Community discussions

 
User avatar
emils
MikroTik Support
MikroTik Support
Topic Author
Posts: 453
Joined: Thu Dec 11, 2014 8:53 am

v6.44.5 [long-term] is released!

Tue Jul 09, 2019 12:09 pm

RouterOS version 6.44.5 has been released in public "long-term" channel!

Before an upgrade:
1) Remember to make backup/export files before an upgrade and save them on another storage device;
2) Make sure the device will not lose power during upgrade process;
3) Device has enough free storage space for all RouterOS packages to be downloaded.

What's new in 6.44.5 (2019-Jul-04 10:32):

MAJOR CHANGES IN v6.44.5:
----------------------
!) security - fixed vulnerabilities CVE-2018-1157, CVE-2018-1158;
!) security - fixed vulnerabilities CVE-2019-11477, CVE-2019-11478, CVE-2019-11479;
!) security - fixed vulnerability CVE-2019-13074;
----------------------

Changes in this release:

*) bridge - correctly handle bridge host table;
*) capsman - fixed CAP system upgrading process for MMIPS;
*) capsman - fixed interface-list usage in access list;
*) certificate - removed "set-ca-passphrase" parameter;
*) cloud - properly stop "time-zone-autodetect" after disable;
*) conntrack - fixed GRE protocol packet connection-state matching (CVE-2014-8160);
*) defconf - automatically set "installation" parameter for outdoor devices;
*) dhcpv6-client - fixed status update when leaving "bound" state;
*) dhcpv6-server - fixed dynamic IPv6 binding without proper reference to the server;
*) dhcpv6-server - override prefix pool and/or DNS server settings by values received from RADIUS;
*) discovery - fixed CDP packets not including address on slave ports (introduced in v6.44);
*) e-mail - properly release e-mail sending session if the server's domain name can not be resolved;
*) firewall - fixed fragmented packet processing when only RAW firewall is configured;
*) firewall - process packets by firewall when accepted by RAW with disabled connection tracking;
*) gps - strip unnecessary trailing characters from "longtitude" and "latitude" values;
*) hotspot - moved "title" HTML tag after "meta" tags;
*) ipv6 - improved system stability when receiving bogus packets;
*) ovpn - added "verify-server-certificate" parameter for OVPN client (CVE-2018-10066);
*) rb3011 - improved system stability when receiving bogus packets;
*) rb921 - improved system stability ("/system routerboard upgrade" required);
*) snmp - improved reliability on SNMP service packet validation;
*) ssh - fixed non-interactive multiple command execution;
*) supout - added IPv6 ND section to supout file;
*) supout - added "pwr-line" section to supout file;
*) supout - changed IPv6 pool section to output detailed print;
*) winbox - do not allow setting "dns-lookup-interval" to "0";
*) wireless - improved DFS radar detection when using non-ETSI regulated country;
*) wireless - improved installation mode selection for wireless outdoor equipment;
*) wireless - updated "china" regulatory domain information;
*) www - improved client-initiated renegotiation within the SSL and TLS protocols (CVE-2011-1473);

For a full changelog please visit https://mikrotik.com/download/changelogs

To upgrade, click "Check for updates" at /system package in your RouterOS configuration interface, or head to our download page: http://www.mikrotik.com/download

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as suspected or after some problem has appeared on device

Please keep this forum topic strictly related to this specific RouterOS release.
 
User avatar
deem
just joined
Posts: 20
Joined: Mon Sep 16, 2013 6:14 pm

Re: v6.44.5 [long-term] is released!

Tue Jul 09, 2019 1:23 pm

There is critical issue for me, firewall input chain with drop action on invalid connection state now drops incoming EoIP packets with no reason.
Last edited by deem on Tue Jul 09, 2019 1:56 pm, edited 1 time in total.
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8280
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: v6.44.5 [long-term] is released!

Tue Jul 09, 2019 1:35 pm

Isn't EoIP using GRE?
*) conntrack - fixed GRE protocol packet connection-state matching (CVE-2014-8160);
So make sure you're allowing GRE before dropping invalid connections.
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
DenisPDA
just joined
Posts: 21
Joined: Tue Sep 04, 2018 5:42 pm

Re: v6.44.5 [long-term] is released!

