1.1.4 maintenance release
1.1.4 release is available for download (mirrors are syncing up).
1.1.3 was made in a hurry for a single but potentially serious vulnerability. Now it’s time for a full-blown maintenance release with over twenty bugfixes.
1.1.4 includes most of backportable fixes we made in the lithium branch so far.
Two of them are security fixes: one for DoS in OpenVPN (CVE-2014-8104). Another one is for a VyOS-specific problem: operator level users could execute commands they are not supposed to execute via SSH (thanks to Florian and Ivan for reporting it!).
Other fixes include SSH sessions to the router correctly dropping when the router reboots, a fix for reject-unconfigured-clients OpenVPN option not working properly, fixes in DHCPv6 client CLI, and more. You can find full release notes here.
One thing to note is that this release includes a small CLI change. The operational mode command “show shutdown” was renamed to “show poweroff” for consistency with its “poweroff” counterpart. Technically introducing a CLI change in maintenance release breaks the versioning rules, but since op mode commands are rarely, if ever, used by code rather than humans, this is probably fine, and it would be hard to backport some other fixes without making this change.