Unraid OS version 6.8.1 available


limetech

Recommended Posts

This is a bug fix and security update release.  Due to a security vulnerability discovered in forms-based authentication:

 

ALL USERS ARE STRONGLY ENCOURAGED TO UPGRADE

 

To upgrade:

  • If you are running any 6.4 or later release, click 'Check for Updates' on the Tools/Update OS page.
  • If you are running a pre-6.4 release, click 'Check for Updates' on the Plugins page.
  • If the above doesn't work, navigate to Plugins/Install Plugin, select/copy/paste this plugin URL and click Install:
    https://s3.amazonaws.com/dnld.lime-technology.com/stable/unRAIDServer.plg

     

Refer also to @ljm42 excellent 6.4 Update Notes which are helpful especially if you are upgrading from a pre-6.4 release.

 

Bugs: If you discover a bug or other issue in this release, please open a Stable Releases Bug Report.

 

Version 6.8.1 2020-01-10 Changes vs. 6.8.0

Base distro:

  • libuv: version 1.34.0
  • libvirt: version 5.10.0
  • mozilla-firefox: version 72.0.1 (CVE-2019-17026, CVE-2019-17015, CVE-2019-17016, CVE-2019-17017, CVE-2019-17018, CVE-2019-17019, CVE-2019-17020, CVE-2019-17021, CVE-2019-17022, CVE-2019-17023, CVE-2019-17024, CVE-2019-17025)
  • php: version 7.3.13 (CVE-2019-11044 CVE-2019-11045 CVE-2019-11046 CVE-2019-11047 CVE-2019-11049 CVE-2019-11050)
  • qemu: version 4.2.0
  • samba: version 4.11.4
  • ttyd: version 20200102
  • wireguard-tools: version 1.0.20200102

Linux kernel:

  • version 4.19.94
  • kernel_firmware: version 20191218_c4586ff (with additional Intel BT firmware)
  • CONFIG_THUNDERBOLT: Thunderbolt support
  • CONFIG_INTEL_WMI_THUNDERBOLT: Intel WMI thunderbolt force power driver
  • CONFIG_THUNDERBOLT_NET: Networking over Thunderbolt cable
  • oot: Highpoint rr3740a: version v1.19.0_19_04_04
  • oot: Highpoint r750: version v1.2.11-18_06_26 [restored]
  • oot: wireguard: version 0.0.20200105

Management:

  • add cache-busting params for noVNC url assets
  • emhttpd: fix cryptsetup passphrase input
  • network: disable IPv6 for an interface when its settings is "IPv4 only".
  • webgui: Management page: fixed typos in help text
  • webgui: VM settings: fixed Apply button sometimes not working
  • webgui: Dashboard: display CPU load full width when no HT
  • webgui: Docker: show 'up-to-date' when status is unknown
  • webgui: Fixed: handle race condition when updating share access rights in Edit User
  • webgui: Docker: allow to set container port for custom bridge networks
  • webgui: Better support for custom themes (not perfect yet)
  • webgui: Dashboard: adjusted table positioning
  • webgui: Add user name and user description verification
  • webgui: Edit User: fix share access assignments
  • webgui: Management page: remove UPnP conditional setting
  • webgui: Escape shell arg when logging csrf mismatch
  • webgui: Terminal button: give unsupported warning when Edge/MSIE is used
  • webgui: Patched vulnerability in auth_request
  • webgui: Docker: added new setting "Host access to custom networks"
  • webgui: Patched vulnerability in template.php

 

  • Like 6
  • Thanks 13
Link to comment

Upgrade from 6.8 to 6.8.1 went without issue.

 

If you don't mind, 1 suggestion, and one behavior comment:

 

Suggestion:  Can the login page have the cursor start in the username field upon load?  right now it takes a click to get there, which can be saved given username entry is the first action on the page.

 

Comment:  In the versions prior to 6.8, one could jump directly to a URL (e.g. http://tower/Docker).  i.e. entering username/pass would take you to that page.   With the new login form, if the user is *already* authenticated, the browser will take you directly to that URL (given that you're already signed in).  However, if you are not logged in, going to (again e.g. above url) will pop the login form as expected, but upon successful authentication you are always taken to "Main".

Link to comment
6 minutes ago, Edrikk said:

Comment:  In the versions prior to 6.8, one could jump directly to a URL (e.g. http://tower/Docker).  i.e. entering username/pass would take you to that page.   With the new login form, if the user is *already* authenticated, the browser will take you directly to that URL (given that you're already signed in).  However, if you are not logged in, going to (again e.g. above url) will pop the login form as expected, but upon successful authentication you are always taken to "Main".

May not be exactly what you want, but you can change the "start page" the system takes you to via Settings - Management Access (You can select any tab for the default, including any custom ones you may have)

Link to comment
9 hours ago, Edrikk said:

Suggestion:  Can the login page have the cursor start in the username field upon load?  right now it takes a click to get there, which can be saved given username entry is the first action on the page.

