RouterOS 6.38.5 [current] が公開になった。




What's new in 6.38.5 (2017-Mar-09 11:32):

!) www - fixed http server vulnerability;

What's new in 6.38.4 (2017-Mar-08 09:26):

*) chr - fixed problem when transmit speed was reduced by interface queues;
*) dhcpv6-server - require "address-pool" to be specified;
*) export - do not show "read-only" IRQ entries;
*) filesystem - implemented procedures to verify and restore internal file structure integrity upon upgrading;
*) firewall - do not allow to set "time" parameter to 0s for "limit" option;
*) hotspot - fixed redirect to URL where escape characters are used (requires newly generated HTML files);
*) hotspot - show Host table commentaries also in Active tab and vice versa;
*) ike1 - fixed “xauth” Radius login;
*) ike2 - also kill IKEv2 connections on proposal change;
*) ike2 - always limit empty remote selector;
*) ike2 - fixed proposal change crash;
*) ike2 - fixed responder subsequent new child creation when PFS is used;
*) ike2 - fixed responder TS updating on wild match;
*) ipsec - deducted policy SA src/dst address from src/dst address;
*) ipsec - do not require "sa-dst-address" if "action=none" or "action=discard";
*) ipsec - fixed SA address check in policy lookup;
*) ipsec - hide SA address for transport policies;
*) ipsec - keep policy in kernel even with bad proposal;
*) ipsec - kill ph2 on policy removal;
*) ipsec - updated/fixed Radius attributes;
*) irq - properly detect all IRQ entries;
*) l2tp-client - fixed IPSec policy generation after reboot;
*) l2tp-client - require working IPSec encryption if "use-ipsec=yes";
*) lcd - show fan2 speed only if it is available;
*) profile - classify ethernet driver activity properly in ARM architecture;
*) snmp - added SSID to CAPsMAN registration table;
*) snmp - fixed "/tool snmp-get" crash on session timeout;
*) snmp - fixed CAPsMAN registration table OID print;
*) snmp - fixed situation when SNMP could not read "/system health" values after reboot;
*) userman - allow access to User Manager users page only through "/user" URL;
*) userman - show warning when no users are selected for CSV file generation;
*) winbox - do not hide "power-cycle-after" option;
*) winbox - hide advertise tab in Hotspot user profile configuration if "transparent-proxy" is not enabled;
*) winbox - make "power-cycle-interval" not to depend on "power-cycle-ping-enabled" in PoE settings;
*) winbox - properly show BGP communities in routing filters table filter;
*) wireless - fixed scan tool stuck in background;
*) wireless - improved compatibility with Intel 2200BG wireless card;


CHR(Clound Hosted Router)を使用している人は、転送速度の改善が含まれているので、更新するのが良いと思います。