New firmware release is always time to for reading and considering update of the units. As Advantech is keeping quaterly FW release schedule, let's look at some noteworthy changes and additions. Full description can be found in Release Notes.
Added ebtables
Added ebtables program, which can be used as an administration tool for firewall IP packets filtering. It enables transparent filtering of network traffic passing through a Linux bridge. The filtering possibilities are limited to link layer filtering and some basic filtering on higher network layers.
The ebtables tool can be combined with the other filtering tools (iptables and ip6tables) to make a bridging firewall that is also capable of filtering these higher network layers. Check the Commands and Scripts application note for more information about this program.
Added DHCP Authoritative Mode
Configuration of the DHCP server, running on our routers, was updated to act as the authoritative DHCP server for all WiFi clients. Authoritative DHCP server is a server which always responds to a DHCP request if no another DHCP server in the network responds. This configuration prevents issue with obtaining the IP address for some WiFi clients having a valid address assigned in another WiFi network.
Fixed WiFi Issue (ICR-32xx)
Fix for transmit issues on the Laird SU60 WiFi module. This issue caused the WiFi to stop working. If required, this fix will invoke reboot of the router.
Fixed OpenVPN Issue
Fixed an issue with resolving of IP address in OpenVPN version 2.4. The OpenVPN configuration was updated to be compatible with OpenVPN of version 2.3.
Fixed Possible XSS Attack
We have fixed possible reflected XSS attack (medium severity) in the web administration.
Update curl
Updated the curl program to version 7.74.0. This update has fixed CVE-2020-8285, CVE-2020-8286 (high), CVE-2020-8169, CVE-2020-8177, CVE-2020-8231 (medium) and CVE-2020-8284 (low). For more details about this curl release, see https://curl.haxx.se/changes.html#7_74_0.
Update dnsmasq
Updated the dnsmasq software to version 2.84. This update has fixed CVE-2020-25681, CVE-2020-25682 (high), CVE-2020-25683, CVE-2020-25687 (medium), CVE-2020-25684, CVE-2020-25685 and CVE-2020-25686 (low). For more details about the release, see the webpage at http://www.thekelleys.org.uk/dnsmasq/CHANGELOG.
Update OpenSSL Library
We have updated the OpenSSL library to version 1.1.1j. This update has fixed CVE-2021-23839, CVE-2021-23840 and CVE-2021-23841.
| Model | Version | Download |
|---|---|---|
| ICR-3232 | 6.2.8 | Firmware - zip |
| SR-308xxxxx | 6.2.8 | Firmware - zip |
| ICR-3232W | 6.2.8 | Firmware - zip |
| LR77-v2 | 6.2.8 | Firmware - zip |
| LR77-v2 Libratum | 6.2.8 | Firmware - zip |
| UR5i-v2 | 6.2.8 | Firmware - zip |
| UR5i-v2 Libratum | 6.2.8 | Firmware - zip |
