diff --git a/adguard-home/docker-compose.yml b/adguard-home/docker-compose.yml index eefd75ee..289668d8 100644 --- a/adguard-home/docker-compose.yml +++ b/adguard-home/docker-compose.yml @@ -2,7 +2,7 @@ version: "3.7" services: server: - image: adguard/adguardhome:v0.107.72@sha256:4956b35b590286e5872fb4336d84a7862a2030c6efb4ca16442580c37d7ba32d + image: adguard/adguardhome:v0.107.73@sha256:7fbf01d73ecb7a32d2d9e6cef8bf88e64bd787889ca80a1e8bce30cd4c084442 # override the default command to set the web address to port 8095 to avoid conflict with Thunderhub # command from Dockerfile: https://github.com/AdguardTeam/AdGuardHome/blob/master/docker/Dockerfile command: ["--no-check-update", "-c", "/opt/adguardhome/conf/AdGuardHome.yaml", "-w", "/opt/adguardhome/work", "--web-addr", "0.0.0.0:8095"] diff --git a/adguard-home/umbrel-app.yml b/adguard-home/umbrel-app.yml index 297f64a8..ee2d1a57 100644 --- a/adguard-home/umbrel-app.yml +++ b/adguard-home/umbrel-app.yml @@ -2,7 +2,7 @@ manifestVersion: 1 id: adguard-home category: networking name: AdGuard Home -version: "0.107.72" +version: "0.107.73" tagline: Network-wide software for blocking ads and tracking description: >- ⚠️ See below for important set-up instructions. @@ -19,25 +19,11 @@ description: >- This ensures that the app will not conflict with other apps from the Umbrel App Store, and that the app will be accessible when clicking on the app icon in the umbrelOS homescreen. releaseNotes: >- - This release includes security updates, new features, improvements, and bug fixes. + 🚨 Critical Security Update: This hotfix addresses a critical vulnerability that could allow users to bypass authentication and gain full access to AdGuard Home without valid credentials. Updating immediately is strongly recommended. - ⚠️ Security Update: - - The underlying Go version has been updated to address potential vulnerabilities - - - New Features: - - TLS certificate and key files are now automatically tracked and reloaded when updated - - New query parameter for defining statistics lookback period - - - Improvements: - - Deleting or renaming hosts files now updates runtime clients and DNS filtering results - - - Bug Fixes: - - Fixed executable permissions in some Docker installations - - Unknown blocked services are now logged instead of causing server crashes + Security Fix: + - Authentication is now enforced for requests upgraded from HTTP/2 Cleartext (H2C) to public resources Full release notes can be found at https://github.com/AdguardTeam/AdGuardHome/releases