Tue Jul 09, 2019 1:39 pm

after upgrading from 6.43.16 to 6.44.5 ipsec dropped
/ ip ipsec identity
add peer = peer1 became one for all connections
 
User avatar
deem
just joined
Posts: 20
Joined: Mon Sep 16, 2013 6:14 pm

Re: v6.44.5 [long-term] is released!

Tue Jul 09, 2019 1:46 pm

Isn't EoIP using GRE?
*) conntrack - fixed GRE protocol packet connection-state matching (CVE-2014-8160);
So make sure you're allowing GRE before dropping invalid connections.
You are right, the problem is in GRE state matching, but why EoIP tunnels is in invalid connection state now?
 
DenisPDA
just joined
Posts: 21
Joined: Tue Sep 04, 2018 5:42 pm

Re: v6.44.5 [long-term] is released!

Tue Jul 09, 2019 1:58 pm

upgrading from 6.43.16 to 6.44.5
lost users /ip ipsec user
Where to looking for ?
 
User avatar
karlisi
Member Candidate
Member Candidate
Posts: 240
Joined: Mon May 31, 2004 8:09 am
Location: Latvia

Re: v6.44.5 [long-term] is released!

Tue Jul 09, 2019 2:13 pm

Mikrotik, please, write changelogs properly! Since separating stable and long-term channels they ar incomplete, at least for long-term. Every changelog must contain all changes and fixes from previous same channel release, not from previous release by number. It will eliminate such problems, as in one of previous comments about lost /ipsec users. Yes, this change (ipsec - removed "users" menu, XAuth user configuration is now handled by "identity" menu) is mentioned in changelog, in version 6.44 stable changelog. But nothing about it in 6.44.5 long-term changelog! Yes, I am angry, months are gone and nothing changes.
---
Karlis
 
User avatar
sergejs
MikroTik Support
MikroTik Support
Posts: 6615
Joined: Thu Mar 31, 2005 3:33 pm
Location: Riga, Latvia
Contact:

Re: v6.44.5 [long-term] is released!

Tue Jul 09, 2019 3:47 pm

karlisi, it is hard to judge about proper and improper ways for changelogs syntax. However, we will try to improve it for the next versions, thank you for the report.
 
DenisPDA
just joined
Posts: 21
Joined: Tue Sep 04, 2018 5:42 pm

Re: v6.44.5 [long-term] is released!

Tue Jul 09, 2019 3:54 pm

karlisi, it is hard to judge about proper and improper ways for changelogs syntax. However, we will try to improve it for the next versions, thank you for the report.
It is enough to lay out the full list of changes v6.44.5 relative to 6.43.16 long-term
 
User avatar
bajodel
Long time Member
Long time Member
Posts: 545
Joined: Sun Nov 24, 2013 8:30 am
Location: Italy

Re: v6.44.5 [long-term] is released!

Tue Jul 09, 2019 4:52 pm

The [netinstall-6.44.5.zip] seems corrupted, please confirm ..thanks
 
DenisPDA
just joined
Posts: 21
Joined: Tue Sep 04, 2018 5:42 pm

Re: v6.44.5 [long-term] is released!

Tue Jul 09, 2019 5:07 pm

The [netinstall-6.44.5.zip] seems corrupted, please confirm ..thanks
Try using Mozilla Firefox to download a netinstall 6.44.5
https://download.mikrotik.com/routeros/6.44.5/netinstall-6.44.5.zip
 
User avatar
osc86
newbie
Posts: 44
Joined: Wed Aug 09, 2017 1:15 pm

Re: v6.44.5 [long-term] is released!

Tue Jul 09, 2019 8:20 pm

File from 159.148.147.204 is corrupted.
https://159.148.172.226/routeros/6.44.5 ... 6.44.5.zip seems ok.
CCR1009-7G-1C-1S+ ROS6.45.1
 
DenisPDA
just joined
Posts: 21
Joined: Tue Sep 04, 2018 5:42 pm

Re: v6.44.5 [long-term] is released!

Tue Jul 09, 2019 9:30 pm

File from 159.148.147.204 is corrupted.
https://159.148.172.226/routeros/6.44.5 ... 6.44.5.zip seems ok.
confirm
Net_6445.JPG
You do not have the required permissions to view the files attached to this post.
Last edited by DenisPDA on Tue Jul 09, 2019 9:57 pm, edited 1 time in total.
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8280
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: v6.44.5 [long-term] is released!

