Pi-hole FTL v5.19.1, Web v5.17 and Core v5.14.1 released

Originally published at: Pi-hole FTL v5.19.1, Web v5.17 and Core v5.14.1 released – Pi-hole

As always, please read through the changelog before updating with pihole -up. (A new tag for docker image will arrive in due course.)

Highlights

We update the embedded dnsmasq to the next tagged version of dnsmasq. Highlights compared to the most recent version of dnsmasq (v2.87) released in FTL v5.18 are:

• Allow domain names as well is IP addresses in server options – this will be especially helpful in situations where upstream destinations are primarily reachable by hostname (think of DHCP networks and docker compose, etc.) (Pi-hole patch)

• use-stale-cache – when set, if a DNS name exists in the cache, but its time-to-live has expired, dnsmasq will return the data anyway and attempts itself to refresh the data with an upstream query after returning the stale data. This can improve speed as we can always reply immediately to known queries, even when cached content has expired, instead of having to wait for upstream replies to arrive. However, in certain edge-cases, these out-of-data replies can lead to (intermittent) incorrect behavior on websites as there is no way to inform a downstream client that an answer we provided before was wrong. The client may cache wrong data for a long time until it re-sends a query to get the updated information.
  It comes at the expense of sometimes returning out-of-date replies and less efficient cache utilization, since old data cannot be flushed when its TTL expires. The cache becomes strictly least-recently-used.

• New fast-dns-retry option – gives dnsmasq the ability to originate retries for upstream DNS queries itself, rather than relying on the downstream client. This is most useful when doing DNSSEC over unreliable upstream network. Retries are generated when no reply was received for 1 second. Retries are repeated with exponential backoff until we give up after 10 seconds. Both values are configurable with millisecond accuracy.

• New port-limit=<#ports> option – by default, when sending a query via random ports to multiple upstream servers or retrying a query dnsmasq will use a single random port for all the tries/retries.

• New no-round-robin option – suppresses round-robin ordering of DNS records and ensures answers are always served in the same order.

• Enhance hostsdir to remove outdated entries on changes. Before, this required a full dnsmasq restart (Pi-hole patch)

• Improve hostsdir logging to log the HOSTS file used for generating a local reply (Pi-hole patch)

This release also includes a number of smaller improvements and bug fixes in all components.

And here is the full change log:

Pi-hole FTL changes:

What’s Changed

• Fix comment on gravity-db.c by @rdwebdesign in #1456
• Fix compatibility with gcc 12.2.0 by @DL6ER in #1465
• Improve shared memory protection by @DL6ER in #1464
• Remove repo specific issue and pull request template by @yubiuser in #1466
• Update included crypto library (nettle) by @DL6ER in #1467
• Update README.MD by @yubiuser in #1459
• Tests: Use dnssec.works instead of verteiltesysteme.net by @DL6ER in #1470
• Update embedded dnsmasq to v2.88test3 by @DL6ER in #1469
• Update CI to ftl-build:v1.23 containers by @DL6ER in #1472

Full Changelog: v5.18.2...v5.19

Pi-hole Web changes:

What’s Changed

• Fix file pointer position if file was truncated by @rdwebdesign in #2397
• Don’t show detailed doughnut tooltip if sum is > 99.9% by @yubiuser in #2398
• Fix dropdown toggle z-index in LCARS theme by @egad13 in #2405
• Prevent CNAME loops by @rdwebdesign in #2407
• Set tooltip interaction mode for overtime graphs by @yubiuser in #2413
• Update jQuery to v3.6.1. by @yubiuser in #2392
• Update momentjs to 2.29.4 by @yubiuser in #2399
• Allow addding more than one local DNS/CNAME record by @yubiuser in #2410
• Update jquery.confirm to 2.7.0 by @yubiuser in #2393
• Remove obsolete loginpage by @yubiuser in #2425
• Disable spellcheckers from inspecting the password by @adamatan in #2420
• Don’t link to github releases if docker tag is nightly or dev by @PromoFaux in #2428
• Add stale cache query status by @DL6ER in #2421

New Contributors

• @egad13 made their first contribution in #2405
• @adamatan made their first contribution in #2420

Full Changelog: v5.16...v5.17

Pi-hole Core changes:

What’s Changed

• Adding CentOS Stream 9 tests by @rdwebdesign in #4984
• Escape dots in local DNS records/CNAMES before removing them by @yubiuser in #4990
• Remove unused old code from gravity.sh by @rdwebdesign in #4985
• Remove unused possibility to obfuscate pihole.log in debug log by @yubiuser in #4974
• Remove check for latest component version in debug log by @yubiuser in #4973
• Prevent CNAME loop by @yubiuser in #4988
• Fix static IP not set if IP is already present in any way inside dhcpcd.conf by @StephanPillhofer in #4995
• Check versions file on the debug log by @rdwebdesign in #4977
• Fix static IP not set because of in-line comment by @StephanPillhofer in #4998
• Simplify versions.sh by @yubiuser in #4959
• Touch files before addKey or addOrEditKeyValPair by @yubiuser in #4999
• Replace deprecated shell commands by @a1346054 in #4907
• Correctly identify process status in debug script on docker by @yubiuser in #5011

New Contributors

• @Rauf00 made their first contribution in #4818
• @StephanPillhofer made their first contribution in #4995
• @a1346054 made their first contribution in #4907

Full Changelog: v5.13...v5.14