Skip to main content

6.11.0

Version 6.11.0 2022-09-23

Improvements

  • With this release there have been many base package updates including several CVE mitigations.

  • The Linux kernel update includes mitigation for Processor MMIO stale-data vulnerabilities.

  • The plugin system has been refactored so that 'plugin install' can proceed in the background. This alleviates issue where a user may think installation has crashed and closes the window, when actually it has not crashed.

  • Many other webGUI improvements.

  • Added support for specifying custom VNC ports in VM manager form editor. Custom port number specified using XML editor will be preserved when switching to forms-based editor.

  • Spin down for non-rotational devices now places those devices in standby mode if supported by the device. Similarly, spin up, or any I/O to the device will restore normal operation.

  • Display NVMe device capabilities obtained from SMART info.

  • Added necessary kernel CONFIG options to support Sr-iov with mellanox connectx4+ cards

  • Merged Dynamix SSD Trim plugin into Unraid OS webGUI.

  • Preliminary support for cgroup2. Pass 'unraidcgroup2' on syslinux append line to activate.

  • Included perl in base distro.

Bug fixes

  • Fixed issue in VM manager where VM log can not open when VM name has an embedded '#' character.

  • Fixed issue where Parity check pause/resume on schedule was broken.

  • Fixed issue installing registration keys.

  • Updated 'samba' to address security mitigations. Also should get rid of kernel message complaining about "Attempt to set a LOCK_MAND lock via flock(2)."

  • Fixed issue switching from 'test' branch to 'next'.

  • Quit trying to spin down devices which do not support standby mode.

  • Fixed AD join issued caused by outdated cyras-sasl library

  • Do not start mcelog daemon if CPU is unsupported (most AMD processors).

  • Fix nginx not recognizing SSL certificate renewal.

  • wireguard: check the reachability of the gateway (next-hop) before starting the WG tunnel.

  • Ignore "ERROR:" strings mixed in "btrfs filesystem show" command output. This solves problem where libblkid could tag a parity disk as having btrfs file system because the place it looks for the "magic number" happens to matches btrfs. Subsequent "btrfs fi" commands will attempt to read btrfs metadata from this device which fails because there really is not a btrfs filesystem there.

  • Fixed bug in mover that prevented files from being moved from unRAID array to a cache pool (mode Prefer) if the share name contains a space.

