### Version 6.8.2 2020-01-26

Base distro:

- fuse3: version 3.9.0
- php: version 7.3.14 (CVE-2020-7060, CVE-2020-7059)
- rpcbind: version 1.2.5 (rebuilt with --enable-rmtcalls option)
- ttyd: version 20200120
- wireguard-tools: version 1.0.20200121

Linux kernel:

- version 4.19.98 (CVE-2019-14615)
- CONFIG_ENIC: Cisco VIC Ethernet NIC Support
- removed: CONFIG_IGB: Intel(R) 82575/82576 PCI-Express Gigabit Ethernet support
- removed: CONFIG_IGBVF: Intel(R) 82576 Virtual Function Ethernet support
- kernel-firmware: version 20200122_1eb2408
- oot: Intel igb: version 5.3.5.42
- oot: wireguard: version 0.0.20200121

Management:

- rc.docker: include missing changes to suppoort new setting "Host access to custom networks"
- rc.nginx: support custom wildcard SSL certs
- webgui: User password: hide base64 conversion
- webgui: Select username field when login page is loaded
- webgui: login: autocapitalize="none"
- webgui: Passphrase printable charcaters only
- webgui: Encryption: enforced keyfile selection/deletion when file exists
- webgui: Use php json_encode to properly encode notifications
- webgui: Changed Delete keyfile button placement
- webgui: Detect missing key when keyfile is deleted
- webgui: Add Network:VPN as an application category
- webgui: further hardening in auth_request.php
- webgui: Style adjustment: buttons min-width
- webgui: login page favicon now matches the green/yellow/red icon from the other webgui pages
- webgui: VM Manager: add 'virtio-win-0.1.173-2' to VirtIO-ISOs list
- webgui: Add Network:VPN as an application category
- webgui: Network settings: updated help text
- webgui: Fix link for Password Recovery on login screen

### Version 6.8.1 2020-01-10

Base distro:

- libuv: version 1.34.0
- libvirt: version 5.10.0
- mozilla-firefox: version 72.0.1 (CVE-2019-17026, CVE-2019-17015, CVE-2019-17016, CVE-2019-17017, CVE-2019-17018, CVE-2019-17019, CVE-2019-17020, CVE-2019-17021, CVE-2019-17022, CVE-2019-17023, CVE-2019-17024, CVE-2019-17025)
- php: version 7.3.13 (CVE-2019-11044 CVE-2019-11045 CVE-2019-11046 CVE-2019-11047 CVE-2019-11049 CVE-2019-11050)
- qemu: version 4.2.0
- samba: version 4.11.4
- ttyd: version 20200102
- wireguard-tools: version 1.0.20200102

Linux kernel:

- version 4.19.94
- CONFIG_THUNDERBOLT: Thunderbolt support
- CONFIG_INTEL_WMI_THUNDERBOLT: Intel WMI thunderbolt force power driver
- CONFIG_THUNDERBOLT_NET: Networking over Thunderbolt cable
- kernel_firmware: version 20191218_c4586ff (with additional Intel BT firmware)
- oot: Highpoint rr3740a: version v1.19.0_19_04_04
- oot: Highpoint r750: version v1.2.11-18_06_26 [restored]
- oot: wireguard: version 0.0.20200105

Management:

- add cache-busting params for noVNC url assets
- emhttpd: fix cryptsetup passphrase input
- network: disable IPv6 for an interface when its settings is "IPv4 only".
- webgui: Management page: fixed typos in help text
- webgui: VM settings: fixed Apply button sometimes not working
- webgui: Dashboard: display CPU load full width when no HT
- webgui: Docker: show 'up-to-date' when status is unknown
- webgui: Fixed: handle race condition when updating share access rights in Edit User
- webgui: Docker: allow to set container port for custom bridge networks
- webgui: Better support for custom themes (not perfect yet)
- webgui: Dashboard: adjusted table positioning
- webgui: Add user name and user description verification
- webgui: Edit User: fix share access assignments
- webgui: Management page: remove UPnP conditional setting
- webgui: Escape shell arg when logging csrf mismatch
- webgui: Terminal button: give unsupported warning when Edge/MSIE is used
- webgui: Patched vulnerability in auth_request.php
- webgui: Docker: added new setting "Host access to custom networks"
- webgui: Patched vulnerability in template.php

### Version 6.8.0 2019-12-10

Base distro:

