MikroTik hat ein neues wichtiges Update zur Verfügung gestellt das einige Sicherheitsrelevante CVE-Einträge im WLAN-Bereich löst.
Es wird empfohlen das Update einzuspielen. Kunden mit Wartungsvertrag wird dies in den nächsten Tagen erfolgen.
Alle Änderungen im Überblick:
- branding – added option to upload custom files (newly generated branding package required)
- console – do not clear environment values if any global variable is set
- crs3xx – fixed Ethernet LEDs after reboot for CRS354 devices
- crs3xx – fixed VLAN priority removal for CRS309, CRS312, CRS326-24S+2Q+ and CRS354 devices
- crs3xx – fixed port-isolation on bonding interfaces for CRS317, CRS309, CRS312, CRS326-24S+2Q+ and CRS354 devices
- crs3xx – improved LACP linking between CRS3xx series switches
- crs3xx – improved system stability when receiving large frames on CPU for CRS317, CRS309, CRS312, CRS326-24S+2Q+ and CRS354 devices
- defconf – fixed default configuration loading on RBOmniTikPG-5HacD
- dot1x – fixed “reject-vlan-id” for MAC authentication (introduced in v6.48)
- dot1x – fixed MAC authentication fallback (introduced in v6.48)
- ipsec – fixed SA address parameter exporting
- lte – fixed “earfcn” to band translation for “cell-monitor”
- package – added new “iot” package with Bluetooth (KNOT only) and MQTT publisher support
- rb4011 – fixed SFP+ port MTU setting after link state change
- rb4011 – improved SFP+ port stability after boot-up
- route – improved stability when connected route is modified
- sfp – improved cable length monitoring as defined per SFF-8472 and SFF-8636
- ssh – return proper error code from executed command
- system – improved resource allocation (improves several service stability e.g. HTTPS, PPPoE, VPN)
- tile – fixed bridge performance degradation (introduced in v6.47)
- webfig – fixed “PortMapping” button (introduced in v6.48.2)
- winbox – fixed health reporting on RB960, hEX and hEX S devices
- winbox – show “System/Health” only on boards that have health monitoring
- wireless – fixed issue with multicast traffic delivery to client devices using power-save
- wireless – improved iOS compatibility with HotSpot 2.0 networks
- www – added “X-Frame-Options” header information to disallow website embedding in other pages