Change Log vs. Unraid OS 6.10.3

Management

  • Add sha256 checks of un-zipped files in unRAIDServer.plg.
  • bash: in /etc/profile omit "." (current directory) from PATH
  • docker: do not call 'docker stop' if there are no running containers
  • emhttpd: improve standby (spinning) support
  • mover: fixed issue preventing moving filed from array to cache if share name contains a space
  • rc.nginx: enable OCSP stapling on certs which include an OCSP responder URL
  • rc.nginx: compress 'woff' font files and instruct browser to cache
  • rc.wireguard: add better troubleshooting for WireGuard autostart
  • rc.S: support early load of plugin driver modules
  • SMB: fixed 'fruit' settings for the USB Flash boot device
  • SMB: remove NTLMv1 support since removed from Linux kernel
  • SMB: (temporarily) move vfs_fruit settings into separate /etc/samba/smb-fruit.conf file
  • SMB: (temporarily) get rid of Samba 'idmap_hash is deprecated' nag lines
  • startup: Prevent installing downgraded versions of packages which might exist in /boot/extra
  • upc: version v1.3.0
  • webgui: Plugin system update
    • Detach frontend and backend operation
    • Use nchan as communication channel
    • Allow window to be closed while backend continues
    • Use SWAL as window manager
    • Added multi remove ability on Plugins page
    • Added update all plugins with details
  • webgui: docker: use docker label as primary source for WebUI
    • This makes the 'net.unraid.docker.webui' docker label the primary source when parsing the web UI address. If the docker label is missing, the template value will be used instead.
  • webgui: Update Credits.page
  • webgui: VM manager: Fix VM log can not open when VM name has an embedded '#'
  • webgui: Management Access page: add details for self-signed certs
  • webgui: Parity check: fix regression error
  • webgui: Remove session creation in scripts
  • webgui: Update ssh key regex
    • Add support for ed25519/sk-ed25519
    • Remove support for ecdsa (insecure)
    • Use proper regex to check for valid key types
  • webgui: misc. style updates
  • webgui: Management access: HTTP port setting should always be enabled
  • webgui: Fix: preserve vnc port settings
  • webgui: Fix regression error in plugin system
  • webgui: Fix issue installing registration keys
  • webgui: Highlight case selection when custom image is selected
  • webgui: fix(upc): v1.4.2 apiVersion check regression
  • webgui: Update Disk Capabilities pages for NVME drives
  • webgui: chore(upc): v1.6.0
  • webgui: Plugin system and docker update
  • webgui: System info - style update
  • webgui: Plugins: keep header buttons in same position
  • webgui: Prevent overflow in container size for low resolutions
  • webgui: VM Manager: Add boot order to GUI and CD hot plug function
  • webgui: Docker Manager: add ability to specify shell with container label.
  • webgui: fix: Discord notification agent url
  • webgui: Suppress info icon in banner message when no info is available
  • webgui: Add Spindown message and use -n for identity if scsi drive.
  • webgui: Fix SAS Selftest
  • webgui: Fix plugin multi updates
  • webgui: UPS display enhancements:
    • Add icon for each category
    • Add translation in UPS section on dashboard
    • Add Output voltage / frequency value
    • Add coloring depending on settings
    • Normalize units
    • Make updates near real-time
    • Added UPS model field
  • webgui: JQuery: version 3.6.1
  • webgui: JQueryUI: version 1.13.2
  • webgui: improved 'cache busting' on font file urls
  • webgui: Fixed: text color in docker popup window sometimes wrong
  • webgui: Fixed: show read errors during Read Check
  • webgui: VM Manager: Add USB Startup policy; add Missing USB support
  • webgui: Docker: fixed javascript error when no containers exist
  • webgui: added 3rd party system diagnostics
    • added diagnostics for third party plugin packages
    • added diagnostics for /dev/dri devices
    • added diagnostics for /dev/dvb devices
    • added diagnostics for nvidia devices