- aaa_elflibs: version 15.0 build 16
- acpid: version 2.0.32
- adwaita-icon-theme: version 3.34.3
- at-spi2-atk: version 2.34.1
- at-spi2-core: version 2.34.0
- at: version 3.2.1
- atk: version 2.34.1
- bash: version 5.0.011
- binutils: version 2.33.1
- btrfs-progs: version 5.4
- bzip2: version 1.0.8
- ca-certificates: version 20191130
- cifs-utils: version 6.9
- cpio: version 2.13
- cryptsetup: version 2.2.2
- curl: version 7.67.0
- dbus-glib: version 0.110
- dbus: version 1.12.16
- dhcpcd: version 8.1.2
- docker: version 19.03.5
- e2fsprogs: version 1.45.4
- ebtables: version 2.0.11
- encodings: version 1.0.5
- etc: version 15.0
- ethtool: version 5.3
- expat: version 2.2.9
- file: version 5.37
- findutils: version 4.7.0
- freetype: version 2.10.1
- fuse3: version 3.6.2
- gdbm: version 1.18.1
- gdk-pixbuf2: version 2.40.0
- git: version 2.24.0
- glib2: version 2.62.3
- glibc-solibs: version 2.30
- glibc-zoneinfo: version 2019c
- glibc: version 2.30
- glu: version 9.0.1
- gnutls: version 3.6.11.1
- gtk+3: version 3.24.13
- harfbuzz: version 2.6.4
- haveged: version 1.9.8
- hostname: version 3.23
- hwloc: version 1.11.13
- icu4c: version 65.1
- intel-microcode: version 20191115
- iproute2: version 5.4.0
- iptables: version 1.8.4
- iputils: version 20190709
- irqbalance: version 1.6.0
- kernel-firmware: version 20191118_e8a0f4c
- keyutils: version 1.6
- less: version 551
- libICE: version 1.0.10
- libX11: version 1.6.9
- libXi: version 1.7.10
- libXt: version 1.2.0
- libarchive: version 3.4.0
- libcap-ng: version 0.7.10
- libcroco: version 0.6.13
- libdrm: version 2.4.99
- libedit: version 20191025_3.1
- libepoxy: version 1.5.4
- libevdev: version 1.7.0
- libevent: version 2.1.11
- libgcrypt: version 1.8.5
- libgudev: version 233
- libidn2: version 2.3.0
- libjpeg-turbo: version 2.0.3
- libnftnl: version 1.1.5
- libnl3: version 3.5.0
- libpcap: version 1.9.1
- libpciaccess: version 0.16
- libpng: version 1.6.37
- libpsl: version 0.21.0
- librsvg: version 2.46.4
- libseccomp: version 2.4.1
- libssh2: version 1.9.0
- libtasn1: version 4.15.0
- libusb: version 1.0.23
- libvirt-php: version 20190803
- libvirt: version 5.8.0 (CVE-2019-10161, CVE-2019-10166, CVE-2019-10167, CVE-2019-10168)
- libwebp: version 1.0.3
- libxml2: version 2.9.10
- libxslt: version 1.1.34
- libzip: version 1.5.2
- lm_sensors: version 3.6.0
- logrotate: version 3.15.1
- lsof: version 4.93.2
- lsscsi: version 0.30
- lvm2: version 2.03.07
- lz4: version 1.9.1
- mkfontscale: version 1.2.1
- mozilla-firefox: version 71.0 (CVE-2019-11751, CVE-2019-11746, CVE-2019-11744, CVE-2019-11742, CVE-2019-11736, CVE-2019-11753, CVE-2019-11752, CVE-2019-9812, CVE-2019-11741, CVE-2019-11743, CVE-2019-11748, CVE-2019-11749, CVE-2019-5849, CVE-2019-11750, CVE-2019-11737, CVE-2019-11738, CVE-2019-11747, CVE-2019-11734, CVE-2019-11735, CVE-2019-11740, CVE-2019-11754, CVE-2019-9811, CVE-2019-11711, CVE-2019-11712, CVE-2019-11713, CVE-2019-11714, CVE-2019-11729, CVE-2019-11715, CVE-2019-11716, CVE-2019-11717, CVE-2019-1 1718, CVE-2019-11719, CVE-2019-11720, CVE-2019-11721, CVE-2019-11730, CVE-2019-11723, CVE-2019-11724, CVE-2019-11725, CVE-2019-11727, CVE-2019-11728, CVE-2019-11710, CVE-2019-11709) (CVE-2018-6156, CVE-2019-15903, CVE-2019-11757, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11765, CVE-2019-17000, CVE-2019-17001, CVE-2019-17002, CVE-2019-11764) (CVE-2019-11756, CVE-2019-17008, CVE-2019-13722, CVE-2019-11745, CVE-2019-17014, CVE-2019-17009, CVE-2019-17010, CVE-2019-17005, CVE-2019-17011, CVE-2019-17012, CVE-2019-17013)
- nano: version 4.6
- ncurses: version 6.1_20191026
- net-tools: version 20181103_0eebece
- nettle: version 3.5.1
- network-scripts: version 15.0
- nghttp2: version 1.40.0
- nginx: version 1.16.1 (CVE-2019-9511, CVE-2019-9513, CVE-2019-9516)
- nodejs: version 10.16.3
- nss-mdns: version 0.14.1
- ntp: version 4.2.8p13
- openldap-client: version 2.4.48
- openssh: version 8.1p1
- openssl-solibs: version 1.1.1d
- openssl: version 1.1.1d
- p11-kit: version 0.23.18.1
- pcre2: version 10.34
- php: version 7.3.12 (CVE-2019-11042, CVE-2019-11041) (CVE-2019-11043)
- pixman: version 0.38.4
- pkgtools: version 15.0 build 28
- procps-ng: version 3.3.15
- qemu: version 4.1.1 (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091) (CVE-2019-14378, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-12068, CVE-2019-11091)
- qrencode: version 4.0.2
- rpcbind: version 1.2.5
- rsyslog: version 8.1908.0
- samba: version 4.11.3 (CVE-2019-10197) (CVE-2019-10197) (CVE-2019-10218, CVE-2019-14833, CVE-2019-14847) (CVE-2019-14861, CVE-2019-14870)
- sdparm: version 1.10
- sessreg: version 1.1.2
- setxkbmap: version 1.3.2
- sg3_utils: version 1.44
- shadow: version 4.7
- shared-mime-info: version 1.15
- sqlite: version 3.30.1
- sudo: version 1.8.29
- sysvinit-scripts: version 2.1
- sysvinit: version 2.96
- talloc: version 2.3.0
- tdb: version 1.4.2
- tevent: version 0.10.1
- ttyd: version 20191025
- usbutils: version 012
- util-linux: version 2.34
- wget: version 1.20.3
- wireguard: version 0.0.20191206
- wsdd: version 20180618 build 2
- xauth: version 1.1
- xclock: version 1.0.9
- xfsprogs: version 5.3.0
- xkeyboard-config: version 2.28
- xorg-server: version 1.20.6
- xrandr: version 1.5.1
- xterm: version 351
- xwininfo: version 1.1.5
- zstd: version 1.4.4

