wie schon vor dem letzten offiziellen Release, möchte ich auch nun wieder eingefleischten RaspberryMatic Testern die Möglichkeit geben mir zu helfen etwaige Last-Minute-Probleme aufzudecken bevor ich dann in den kommenden Tagen eine neue offizielle RaspberryMatic Version für jedermann freigeben werde. Dazu habe ich soeben in meinem privaten Cloud Speicher die entsprechenden *.zip Archive eines solchen Release-Candidate hochgeladen. Die entsprechenden Archive für rpi3, rpi0, tinkerboard und nun auch rpi4 können also von folgender Stelle heruntergeladen werden:
https://cloud.light-speed.de/s/xby5d4B7YFRCxyH
Der aktuelle Release-Candidate trägt die Versionsnummer 3.47.15.20190828 und wird dann zum geplanten Releasetermin (in den nächsten 1-2 Wochen) entsprechend noch einmal umbenannt/angepasst.
Bitte hierbei beachten, das diese Version natürlich nur Personen testen sollten die wissen was sie tun bzw. auf was sie sich hier einlassen. Das beinhaltet mögliche geringfügige Probleme bis hin zu eventuellem möglichem Verlust der gesamten Konfiguration. Deshalb heisst es hier nicht nur: vorher ein entsprechendes Backup zu machen, sondern eben auf etwaige unvorhersehbare Dinge vorbereitet zu sein. Natürlich sollte meiner momentanen Einschätzung nach keine größeren Probleme mit dieser Version zu erwarten sein, aber ich möchte hier trotzdem entsprechend vor etwaigen Problemen warnen, da ich diese Versionen selber noch nicht ausreichend getestet habe.
Wer aber trotz dieser Warnungen gerne aktiv mithelfen will die kommende Version vorher zu testen um etwaige Last-Minute-Probleme besser ausschliessen zu können, sei herzlich eingeladen dies zu tun und mir dann bitte entsprechend im GitHub bzw. hier im Forum etwaig aufkommende Probleme (oder aber auch nur ein "Alles ok") zu melden.
P.S: Die in dieser Version eingearbeiteten Änderungen sind wie folgt (nur in Englisch verfügbar momentan):
Code: Alles auswählen
#### CCU service changes:
- updated [OCCU](https://github.com/eq-3/occu) firmware to [3.47.15-3](https://github.com/jens-maus/occu/tree/b_3_47) version with full compatibility to the [CCU3 3.47.15 firmware](https://www.eq-3.de/Downloads/Software/CCU3-Firmware/CCU3-3.47.15/CCU3-Changelog.3.47.15.pdf) which comes with the following changes:
- Changes in the WebUI were not saved anymore upon logoff from the WebUI.
- RF-based actors for registering energy consumption (`HM-ES-PMSw1-Pl*`) showed energy values with "NaN" rather than the actual consumption numbers.
- The config dialogs for channel 3 of the `HM-MOD-EM-8Bit` (Version 1.0) were not displayed.
- The duty cycle display on the main page of the WebUI could show incorrect values if additional LAN gateways were connected to the CCU.
- added new `ReGaHss` logic engine `R1.00.0388.0210 (Aug 19 2019)` version with the following changes:
- fixed [CVE-2019-9583](https://nvd.nist.gov/vuln/detail/CVE-2019-9583) where certain url redirections to the login page still ended up in exposing session ids in Location http response headers.
- fixed [CVE-2019-9726](https://nvd.nist.gov/vuln/detail/CVE-2019-9726) which allowed to display the content of any arbitrary file on the filesystem due to a NUL-byte vulnerability in the web server.
- fixed [CVE-2019-14474](https://nvd.nist.gov/vuln/detail/CVE-2019-14474) where an empty `Call("")` execution caused ReGaHss to crash unexpectively.
- fixed bug where upon session clearance a warning was output even for empty session ids, thought the session was most probably cleared already.
- fixed a bug in the new `State()` function with delay routines where due to missing ISE value conversion the delay functionality didn't work for HSSDP objects. Now the routines try to convert the supplied ISE value to the appropriate type or returns false if the value conversion didn't work and thus the `State()` call couldn't be executed as expected (#659).
- fixed invalid "pointer is null" error output in case no channel dps should be cleared.
- changed monit configuration to check for an existing `/etc/config/internetCheckDisabled` file which will cause the regular monit-based internet check to be disabled and thus not cause any alarm message if the internet connection is lost for a certain amount of time (#664).
