MikroTik has released RouterOS 6.44.5 in the lts branch. RouterOS is an operating system that focuses on running router tasks. This includes routing network traffic, of course, but also a firewall, bandwidth management, controlling wireless access points, a hotspot gateway and a VPN server. It can be done on the hardware from MikroTik when doing its job on x86 or virtual machines. Before use, a license required, which is included with the purchase of MikroTik hardware. The list of changes for this release is as follows:
What’s new in 6.44.5:
MAJOR CHANGES IN v6.44.5:
- security – fixed vulnerabilities CVE-2018-1157, CVE-2018-1158;
- security – fixed vulnerabilities CVE-2019-11477, CVE-2019-11478, CVE-2019-11479;
- security – fixed vulnerability CVE-2019-13074;
Changes in this release:
- bridge – correctly handle bridge host table;
- capsman – fixed CAP system upgrading process for MMIPS;
- capsman – fixed interface list usage in access list;
- certificate – removed “set-ca-passphrase” parameter;
- cloud – properly stop “time-zone-autodetect” after disable;
- conntrack – fixed GRE protocol packet connection-state matching (CVE-2014-8160);
- defconf – automatically set “installation” parameter for outdoor devices;
- dhcpv6 client – fixed status update when leaving “bound” state;
- dhcpv6-server – fixed dynamic IPv6 binding without proper reference to the server;
- dhcpv6-server – override prefix pool and/or DNS server settings by values received from RADIUS;
- discovery – fixed CDP packets not including address on slave ports (introduced in v6.44);
- e-mail – properly release e-mail sending session if the server’s domain name can not be resolved;
- firewall – fixed fragmented packet processing when only RAW firewall is configured;
- firewall – process packets by firewall when accepted by RAW with disabled connection tracking;
- gps – strip unnecessary trailing characters from “longtitude” and “latitude” values;
- hotspot – moved “title” HTML tag after “meta” tags;
- ipv6 – improved system stability when receiving bogus packets;
- ovpn – added “verify-server-certificate” parameter for OVPN client (CVE-2018-10066);
- rb3011 – improved system stability when receiving bogus packets;
- rb921 – improved system stability (“/system routerboard upgrade” required);
- snmp – improved reliability on SNMP service packet validation;
- ssh – fixed non-interactive multiple command execution;
- supout – added IPv6 ND section to supout file;
- supout – added “pwr-line” section to supout file;
- supout – changed IPv6 pool section to output detailed print;
- winbox – do not allow setting “dns-lookup-interval” to “0”;
- wireless – improved DFS radar detection when using non-ETSI regulated country;
- wireless – improved installation mode selection for wireless outdoor equipment;
- wireless – updated “china” regulatory domain information;
- www – improved client-initiated renegotiation within the SSL and TLS protocols (CVE-2011-1473);
Version number | 6.44.5 |
Release status | Final |
Website | MikroTik |
Download | |
License type | Paid |