RouterOS 6.48.3 [stable] がリリース。





What's new in 6.48.3 (2021-May-25 06:09):

!) wireless - fixed all affecting 'FragAttacks' vulnerabilities (CVE-2020-24587, CVE-2020-24588, CVE-2020-26144, CVE-2020-26146, CVE-2020-26147);

*) branding - added option to upload custom files (newly generated branding package required);
*) console - do not clear environment values if any global variable is set;
*) crs3xx - fixed Ethernet LEDs after reboot for CRS354 devices;
*) crs3xx - fixed VLAN priority removal for CRS309, CRS312, CRS326-24S+2Q+ and CRS354 devices;
*) crs3xx - fixed port-isolation on bonding interfaces for CRS317, CRS309, CRS312, CRS326-24S+2Q+ and CRS354 devices;
*) crs3xx - improved LACP linking between CRS3xx series switches;
*) crs3xx - improved system stability when receiving large frames on CPU for CRS317, CRS309, CRS312, CRS326-24S+2Q+ and CRS354 devices;
*) defconf - fixed default configuration loading on RBOmniTikPG-5HacD;
*) dot1x - fixed "reject-vlan-id" for MAC authentication (introduced in v6.48);
*) dot1x - fixed MAC authentication fallback (introduced in v6.48);
*) ipsec - fixed SA address parameter exporting;
*) lte - fixed "earfcn" to band translation for "cell-monitor";
*) package - added new "iot" package with Bluetooth (KNOT only) and MQTT publisher support;
*) rb4011 - fixed SFP+ port MTU setting after link state change;
*) rb4011 - improved SFP+ port stability after boot-up;
*) route - improved stability when connected route is modified;
*) sfp - improved cable length monitoring as defined per SFF-8472 and SFF-8636;
*) ssh - return proper error code from executed command;
*) system - improved resource allocation (improves several service stability e.g. HTTPS, PPPoE, VPN);
*) tile - fixed bridge performance degradation (introduced in v6.47);
*) webfig - fixed "PortMapping" button (introduced in v6.48.2);
*) winbox - fixed health reporting on RB960, hEX and hEX S devices;
*) winbox - show "System/Health" only on boards that have health monitoring;
*) wireless - fixed issue with multicast traffic delivery to client devices using power-save;
*) wireless - improved iOS compatibility with HotSpot 2.0 networks;
*) www - added "X-Frame-Options" header information to disallow website embedding in other pages;


先行で対応がされていたFragAttacks (CVE-2020-24587, CVE-2020-24588, CVE-2020-26144, CVE-2020-26146, CVE-2020-26147) に関することが主な内容になるかと思います。が国内では技適認証済みのRouterboard製品は多くなく、且つユーザーも限定されると思いますので影響は軽微かと思います。


*) wireless - improved iOS compatibility with HotSpot 2.0 networks;

今回は公式フォーラムを覗いても比較的穏当のようで、IPv6 NDについての不具合が引き続き報告されているようです。


v6.48.3 [stable] is released! - MikroTik
MikroTik makes networking hardware and software, which is used in nearly all countries of the world. Our mission is to make existing Internet technolo...