Tue Jul 09, 2019 9:41 pm

File from 159.148.147.204 is corrupted.
https://159.148.172.226/routeros/6.44.5 ... 6.44.5.zip seems ok.
confirm
Image
Your image is corrupted :)
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
attl
just joined
Posts: 1
Joined: Tue Jul 09, 2019 9:45 pm

Re: v6.44.5 [long-term] is released!

Tue Jul 09, 2019 9:51 pm

 
DenisPDA
just joined
Posts: 21
Joined: Tue Sep 04, 2018 5:42 pm

Re: v6.44.5 [long-term] is released!

Tue Jul 09, 2019 10:00 pm

Your image is corrupted :)
corrected ;)
 
mkx
Forum Guru
Forum Guru
Posts: 2468
Joined: Thu Mar 03, 2016 10:23 pm

Re: v6.44.5 [long-term] is released!

Tue Jul 09, 2019 11:31 pm

Your image is corrupted :)
corrected ;)
Now it's encrypted in cyrillic :wink:
BR,
Metod
 
HzMeister
Frequent Visitor
Frequent Visitor
Posts: 67
Joined: Sun Jan 28, 2018 9:48 pm

Re: v6.44.5 [long-term] is released!

Wed Jul 10, 2019 12:59 am

Upgraded from 6.44.3 on rb750gr3 without issue. Everything works great.
 
105547111
Member Candidate
Member Candidate
Posts: 131
Joined: Fri Jun 22, 2012 9:46 pm

Re: v6.44.5 [long-term] is released!

Wed Jul 10, 2019 1:10 am

More download issues to add to above : Dude and x86 server packages are also 0 bytes.

No issues 6.43.16 LT to 6.44.5 LT on: CCR1016, CRS125, CHR, wAP60G, RB951G, SXT5AC
 
User avatar
StevenGT
just joined
Posts: 1
Joined: Thu May 11, 2017 2:42 pm

Re: v6.44.5 [long-term] is released!

Wed Jul 10, 2019 8:19 am

It is enough to lay out the full list of changes v6.44.5 relative to 6.43.16 long-term
Exactly!
 
User avatar
skylark
MikroTik Support
MikroTik Support
Posts: 93
Joined: Wed Feb 10, 2016 3:55 pm

Re: v6.44.5 [long-term] is released!

Wed Jul 10, 2019 9:02 am

Isn't EoIP using GRE?
*) conntrack - fixed GRE protocol packet connection-state matching (CVE-2014-8160);
So make sure you're allowing GRE before dropping invalid connections.
You are right, the problem is in GRE state matching, but why EoIP tunnels is in invalid connection state now?
EoIP is based on GRE RFC 1701

More download issues to add to above : Dude and x86 server packages are also 0 bytes.
How did you download these packages: manually, fetch or another method? Can you reproduce it or it happened once?
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 23998
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: v6.44.5 [long-term] is released!

Wed Jul 10, 2019 9:45 am

How do you guys propose we make such a changelog? This is the long term branch, where releases are very rare, and the jumps are very big.
Imagine there could be 15 fixes, new bugs, fixes again, then the feature could be already removed, then a new one added, removed again, and then a new feature made and fixed.

Listing fixes for non existing feature would be useless.
No answer to your question? How to write posts
 
DenisPDA
just joined
Posts: 21
Joined: Tue Sep 04, 2018 5:42 pm

Re: v6.44.5 [long-term] is released!

Wed Jul 10, 2019 10:18 am

How do you guys propose we make such a changelog? This is the long term branch, where releases are very rare, and the jumps are very big.
Imagine there could be 15 fixes, new bugs, fixes again, then the feature could be already removed, then a new one added, removed again, and then a new feature made and fixed.

Listing fixes for non existing feature would be useless.
People fly into space.
And You can't make the rules list of changes
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 23998
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: v6.44.5 [long-term] is released!

Wed Jul 10, 2019 11:02 am

I don't fly into space, though :)
No answer to your question? How to write posts
 
DenisPDA
just joined
Posts: 21
Joined: Tue Sep 04, 2018 5:42 pm

Re: v6.44.5 [long-term] is released!

Wed Jul 10, 2019 11:04 am

I don't fly into space, though :)
You are not posting the full list of changes.
:(
 
TimurA
Member Candidate
Member Candidate
Posts: 112
Joined: Sat Dec 15, 2018 6:13 am
Location: Tashkent
Contact:

Re: v6.44.5 [long-term] is released!

