Changelog 6.44.5 – MikroTik Changelog Tracker

Component	Change
bridge	correctly handle bridge host table;
capsman	fixed CAP system upgrading process for MMIPS;
capsman	fixed interface-list usage in access list;
certificate	removed "set-ca-passphrase" parameter;
cloud	properly stop "time-zone-autodetect" after disable;
conntrack	fixed GRE protocol packet connection-state matching (CVE-2014-8160);
defconf	automatically set "installation" parameter for outdoor devices;
dhcpv6-client	fixed status update when leaving "bound" state;
dhcpv6-server	fixed dynamic IPv6 binding without proper reference to the server;
dhcpv6-server	override prefix pool and/or DNS server settings by values received from RADIUS;
discovery	fixed CDP packets not including address on slave ports (introduced in v6.44);
e-mail	properly release e-mail sending session if the server's domain name can not be resolved;
firewall	fixed fragmented packet processing when only RAW firewall is configured;
firewall	process packets by firewall when accepted by RAW with disabled connection tracking;
gps	strip unnecessary trailing characters from "longtitude" and "latitude" values;
hotspot	moved "title" HTML tag after "meta" tags;
ipv6	improved system stability when receiving bogus packets;
ovpn	added "verify-server-certificate" parameter for OVPN client (CVE-2018-10066);
rb3011	improved system stability when receiving bogus packets;
rb921	improved system stability ("/system routerboard upgrade" required);
snmp	improved reliability on SNMP service packet validation;
ssh	fixed non-interactive multiple command execution;
supout	added IPv6 ND section to supout file;
supout	added "pwr-line" section to supout file;
supout	changed IPv6 pool section to output detailed print;
winbox	do not allow setting "dns-lookup-interval" to "0";
wireless	improved DFS radar detection when using non-ETSI regulated country;
wireless	improved installation mode selection for wireless outdoor equipment;
wireless	updated "china" regulatory domain information;
www	improved client-initiated renegotiation within the SSL and TLS protocols (CVE-2011-1473);

bridge

correctly handle bridge host table;

capsman

fixed CAP system upgrading process for MMIPS;

capsman

fixed interface-list usage in access list;

certificate

removed "set-ca-passphrase" parameter;

cloud

properly stop "time-zone-autodetect" after disable;

conntrack

fixed GRE protocol packet connection-state matching (CVE-2014-8160);

defconf

automatically set "installation" parameter for outdoor devices;

dhcpv6-client

fixed status update when leaving "bound" state;

dhcpv6-server

fixed dynamic IPv6 binding without proper reference to the server;

dhcpv6-server

override prefix pool and/or DNS server settings by values received from RADIUS;

discovery

fixed CDP packets not including address on slave ports (introduced in v6.44);

e-mail

properly release e-mail sending session if the server's domain name can not be resolved;

firewall

fixed fragmented packet processing when only RAW firewall is configured;

firewall

process packets by firewall when accepted by RAW with disabled connection tracking;

gps

strip unnecessary trailing characters from "longtitude" and "latitude" values;

hotspot

moved "title" HTML tag after "meta" tags;

ipv6

improved system stability when receiving bogus packets;

ovpn

added "verify-server-certificate" parameter for OVPN client (CVE-2018-10066);

rb3011

improved system stability when receiving bogus packets;

rb921

improved system stability ("/system routerboard upgrade" required);

snmp

improved reliability on SNMP service packet validation;

ssh

fixed non-interactive multiple command execution;

supout

added IPv6 ND section to supout file;

supout

added "pwr-line" section to supout file;

supout

changed IPv6 pool section to output detailed print;

winbox

do not allow setting "dns-lookup-interval" to "0";

wireless

improved DFS radar detection when using non-ETSI regulated country;

wireless

improved installation mode selection for wireless outdoor equipment;

wireless

updated "china" regulatory domain information;

www

improved client-initiated renegotiation within the SSL and TLS protocols (CVE-2011-1473);