Linux kernel

  • version 5.19.9 (CVE-2022-21123 (CVE-2022-21123 CVE-2022-21125 CVE-2022-21166)
  • md/unraid: version 2.9.24
  • CONFIG_IOMMU_DEFAULT_PASSTHROUGH: Passthrough
  • CONFIG_VIRTIO_IOMMU: Virtio IOMMU driver
  • CONFIG_X86_AMD_PSTATE: AMD Processor P-State driver
  • CONFIG_FIREWIRE: FireWire driver stack
  • CONFIG_FIREWIRE_OHCI: OHCI-1394 controllers
  • CONFIG_FIREWIRE_SBP2: Storage devices (SBP-2 protocol)
  • CONFIG_FIREWIRE_NET: IP networking over 1394
  • CONFIG_INPUT_UINPUT: User level driver support
  • CONFIG_INPUT_JOYDEV: Joystick interface
  • CONFIG_INPUT_JOYSTICK: Joysticks/Gamepads
  • CONFIG_JOYSTICK_XPAD: X-Box gamepad support
  • CONFIG_JOYSTICK_XPAD_FF: X-Box gamepad rumble support
  • CONFIG_JOYSTICK_XPAD_LEDS: LED Support for Xbox360 controller 'BigX' LED
  • CONFIG_MLX5_TLS: Mellanox Technologies TLS Connect-X support
  • CONFIG_MLX5_ESWITCH: Mellanox Technologies MLX5 SRIOV E-Switch suppor
  • CONFIG_MLX5_CLS_ACT: MLX5 TC classifier action support
  • CONFIG_MLX5_TC_SAMPLE: MLX5 TC sample offload support
  • CONFIG_MLXSW_SPECTRUM: Mellanox Technologies Spectrum family support
  • CONFIG_NET_SWITCHDEV: Switch (and switch-ish) device support
  • CONFIG_TLS: Transport Layer Security support
  • CONFIG_TLS_DEVICE: Transport Layer Security HW offload
  • CONFIG_TLS_TOE: Transport Layer Security TCP stack bypass
  • CONFIG_VMD: Intel Volume Management Device Driver
  • added additional sensor drivers:
    • CONFIG_AMD_SFH_HID: AMD Sensor Fusion Hub
    • CONFIG_SENSORS_AQUACOMPUTER_D5NEXT: Aquacomputer D5 Next watercooling pump
    • CONFIG_SENSORS_MAX6620: Maxim MAX6620 fan controller
    • CONFIG_SENSORS_NZXT_SMART2: NZXT RGB & Fan Controller/Smart Device v2
    • CONFIG_SENSORS_SBRMI: Emulated SB-RMI sensor
    • CONFIG_SENSORS_SHT4x: Sensiron humidity and temperature sensors. SHT4x and compat.
    • CONFIG_SENSORS_SY7636A: Silergy SY7636A
    • CONFIG_SENSORS_INA238: Texas Instruments INA238
    • CONFIG_SENSORS_TMP464: Texas Instruments TMP464 and compatible
    • CONFIG_SENSORS_ASUS_WMI: ASUS WMI X370/X470/B450/X399
    • CONFIG_SENSORS_ASUS_WMI_EC: ASUS WMI B550/X570
    • CONFIG_SENSORS_ASUS_EC: ASUS EC Sensors
  • patch: add reference to missing firmware in drivers/bluetooth/btrtl.c
    • rtl8723d_fw.bin
    • rtl8761b_fw.bin
    • rtl8761bu_fw.bin
    • rtl8821c_fw.bin
    • rtl8822cs_fw.bin
    • rtl8822cu_fw.bin
  • CONFIG_BPF_UNPRIV_DEFAULT_OFF: Disable unprivileged BPF by default
  • patch: quirk for Team Group MP33 M.2 2280 1TB NVMe (globally duplicate IDs for nsid)
  • turn on all IPv6 kernel options:
    • CONFIGINET6*
    • CONFIGIPV6*
  • CONFIG_RC_CORE: Remote Controller support
  • CONFIG_SFC_SIENA: Solarflare SFC9000 support
  • CONFIG_SFC_SIENA_MCDI_LOGGING: Solarflare SFC9000-family MCDI logging support
  • CONFIG_SFC_SIENA_MCDI_MON: Solarflare SFC9000-family hwmon support
  • CONFIG_SFC_SIENA_SRIOV: Solarflare SFC9000-family SR-IOV support
  • CONFIG_ZRAM: Compressed RAM block device support
  • CONFIG_ZRAM_DEF_COMP_LZ4: Default ram compressor (lz4)
  • turn on all EDAC kernel options
    • CONFIG_EDAC: EDAC (Error Detection And Correction) reporting
    • CONFIGEDAC*