Wed Jul 10, 2019 11:13 am

I don't fly into space, though :)
You are not posting the full list of changes.
:(
there is a feeling that the gentlemen are changing wheels on the go. In the future, this method may tear off your hands.
Sorry for not exact expression in English. and Sorry for my French. :mrgreen:
Image
 
User avatar
karlisi
Member Candidate
Member Candidate
Posts: 240
Joined: Mon May 31, 2004 8:09 am
Location: Latvia

Re: v6.44.5 [long-term] is released!

Wed Jul 10, 2019 11:29 am

How do you guys propose we make such a changelog? This is the long term branch, where releases are very rare, and the jumps are very big.
Imagine there could be 15 fixes, new bugs, fixes again, then the feature could be already removed, then a new one added, removed again, and then a new feature made and fixed.

Listing fixes for non existing feature would be useless.
Are you serious? OK, I'll explain. List only changes from last long-term release. List fixes to features which exist in latest long-term release. Skip fetaures and fixes added and then removed in between. And, yes, it takes some time. You know, there's a big secret - on every long-term release we, your customers, are reading all changelogs in all branches, consolidate them, in fact, we are doing your job.
---
Karlis
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 23998
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: v6.44.5 [long-term] is released!

Wed Jul 10, 2019 11:32 am

Kārli, your points make me think you did not read my post at all. You just said you want ALL changes, now you say you don't want all changes. Long term releases don't come after each other, they are "elected" to be long term, from the "Stable" branch.
No answer to your question? How to write posts
 
User avatar
Lifz
newbie
Posts: 32
Joined: Tue Feb 26, 2013 1:05 pm

Re: v6.44.5 [long-term] is released!

Wed Jul 10, 2019 11:46 am

What's the point if you do not read it anyway?
 
User avatar
Splash
Member Candidate
Member Candidate
Posts: 145
Joined: Fri Oct 16, 2015 10:09 am
Location: Johannesburg, South Africa

Re: v6.44.5 [long-term] is released!

Wed Jul 10, 2019 1:18 pm

Isn't EoIP using GRE?
*) conntrack - fixed GRE protocol packet connection-state matching (CVE-2014-8160);
So make sure you're allowing GRE before dropping invalid connections.
You are right, the problem is in GRE state matching, but why EoIP tunnels is in invalid connection state now?
EoIP is based on GRE RFC 1701
Yup, we have had the same problem spread across our network affecting EoIP PPTP tunnels. As above we have disabled the drop input invalid rule as a work around.
MTCNA, MTCRE, MTCINE, MTCTCE, MTCIPv6E, MTCUME
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 1137
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v6.44.5 [long-term] is released!

Wed Jul 10, 2019 1:28 pm

Most important, you should say from what change it is from.
I would say, only list changes from 6.44.4 to 6.44.5
If you like to see other change, you look for change log for 6.44.4 or 6.44.3 etc

This is how Cisco does it.

Cisco also has a tool that can compere version and see what function are different form x and y release of the software.
 
How to use Splunk to monitor your MikroTik Router

MikroTik->Splunk
 
 
User avatar
eworm
Member
Member
Posts: 334
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: v6.44.5 [long-term] is released!

Wed Jul 10, 2019 2:06 pm

Let's cool down on the changelog topic.
IMHO this is just another matter of communication. Just add a note to the changelog: A new stable release moved to long-term. For full changelog see changes up to version 6.44.3.
At least this is a first step and clarifies what changes can be expected in changelog.
Manage RouterOS scripts and extend your devices' functionality: RouterOS Scripts
 
aidan
newbie
Posts: 28
Joined: Thu Jun 25, 2015 12:48 am

Re: v6.44.5 [long-term] is released!

Wed Jul 10, 2019 3:05 pm

Let's cool down on the changelog topic.
IMHO this is just another matter of communication. Just add a note to the changelog: A new stable release moved to long-term. For full changelog see changes up to version 6.44.3.
At least this is a first step and clarifies what changes can be expected in changelog.

I agree. It is not difficult for users to review the change log for stable 6.44-6.44.4 and long-term 6.44.5.

https://mikrotik.com/download/changelog ... lease-tree
https://mikrotik.com/download/changelog ... lease-tree
 
User avatar
karlisi
Member Candidate
Member Candidate
Posts: 240
Joined: Mon May 31, 2004 8:09 am
Location: Latvia

Re: v6.44.5 [long-term] is released!

