Recent update changes noticed

hapollo · September 22, 2019, 5:12pm

Please follow the below template, it will help us to help you!

Expected Behaviour:

No changes from previous 4.3.1 version unless mentioned in Changelog

Actual Behaviour:

Changes not mentioned in Changelog

Notice in going from 4.3.1 to 4.3.2 Core Pull from

easylist-downloads.adblockplus.org (malwaredomains_full.txt)
[✓] Status: Retrieval successful
[✗] Format: Adblock (list type not supported)

Previous 4.3.1 version Pihole -G results in
[i] Target: easylist-downloads.adblockplus.org (malwaredomains_full.txt)
[✓] Status: Retrieval successful
[✓] Format: Adblock

So parsing of Adblock missing from Core 4.3.2?

Also noticed the following is no longer in upgrade to core 4.3.2 /etc//dnsmasq.d/01.pihole.conf
If a DHCP client claims that its name is "wpad", ignore that.
This fixes a security hole. see CERT Vulnerability VU#598349
dhcp-name-match=set:wpad-ignore,wpad
dhcp-ignore-names=tag:wpad-ignore

Are these expected changes?

Has CERT Vulnerability VU#598349 been integrated into Core to remove the 2 lines?

Debug Token:

[Replace this text with the debug token provided from running pihole -d (or running the debug script through the web interface]

mibere · September 22, 2019, 5:42pm

See "List type not supported" after upgrade - #14 by AnonymousGuy123

Regarding the wpad lines, they are active if Pi-hole is running as DHCP server.

github.com

pi-hole/pi-hole/blob/e41c4b5bb691cea1f5b950d39518d8c404b5846e/advanced/Scripts/webpage.sh#L367


      
              change_setting "DHCP_ROUTER" "${args[4]}"
              change_setting "DHCP_LEASETIME" "${args[5]}"
              change_setting "PIHOLE_DOMAIN" "${args[6]}"
              change_setting "DHCP_IPv6" "${args[7]}"
              change_setting "DHCP_rapid_commit" "${args[8]}"
          
              # Remove possible old setting from file
              delete_dnsmasq_setting "dhcp-"
              delete_dnsmasq_setting "quiet-dhcp"
          
              # If a DHCP client claims that its name is "wpad", ignore that.
              # This fixes a security hole. see CERT Vulnerability VU#598349
              # We also ignore "localhost" as Windows behaves strangely if a
              # device claims this host name
              add_dnsmasq_setting "dhcp-name-match=set:hostname-ignore,wpad
          dhcp-name-match=set:hostname-ignore,localhost
          dhcp-ignore-names=tag:hostname-ignore"
          
              ProcessDHCPSettings
          
              RestartDNS

hapollo · September 22, 2019, 6:04pm

Thanks for the quick reply and links, mibere

system · October 13, 2019, 6:04pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.