Software Update: RouterOS 6.44.5

Spread the love

MikroTik has released RouterOS 6.44.5 in the lts branch. RouterOS is an operating system that focuses on running router tasks. This includes routing network traffic, of course, but also a firewall, bandwidth management, controlling wireless access points, a hotspot gateway and a VPN server. It can be done on the hardware from MikroTik when doing its job on x86 or virtual machines. Before use, a license required, which is included with the purchase of MikroTik hardware. The list of changes for this release is as follows:

What’s new in 6.44.5:

MAJOR CHANGES IN v6.44.5:

  • security – fixed vulnerabilities CVE-2018-1157, CVE-2018-1158;
  • security – fixed vulnerabilities CVE-2019-11477, CVE-2019-11478, CVE-2019-11479;
  • security – fixed vulnerability CVE-2019-13074;

Changes in this release:

  • bridge – correctly handle bridge host table;
  • capsman – fixed CAP system upgrading process for MMIPS;
  • capsman – fixed interface list usage in access list;
  • certificate – removed “set-ca-passphrase” parameter;
  • cloud – properly stop “time-zone-autodetect” after disable;
  • conntrack – fixed GRE protocol packet connection-state matching (CVE-2014-8160);
  • defconf – automatically set “installation” parameter for outdoor devices;
  • dhcpv6 client – fixed status update when leaving “bound” state;
  • dhcpv6-server – fixed dynamic IPv6 binding without proper reference to the server;
  • dhcpv6-server – override prefix pool and/or DNS server settings by values ​​received from RADIUS;
  • discovery – fixed CDP packets not including address on slave ports (introduced in v6.44);
  • e-mail – properly release e-mail sending session if the server’s domain name can not be resolved;
  • firewall – fixed fragmented packet processing when only RAW firewall is configured;
  • firewall – process packets by firewall when accepted by RAW with disabled connection tracking;
  • gps – strip unnecessary trailing characters from “longtitude” and “latitude” values;
  • hotspot – moved “title” HTML tag after “meta” tags;
  • ipv6 – improved system stability when receiving bogus packets;
  • ovpn – added “verify-server-certificate” parameter for OVPN client (CVE-2018-10066);
  • rb3011 – improved system stability when receiving bogus packets;
  • rb921 – improved system stability (“/system routerboard upgrade” required);
  • snmp – improved reliability on SNMP service packet validation;
  • ssh – fixed non-interactive multiple command execution;
  • supout – added IPv6 ND section to supout file;
  • supout – added “pwr-line” section to supout file;
  • supout – changed IPv6 pool section to output detailed print;
  • winbox – do not allow setting “dns-lookup-interval” to “0”;
  • wireless – improved DFS radar detection when using non-ETSI regulated country;
  • wireless – improved installation mode selection for wireless outdoor equipment;
  • wireless – updated “china” regulatory domain information;
  • www – improved client-initiated renegotiation within the SSL and TLS protocols (CVE-2011-1473);

Version number 6.44.5
Release status Final
Website MikroTik
Download
License type Paid
You might also like