Wed Jul 10, 2019 3:22 pm

Every changelog must contain all changes and fixes from previous same channel release, not from previous release by number.
It's about this sentence? For long-term channel there are no other intermediate releases, only long-term. Similarly as for stable channel there is no beta releases. Changelogs should be written accordingly. IMHO.
But I see other users don't care about it, so topic closed.
---
Karlis
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8280
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: v6.44.5 [long-term] is released!

Wed Jul 10, 2019 4:11 pm

Imagine there could be 15 fixes, new bugs, fixes again, then the feature could be already removed, then a new one added, removed again, and then a new feature made and fixed.

Listing fixes for non existing feature would be useless.
Well, that info can be useful also: you know what parts of OS were officially touched, so you can pay more attention into testing them :) Just my 2c.
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
petern
just joined
Posts: 20
Joined: Wed Dec 13, 2017 5:58 pm

Re: v6.44.5 [long-term] is released!

Wed Jul 10, 2019 6:07 pm

I noticed that after upgrade from 6.43.16 to 6.44.5, allow-none-crypto=yes was set in /ip ssh. This seems to be a new setting and is documented as defaulting to no.
 
User avatar
eworm
Member
Member
Posts: 334
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: v6.44.5 [long-term] is released!

Wed Jul 10, 2019 6:11 pm

I noticed that after upgrade from 6.43.16 to 6.44.5, allow-none-crypto=yes was set in /ip ssh. This seems to be a new setting and is documented as defaulting to no.
You have set strong-crypto=yes? I think it depends on that setting.
Manage RouterOS scripts and extend your devices' functionality: RouterOS Scripts
 
kriszos
just joined
Posts: 8
Joined: Thu Dec 21, 2017 3:08 pm

Re: v6.44.5 [long-term] is released!

Wed Jul 10, 2019 6:31 pm

Can I migrate my router from 6.44 Stable to Long term without worrying about configuration?
 
User avatar
eworm
Member
Member
Posts: 334
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: v6.44.5 [long-term] is released!

Wed Jul 10, 2019 6:44 pm

Can I migrate my router from 6.44 Stable to Long term without worrying about configuration?
Yes, it's just a small bugfix release then.
Manage RouterOS scripts and extend your devices' functionality: RouterOS Scripts
 
petern
just joined
Posts: 20
Joined: Wed Dec 13, 2017 5:58 pm

Re: v6.44.5 [long-term] is released!

Wed Jul 10, 2019 6:57 pm

I noticed that after upgrade from 6.43.16 to 6.44.5, allow-none-crypto=yes was set in /ip ssh. This seems to be a new setting and is documented as defaulting to no.
You have set strong-crypto=yes? I think it depends on that setting.
Yes strong-crypto=yes was already set.
 
anuser
Member
Member
Posts: 351
Joined: Sat Nov 29, 2014 7:27 pm

Re: v6.44.5 [long-term] is released!

Wed Jul 10, 2019 10:46 pm

An user send my a report about his wifi connection problems connecting to a cAP ac with 5 GHz and channel 120 configured:

- client: Apple MacBook Pro 11,3 (Retina, 15-inch, Late 2013).
- macOS X 10.13.6
- CAPSMAN based forwarding
- cAP ac v6.44.5 + channel 120

The Macbook sees the channel, but hangs while connecting to it:
'campus' <651231212 6f2321d>, bssid=b8:69:f4:01:a1:5a, channel=[120, width=20], cc=(null),
type=11ac, rssi=-60, rsn=[mcast=aes_ccm, ucast={ aes_ccm }, auths={ 8021x }, caps=0x0],
wpa=(null), wep=no, ibss=no, ph=no, swap=no, hs20=no, airport=no,

The Macbook does connect to any other tested cAP ac running with the same CAPsMAN configuration except the channel. So all other tested channels works, except channel 120.
Other clients can happily connect to the same cAP ac at the same time.

Any ideas?
 
roe1974
newbie
Posts: 43
Joined: Mon Dec 31, 2018 2:14 pm

Re: v6.44.5 [long-term] is released!

Thu Jul 11, 2019 11:26 am

Can I migrate my router from 6.44 Stable to Long term without worrying about configuration?
Yes, it's just a small bugfix release then.
So i also can go from 6.44.3 (stable) to 6.44.5 (LT) without any major changes/problems ?

Richard
 
petern
just joined
Posts: 20
Joined: Wed Dec 13, 2017 5:58 pm

Re: v6.44.5 [long-term] is released!

