Full changelog See also the v0.107.41 GitHub milestone.

Security

  • Go version has been updated to prevent the possibility of exploiting the CVE2023-45283 and CVE-2023-45284 Go vulnerabilities fixed in Go 1.20.11.

Added

  • Ability to specify subnet lengths for IPv4 and IPv6 addresses, used for rate limiting requests, in the configuration file (#6368).

  • Ability to specify multiple domain specific upstreams per line, e.g. [/domain1/…/domain2/]upstream1 upstream2 … upstreamN (#4977).

Changed

  • Increased the height of the ready-to-use filter lists dialog (#6358).
  • Improved logging of authentication failures (#6357).

Configuration changes

  • New properties dns.ratelimit_subnet_len_ipv4 and dns.ratelimit_subnet_len_ipv6 have been added to the configuration file (#6368).

Fixed

  • Schedule timezone not being sent (#6401).
  • Average request processing time calculation (#6220).
  • Redundant truncation of long client names in the Top Clients table (#6338).
  • Scrolling column headers in the tables (#6337).
  • $important,dnsrewrite rules not overriding allowlist rules (#6204).
  • Dark mode DNS rewrite background (#6329).
  • Issues with QUIC and HTTP/3 upstreams on Linux (#6335).