In the meantime, you can press the Tab key once to put the focus on the username field

Link to comment

I have updated from 6.8.0 to 6.8.1 after update fail2ban cant start.

root@Tower:/custom/fail2ban-0.11.1# /etc/rc.d/rc.fail2ban start
Starting fail2ban:
ERROR:root:code for hash md5 was not found.
Traceback (most recent call last):
  File "/usr/lib64/python2.7/hashlib.py", line 139, in <module>
    globals()[__func_name] = __get_hash(__func_name)
  File "/usr/lib64/python2.7/hashlib.py", line 91, in __get_builtin_constructor
    raise ValueError('unsupported hash type ' + name)
ValueError: unsupported hash type md5
ERROR:root:code for hash sha1 was not found.
Traceback (most recent call last):
  File "/usr/lib64/python2.7/hashlib.py", line 139, in <module>
    globals()[__func_name] = __get_hash(__func_name)
  File "/usr/lib64/python2.7/hashlib.py", line 91, in __get_builtin_constructor
    raise ValueError('unsupported hash type ' + name)
ValueError: unsupported hash type sha1
ERROR:root:code for hash sha224 was not found.
Traceback (most recent call last):
  File "/usr/lib64/python2.7/hashlib.py", line 139, in <module>
    globals()[__func_name] = __get_hash(__func_name)
  File "/usr/lib64/python2.7/hashlib.py", line 91, in __get_builtin_constructor
    raise ValueError('unsupported hash type ' + name)
ValueError: unsupported hash type sha224
ERROR:root:code for hash sha256 was not found.
Traceback (most recent call last):
  File "/usr/lib64/python2.7/hashlib.py", line 139, in <module>
    globals()[__func_name] = __get_hash(__func_name)
  File "/usr/lib64/python2.7/hashlib.py", line 91, in __get_builtin_constructor
    raise ValueError('unsupported hash type ' + name)
ValueError: unsupported hash type sha256
ERROR:root:code for hash sha384 was not found.
Traceback (most recent call last):
  File "/usr/lib64/python2.7/hashlib.py", line 139, in <module>
    globals()[__func_name] = __get_hash(__func_name)
  File "/usr/lib64/python2.7/hashlib.py", line 91, in __get_builtin_constructor
    raise ValueError('unsupported hash type ' + name)
ValueError: unsupported hash type sha384
ERROR:root:code for hash sha512 was not found.
Traceback (most recent call last):
  File "/usr/lib64/python2.7/hashlib.py", line 139, in <module>
    globals()[__func_name] = __get_hash(__func_name)
  File "/usr/lib64/python2.7/hashlib.py", line 91, in __get_builtin_constructor
    raise ValueError('unsupported hash type ' + name)
ValueError: unsupported hash type sha512
ERROR:root:code for hash md5 was not found.
Traceback (most recent call last):
  File "/usr/lib64/python2.7/hashlib.py", line 139, in <module>
    globals()[__func_name] = __get_hash(__func_name)
  File "/usr/lib64/python2.7/hashlib.py", line 91, in __get_builtin_constructor
    raise ValueError('unsupported hash type ' + name)
ValueError: unsupported hash type md5
ERROR:root:code for hash sha1 was not found.
Traceback (most recent call last):
  File "/usr/lib64/python2.7/hashlib.py", line 139, in <module>
    globals()[__func_name] = __get_hash(__func_name)
  File "/usr/lib64/python2.7/hashlib.py", line 91, in __get_builtin_constructor
    raise ValueError('unsupported hash type ' + name)
ValueError: unsupported hash type sha1
ERROR:root:code for hash sha224 was not found.
Traceback (most recent call last):
  File "/usr/lib64/python2.7/hashlib.py", line 139, in <module>
    globals()[__func_name] = __get_hash(__func_name)
  File "/usr/lib64/python2.7/hashlib.py", line 91, in __get_builtin_constructor
    raise ValueError('unsupported hash type ' + name)
ValueError: unsupported hash type sha224
ERROR:root:code for hash sha256 was not found.
Traceback (most recent call last):
  File "/usr/lib64/python2.7/hashlib.py", line 139, in <module>
    globals()[__func_name] = __get_hash(__func_name)
  File "/usr/lib64/python2.7/hashlib.py", line 91, in __get_builtin_constructor
    raise ValueError('unsupported hash type ' + name)
ValueError: unsupported hash type sha256
ERROR:root:code for hash sha384 was not found.
Traceback (most recent call last):
  File "/usr/lib64/python2.7/hashlib.py", line 139, in <module>
    globals()[__func_name] = __get_hash(__func_name)
  File "/usr/lib64/python2.7/hashlib.py", line 91, in __get_builtin_constructor
    raise ValueError('unsupported hash type ' + name)
ValueError: unsupported hash type sha384
ERROR:root:code for hash sha512 was not found.
Traceback (most recent call last):
  File "/usr/lib64/python2.7/hashlib.py", line 139, in <module>
    globals()[__func_name] = __get_hash(__func_name)
  File "/usr/lib64/python2.7/hashlib.py", line 91, in __get_builtin_constructor
    raise ValueError('unsupported hash type ' + name)
ValueError: unsupported hash type sha512
2020-01-12 17:11:54,549 fail2ban                [15981]: ERROR   'module' object                                                        has no attribute 'sha1'
ERROR:fail2ban:'module' object has no attribute 'sha1'
2020-01-12 17:12:24,895 fail2ban                [15980]: ERROR   Could not start                                                        server. Maybe an old socket file is still present. Try to remove /var/run/fail2                                                       ban/fail2ban.sock. If you used fail2ban-client to start the server, adding the -                                                       x option will do it
ERROR:fail2ban:Could not start server. Maybe an old socket file is still present                                                       . Try to remove /var/run/fail2ban/fail2ban.sock. If you used fail2ban-client to                                                        start the server, adding the -x option will do it

 

Link to comment
  • jonp unpinned this topic

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.