Linux kernel:

- version 4.19.88
- CONFIG_BINFMT_MISC: Kernel support for MISC binaries
- CONFIG_CGROUP_NET_PRIO: Network priority cgroup
- CONFIG_DEBUG_FS: Debug Filesystem
- CONFIG_DUMMY: Dummy net driver support
- CONFIG_HUGETLBFS: HugeTLB file system support
- CONFIG_ICE: Intel(R) Ethernet Connection E800 Series Support
- CONFIG_IGC: Intel(R) Ethernet Controller I225-LM/I225-V support
- CONFIG_IPVLAN: IP-VLAN support
- CONFIG_IPVTAP: IP-VLAN based tap driver
- CONFIG_IP_VS: IP virtual server support
- CONFIG_IP_VS_NFCT: Netfilter connection tracking
- CONFIG_IP_VS_PROTO_TCP: TCP load balancing support
- CONFIG_IP_VS_PROTO_UDP: UDP load balancing support
- CONFIG_IP_VS_RR: round-robin scheduling
- CONFIG_MLX5_CORE_IPOIB: Mellanox 5th generation network adapters (connectX series) IPoIB offloads support
- CONFIG_NETFILTER_XT_MATCH_IPVS: "ipvs" match support
- CONFIG_NET_CLS_CGROUP: Control Group Classifier
- CONFIG_SCSI_MQ_DEFAULT: SCSI: use blk-mq I/O path by default
- CONFIG_SCSI_SMARTPQI: Microsemi PQI Driver
- CONFIG_WIREGUARD: IP: WireGuard secure network tunnel
- chelsio: add missing firmware
- change schedulers from modules to built-ins
- default scheduler now mq-deadline
- md/unraid: version 2.9.13 (multi-stream support, do not fail read-ahead, more tunables)
- increase BLK_MAX_REQUEST_COUNT from 16 to 32
- oot: Highpoint rr3740a: version: v1.17.0_18_06_15
- oot: Highpoint rsnvme: version v1.2.16_19_05_06
- oot: Highpoint r750 removed (does not work)
- oot: Intel ixgbe: version 5.6.5
- oot: Realtek r8125: version 9.002.02
- oot: Tehuti tn40xx: version 0.3.6.17.2
- oot: Tehuti tn40xx: add x3310fw_0_3_4_0_9445.hdr firmware

Management:

- add 'scheduler' tunable for array devices
- auto-mount hugetlbfs to support kernel huge pages
- emhttpd: fix improper handling of embedded quote characters in a password
- emhttpd: correct footer notifications
- emhttpd: do not write /root/keyfile if encryption passphrase provided via webGUI
- emhttpd: properly handle encoded passwords
- emhttpd: solve deadlock issue with 'emcmd' called from a plugin
- extract OS upgrade directly to USB flash
- fix btrfs bug where converting from single to multiple pool did not balance metadata to raid1, and converting from multiple to single did not balance metadata back to single.
- fix shfs hard link initially reported as enabled but not actually enabled
- fstab: mount USB flash boot device with root-only access
- nginx.conf: configure all nginx worker threads to run as 'root'.
- nginx: disable php session expiration
- php: set very long session timeout
- samba: if netbios enabled, set 'server min protocol = NT1'
- shfs: fix bug not accounting for device(s) not mounted yet
- shfs: support FUSE3 API changes; hard links report same st_ino; hard link support configurable
- start/stop WireGuard upon server start/shutdown
- support WS-Discovery method
- support disabling NetBIOS, and set Samba 'min server procotol' and 'min client protocol' to SMB2 if disabled
- support forms-based authentication
- support mDNS local name resolution via avahi
- unRAIDServer.plg (update OS) now executes 'sync -f /boot' instead of full sync at end of update
- webgui: Add share access to user edit
- webgui: Add shares: slashes are not allowed in share name
- webgui: Add support for the self-hosted Gotify notification agent.
- webgui: Added 'F1' key to toggle help text
- webgui: Added AFP deprecated notice
- webgui: Added UPnP to access script (to support WireGuard plugin)
- webgui: Added VM XML files to diagnostics
- webgui: Added cache and disk type to shares page
- webgui: Added conditional UPnP setting on Management page
- webgui: Aligned management page layout
- webgui: Allow Safari to use websockets
- webgui: Allow outside click to close popups
- webgui: Change PluginHelpers download to be PHP Curl
- webgui: Change dashbord link for mb/mem
- webgui: Changed config folder of TELEGRAM
- webgui: Dashboard: WG tunnel handshake in days when longer than 24 hours
- webgui: Dashboard: add up/down arrows to VPN tunnel traffic
- webgui: Dashboard: adjust column width for themes azure/gray
- webgui: Dashboard: fix WG direction arrows
- webgui: Dashboard: fixed user write + read counts
- webgui: Dashboard: show titles without text-transform
- webgui: Diagnostics: Adjust for timezone from webGUI
- webgui: Diagnostics: Remove OSK info from VM xml
- webgui: Do not display error if docker log files manually deleted
- webgui: Docker and VM settings: validate path and name input
- webgui: Docker: fixed multi container updates display oddity
- webgui: Enable notifications by default
- webgui: Enhanced display of network settings
- webgui: Ensure spinner always ontop
- webgui: Expanded help for Use Cache setting
- webgui: Fix custom case png not surviving reboot
- webgui: Fixed diagnostics errors when array was never started
- webgui: Fixed docker container update state
- webgui: Fixed misalignment of absent disk on Main page
- webgui: Fixed popup window in foreground
- webgui: Fixed typo in help text
- webgui: Fixed typo in shares settings
- webgui: Fixed: footer always on foreground
- webgui: Fixed: undo cleanup of disk.png
- webgui: Font, Icon and image cleanup
- webgui: If a page is loaded via https, prevent it from loading resources via http (ie, block mixed content)
- webgui: Improve Use Cache option
- webgui: Integrate CAs Plugin Helper
- webgui: Made notify script compatible with 6.8 new security scheme
- webgui: Main page: consolidate spin up/down action and device status into one
- webgui: Modified notify script to allow overriding email recipients in notification settings
- webgui: Only create session when user successfully logs in; also enable session.use_strict_mode to prevent session fixation attacks
- webgui: Open banner system to 3rd party apps
- webgui: Plugin Helpers: Follow redirects on downloads
- webgui: Rename docker repositories tab to template repositories
- webgui: Revamp Banner Warning System
- webgui: Select case correction + replace MD1510 for AVS-10/4
- webgui: Standardize on lang="en"
- webgui: Submit passphrases and passwords in base64 format
- webgui: Support wireguard plugin in download.php
- webgui: Switch download routine to be PHP Curl
- webgui: Syslog: allow up to 5 digits port numbers
- webgui: Telegram notification agent: enable group chat IDs, update helper description
- webgui: Unraid fonts and cases update
- webgui: Update ArrayDevices.page help text
- webgui: Upgrade noVNC to git commit 9f557f5
- webgui: Use complete HTML documents in popups
- webgui: Warning alert for Format operations
- webgui: dockerMan - Deprecate TemplateURL
- webgui: dockerMan: Redownload Icon if URL changes
- webgui: other minor text corrections
- webgui: show warning on login page when browser cookies are disabled
- webgui: support changed tunables on Disk Settings page