Base distro

  • aaa_base: version 15.1
  • aaa_glibc-solibs: version 2.36
  • aaa_libraries: version 15.1
  • at: version 3.2.3
  • bind: version 9.18.6
  • btrfs-progs: version 5.19.1
  • ca-certificates: version 20220622
  • cifs-utils: version 7.0
  • coreutils: version 9.1
  • cracklib: version 2.9.8
  • cryptsetup: version 2.5.0
  • curl: version 7.85.0
  • cyrus-sasl: version 2.1.28
  • dbus: version 1.14.0
  • dhcpcd: version 9.4.1
  • dmidecode: version 3.4
  • docker: version 20.10.17 (CVE-2022-29526 CVE-2022-30634 CVE-2022-30629 CVE-2022-30580 CVE-2022-29804 CVE-2022-29162 CVE-2022-31030)
  • etc: version 15.1
  • ethtool: version 5.19
  • eudev: version 3.2.11
  • file: version 5.43
  • findutils: version 4.9.0
  • firefox: version 105.0.r20220922151854-x86_64 (AppImage)
  • fuse3: version 3.12.0
  • gawk: version 5.2.0
  • gdbm: version 1.23
  • git: version 2.37.3
  • glib2: version 2.72.3
  • glibc: version 2.36
  • glibc-zoneinfo: version 2022c
  • gnutls: version 3.7.7
  • gptfdisk: version 1.0.9
  • grep: version 3.8
  • gzip: version 1.12
  • hdparm: version 9.65
  • htop: version 3.2.1
  • icu4c: version 71.1
  • inotify-tools: version 3.22.6.0
  • iperf3: version 3.11
  • iproute2: version 5.19.0
  • iptables: version 1.8.8
  • jemalloc: version 5.3.0
  • json-c: version 0.16_20220414
  • json-glib: version 1.6.6
  • kmod: version 30
  • krb5: version 1.20
  • libaio: version 0.3.113
  • libarchive: version 3.6.1
  • libcap-ng: version 0.8.3
  • libcgroup: version 3.0.0
  • libdrm: version 2.4.113
  • libepoxy: version 1.5.10
  • libffi: version 3.4.2
  • libgcrypt: version 1.10.1
  • libgpg-error: version 1.45
  • libidn: version 1.41
  • libjpeg-turbo: version 2.1.4
  • libmnl: version 1.0.5
  • libnetfilter_conntrack: version 1.0.9
  • libnfnetlink: version 1.0.2
  • libnftnl: version 1.2.3
  • libnl3: version 3.7.0
  • libpng: version 1.6.38
  • libssh: version 0.10.4
  • libtasn1: version 4.19.0
  • libtirpc: version 1.3.3
  • liburcu: version 0.13.1
  • libusb: version 1.0.26
  • libwebp: version 1.2.4
  • libxml2: version 2.9.14
  • libxslt: version 1.1.36
  • libzip: version 1.9.2
  • logrotate: version 3.20.1
  • lsof: version 4.95.0
  • lzip: version 1.23
  • mc: version 4.8.28
  • mcelog: version 189
  • nano: version 6.4
  • nfs-utils: version 2.6.2
  • nghttp2: version 1.49.0
  • nginx: version 1.22.0
  • ntfs-3g: version 2022.5.17
  • ntp: version 4.2.8p15
  • oniguruma: version 6.9.8
  • openssh: version 9.0p1
  • openssl: version 1.1.1q (CVE-2022-1292 CVE-2022-2097 CVE-2022-2274)
  • openssl-solibs: version 1.1.1q (CVE-2022-1292)
  • p11-kit: version 0.24.1
  • pciutils: version 3.8.0
  • pcre2: version 10.40
  • perl: version 5.36.0
  • php: version 7.4.30 (CVE-2022-31625 CVE-2022-31626)
  • pkgtools: version 15.1
  • rpcbind: version 1.2.6
  • rsync: version 3.2.6
  • samba: version 4.17.0 (CVE-2022-2031 CVE-2022-32744 CVE-2022-32745 CVE-2022-32746 CVE-2022-32742)
  • sqlite: version 3.39.3
  • sudo: version 1.9.11p3
  • sysfsutils: version 2.1.1
  • sysstat: version 12.6.0
  • sysvinit-scripts: version 15.1
  • talloc: version 2.3.4
  • tar: version 1.34
  • tevent: version 0.13.0
  • tree: version 2.0.2
  • util-linux: version 2.38.1
  • wayland: version 1.21.0
  • wget: version 1.21.3
  • xfsprogs: version 5.18.0
  • xz: version 5.2.6
  • zlib: version 1.2.12

"WireGuard" and the "WireGuard" logo are registered trademarks of Jason A. Donenfeld.