Thu Jul 11, 2019 12:32 pm

So i also can go from 6.44.3 (stable) to 6.44.5 (LT) without any major changes/problems ?
You can review the changes for 6.44.4 and 6.44.5 to determine if any of them will affect you?
 
User avatar
deem
just joined
Posts: 20
Joined: Mon Sep 16, 2013 6:14 pm

Re: v6.44.5 [long-term] is released!

Thu Jul 11, 2019 2:58 pm

Isn't EoIP using GRE?
*) conntrack - fixed GRE protocol packet connection-state matching (CVE-2014-8160);
So make sure you're allowing GRE before dropping invalid connections.
You are right, the problem is in GRE state matching, but why EoIP tunnels is in invalid connection state now?
EoIP is based on GRE RFC 1701
Yes, i know, but RouterOS knows my EoIP settings and for him these appropriate GRE packets MUST NOT be in invalid state. Please fix that.
 
User avatar
Anumrak
Forum Veteran
Forum Veteran
Posts: 970
Joined: Fri Jul 28, 2017 2:53 pm

Re: v6.44.5 [long-term] is released!

Thu Jul 11, 2019 4:09 pm

Installed with a first attempt on hAP lite without any problem unlike 6.45.1.
 
roe1974
newbie
Posts: 43
Joined: Mon Dec 31, 2018 2:14 pm

Re: v6.44.5 [long-term] is released!

Thu Jul 11, 2019 6:56 pm

perhaps this could affect me:

*) ovpn - added "verify-server-certificate" parameter for OVPN client (CVE-2018-10066);

i use certicates created on RB4011
i have an ovpn connection from a ltAP to the RB4011
so if i upgrade the ltAP ... this parameter is default on or off ?
richard
 
Darryl
just joined
Posts: 15
Joined: Fri May 13, 2016 3:44 pm

Re: v6.44.5 [long-term] is released!

Fri Jul 12, 2019 4:20 pm

Hello !

I left a bunch of RB's on 6.40.9 but the latest CVE's no longer make that suitable for internet traffic. Is there any concerns making the jump to 6.44.5 ? Other then changes to bridge and password storage method. My hope is to just press the Download&Install button remotely so I don't have to do it in person from device lock-ups and bricking.
 
User avatar
BartoszP
Forum Guru
Forum Guru
Posts: 1699
Joined: Mon Jun 16, 2014 1:13 pm
Location: Poland

Re: v6.44.5 [long-term] is released!

Fri Jul 12, 2019 5:12 pm

Was it "Upgrading on the edge" by Aerosmith? :-)

Jump from 6.40 directly to 6.45 .... you are brave man. Have you read changelogs in the 6.41?
Real admins use real keyboards.
 
Darryl
just joined
Posts: 15
Joined: Fri May 13, 2016 3:44 pm

Re: v6.44.5 [long-term] is released!

Fri Jul 12, 2019 6:05 pm

I've read it. I see what I use shouldn't be affected. But its quite a jump, considering the changes to switch and bridge. Just wondering if anyone else made such a jump. In the past I've gone from 4.x to 6.x and that wasn't an issue. But so much has changed. I don't need any new features, but I can't have the devices vulnerable to hacking.

Was it "Upgrading on the edge" by Aerosmith? :-)

Jump from 6.40 directly to 6.45 .... you are brave man. Have you read changelogs in the 6.41?
 
sanitycheck
newbie
Posts: 47
Joined: Wed Nov 16, 2011 6:03 am
Location: USA

Re: v6.44.5 [long-term] is released!

Sat Jul 13, 2019 8:39 am

I connect to manage routers with ssh using an rsa ssh key. SSH stong-crypto is set to yes. I upgraded a remote test router from 6.43.16 long-term to 6.44.5 long-term.

It allows me to make a connection using Putty as usual, the connection terminal window displays correctly. But when I try to manage the router through ssh port tunnel (redirect) to winbox or telnet it disconnects the ssh session with this error:

Strange packet received: type 82

The firmware was not upgraded to 6.44.5 because I could never reconnect to do it (user with ssh permissions is limited to just ssh, so management has to be through a redirected winbox or telnet unless there is a way to change users inside the ssh console window).

My Winbox is 3.19. If there is a change in the changelog that explains this problem I don't see it.

Who is online

Users browsing this forum: No registered users and 8 guests