embeds the DNS server dnsmasq, which is currently in release-candidate state for version 2.85. Please join us in the final testing of this version of dnsmasq, to help us ensure there are no major bugs before the final release. You may be receiving a few updates on this branch. To get the release candidate…
Read more
Today, we release Pi-hole FTL v5.7 and Web v5.4. This release improves the security and reliability of your Pi-hole. The most important enhancements are summarized below: Fix security flaws on the web interface Thanks to Veno Eivazian who pointed us to three security flaws in the web interface. They could have been used to run…
Read more
Another release so soon after v5.5(.1) was released? Yes! FTL v5.5(.1) brought you the bleeding-edge dnsmasq v2.83 and our attentive users have quickly reported an issue with queries for the same domain coming from different network sockets. The updated dnsmasq has a new feature to group queries that need to be forwarded so only one…
Read more
In September 2020, the JSOF Research Lab discovered seven security vulnerabilities in dnsmasq. They named the set of vulnerabilities dnspooq. We’ve been in contact with them and, over the last couple of weeks, we’ve partnered and worked closely with Cisco, Red Hat and, Simon Kelley (the maintainer of dnsmasq) [the order of mentioning does not…
Read more
A new year, a new release! Before running pihole -up to update, make sure you’ve read over the release notes below to ensure there’s nothing that would stop you from upgrading. Pi-hole docker containers will be updated in due course… (before anyone asks “Where’s the Docker update??”) Update: Docker containers now tagged at :v5.4 Core:…
Read more
It’s beginning to look a lot like Christmas…. No shiny new features for you this time, but fixes for bugs identified since the last version, and a few tweaks here and there. Full details below. As ever, before running pihole -up to update, make sure you’ve read over the release notes to ensure there’s nothing…
Read more