- raised the monit-based alarm threshold to 5 minutes for warning about high cpu/memory usage so that the system will warn/alarm only if the cpu/memory is exhausted for a longer period of time.
- changed the daily cronBackup to be executed with a processing "nice" value of 10 so that other more important processes have higher cpu priority.
- updated embedded CloudMatic CCU Add-on package to latest version with additional sessionID-based security fixes applied.
- updated embedded Mediola NeoServer CCU Add-on package to version 2.4.6.
#### WebUI changes:
- integrated a new WebUI patch to improve the security in session clearance upon a WebUI logout ([0060](https://github.com/jens-maus/RaspberryMatic/blob/master/buildroot-external/patches/occu/0060-WebUI-Fix-SessionLogoutSave.patch)).
- integrated a new WebUI patch sorting the standard WebUI menu items alphabetically and adding dedicated menu icons as well as displaying the favorite list on the main page alphabetically sorted (#663, #665, @jp112sdl, [0061](https://github.com/jens-maus/RaspberryMatic/blob/master/buildroot-external/patches/occu/0061-WebUI-MenuSortedIcons.patch)).
- enhanced the DutyCycle display WebUI patch to display up to 5 additional LAN gateway connections (#670, [0057](https://github.com/jens-maus/RaspberryMatic/blob/master/buildroot-external/patches/occu/0057-WebUI-ImprovedDutyCycleDisplay.patch)).
- slightly enhanced the DutyCycle display WebUI patch to display more nicely (#674, #675, @ptweety, [0057](https://github.com/jens-maus/RaspberryMatic/blob/master/buildroot-external/patches/occu/0057-WebUI-ImprovedDutyCycleDisplay.patch)).
- fixed a bug in the improved script editor WebUI patch where the editor window was automatically horizontally resized if the content in the editor got too large (#671, [0046](https://github.com/jens-maus/RaspberryMatic/blob/master/buildroot-external/patches/occu/0046-WebUI-ImprovedScriptEditor.patch)).
- fixed a bug in the ESP Security WebUI patch which prevented the initial WebUI installation wizard to correctly save the provided Admin password (#677, @quickmic, [0052](https://github.com/jens-maus/RaspberryMatic/blob/master/buildroot-external/patches/occu/0052-WebUI-Fix-ESP-Security.patch)).
- reworked ESP Security WebUI patch to contain more robust fixes for certain ESP related security issues and also integrated some more ESP security fixes in `programs.fn` which should fix [CVE-2019-14475](https://nvd.nist.gov/vuln/detail/CVE-2019-14475) and [CVE-2019-14473](https://nvd.nist.gov/vuln/detail/CVE-2019-14473) ([0052](https://github.com/jens-maus/RaspberryMatic/blob/master/buildroot-external/patches/occu/0052-WebUI-Fix-ESP-Security.patch)).
#### Linux operating system changes:
- added support for new [RaspberryPi4 Model B](https://www.raspberrypi.org/products/raspberry-pi-4-model-b/) hardware supporting all three different 1GB, 2GB and 4GB models. Please note, that due to RaspberryPi firmware limitations the HDMI console will currently not show any kernel bootup messages and that the HDMI port can not be automatically powered off to reduce RF interferences.
- integrated USB ethernet gadget mode for RaspberryPi Zero and RaspberryPi Zero W (requires `/etc/config/usbGadgetModeEnabled`) which allows to connect the USB port directly to a separate Linux/macOS/Windows system now and use this connection as an alternative Ethernet connection (eth0) to connect to the internet (#648, #216, @fhirschmann).
- updated Linux kernel version to 4.19.66 for [ASUS Tinkerboard](https://github.com/armbian/build/tree/master/patch/kernel/rockchip-next) and [RaspberryPi](https://github.com/raspberrypi/linux/tree/rpi-4.19.y) including the corresponding RaspberryPi firmware files.
- updated embedded Java version to latest stable [1.8.0_222-8.40.0.178](http://www.azul.com/downloads/zulu-embedded/).
- streamlined all U-boot settings throughout all different hardware platforms to unify the feature sets accordingly.
- enabled lz4 compression for kernel images and cpio compression in all defconfig files. This should make uncompression (thus bootup) slightly faster since lz4 should perform way better than standard gzip.
- disabled `max-worker` setting in global `lighttpd.conf` to potentially fix issues with large file uploads.