diff --git a/docs/unraid-os/release-notes/7.3.2.md b/docs/unraid-os/release-notes/7.3.2.md index e86fffe262..0388a7c99a 100644 --- a/docs/unraid-os/release-notes/7.3.2.md +++ b/docs/unraid-os/release-notes/7.3.2.md @@ -1,144 +1,157 @@ -# Version 7.3.2-rc.1 2026-07-02 +# Version 7.3.2 2026-07-08 -Unraid OS 7.3.2-rc.1 refreshes the Linux kernel, Docker, the Unraid API, and a broad set of base packages, with security-related updates across core networking, web, storage, and encryption components. This release also includes ZFS and QEMU updates, along with storage, Docker, and system improvements. +Unraid OS 7.3.2 is a security and bugfix release including Linux kernel 6.18.38, Docker VLAN networking fixes, storage and boot-pool fixes, virtualization UI fixes, Unraid API 4.35.1, and several base package updates. + +Recommended for all users. ## Upgrading -For step-by-step instructions, see [Updating Unraid](/unraid-os/updating-unraid/). Questions about your [license](/unraid-os/troubleshooting/licensing-faq/)? +For step-by-step instructions, see [Updating Unraid](). Questions about your [license](<../../unraid-os/troubleshooting/licensing-faq.mdx#license-types--features>)? ## Known issues -- No new release-specific known issues are documented for this release. +* No new release-specific known issues are noted. For issues inherited from prior releases, see the [Unraid OS 7.3.1](<../7.3.1/>) release notes. ## Notes -- The release includes package updates for core services and libraries used by the OS, including Docker, OpenSSH support libraries, and certificate and networking components. +* This release includes security-related base package updates. Package-level CVE annotations are listed in Base distro updates. ## Rolling back -- Review the rollback notes for [Unraid OS 7.3.1](/unraid-os/release-notes/7.3.1/) before downgrading from this release. -- This release updates the kernel, ZFS, Docker, and the Unraid API. Verify compatibility before rolling back. +* No new rollback limitations are noted for this release. Before rolling back, review the [Unraid OS 7.3.1](<../7.3.1/>) release notes. ## BREAKING CHANGES -- No breaking changes are documented for this release. +* None. -## Changes vs. [Unraid OS 7.3.1](/unraid-os/release-notes/7.3.1/) +## Changes vs. Unraid OS 7.3.1 ### Security -- Security: updated bind, dnsmasq, libarchive, libidn, net-tools, nginx, openssl, shadow, sqlite, and xorg-server for security fixes. dnsmasq, nginx, openssl, net-tools, and sqlite include listed CVE coverage. -- Fix: CVE-2026-3838. +* Security: Fixed a WebGUI `update.php` path-traversal command execution vulnerability, CVE-2026-3838. +* Security: Includes base package security fixes with CVE coverage for multiple components; package-level CVE details are listed in Base distro updates. ### Containers / Docker -- Improvement: updated Docker to 29.5.3-1_LT. -- Fix: VLAN Docker networks now restore gateway and default-route handling more reliably after the Docker 29 upgrade, so affected containers can regain outbound and inter-VLAN connectivity. +* Fix: Docker VLAN auto-networks can fall back to the configured Docker gateway so containers keep outbound connectivity. +* Improvement: Improved Docker tab load performance by keeping synchronous I/O off the Docker tab render path, based on a community contribution from [TSpader ]()(thank you!) ### Storage -- Improvement: updated ZFS to 2.4.3_6.18.37_Unraid-1_LT. -- Fix: boot pool device removal works correctly again instead of failing with a GUI error in some mirrored boot pool configurations. -- Fix: replacing a missing boot pool device no longer leaves behind a stale missing mirror member in some port-swap scenarios. -- Fix: formatting or erasing a pool no longer crashes the GUI in a specific `sda` naming edge case. -- Fix: corrected Btrfs RAID1 pool size and usage reporting on the dashboard for mixed-size devices. +* Fix: Boot pool replacement no longer leaves a stale missing mirror member in the affected replacement case. +* Fix: Removing a boot pool device no longer triggers the regression that could fail the operation. +* Fix: Formatting a pool device whose name overlaps with a boot device no longer triggers a false positive invalid-target assertion. +* Fix: Dashboard cache pool size and usage reporting is corrected for Btrfs RAID1 pools. ### WebGUI / System -- Improvement: updated dynamix.unraid.net to 4.35.1. -- Improvement: refreshed base system packages including bash, ca-certificates, curl, git, pkgtools, rsync, util-linux, and other core components. -- Fix: controller views in System Devices now show the correct drives instead of sometimes including unrelated devices. -- Fix: mDNS service discovery can recover more reliably after a temporary network loss. +* New: Added monitor status output for panel indication plugins that use LED and LCD state. +* Fix: Shutdown and reboot syslog saving now creates `/boot/logs` before writing syslog files. +* Fix: System Devices controller listings no longer include unrelated devices in affected cases. +* Fix: Internal Boot with Flash Licensing better handles transient USB license device resets. ### Networking / Hardware -- Improvement: updated cifs-utils, iproute2, libnvme, and wireless-regdb. -- New: added libcbor, libfido2, and libmaxminddb. -- Improvement: Intel iGPU SR-IOV controls are now hidden unless the required plugin is installed, avoiding settings that cannot be applied. +* Fix: Avahi/mDNS update can start the daemon again after transient network loss. +* Fix: Intel GPU PCI speed reporting is corrected. +* Improvement: Intel iGPU SR-IOV controls are shown only when the supporting plugin is installed. ### Virtualization -- Improvement: updated QEMU to 10.2.3-1_SBo_LT. -- Improvement: more accurate PCI link speed reporting for Intel Arc GPUs in System Devices, which helps when checking passthrough hardware. -- Improvement: the VM Network Source selector is now wider and sorted more naturally, making long or numbered network names easier to scan. -- Fix: VM context menus now stay visible when opened near the bottom of the page instead of rendering partly off-screen. -- Fix: VM usage reporting better matches actual guest CPU activity instead of showing inflated usage during unrelated file transfers. -- Fix: removed an outdated reboot warning from VM settings when PCI options are enabled. +* Fix: VM CPU usage no longer reports high usage caused by unrelated host tasks. +* Fix: VM context menu positioning is corrected. +* Improvement: VM Network Source dropdown entries are sorted and the control is wider for easier scanning. +* Fix: Removed an obsolete VM reboot banner message when VM PCI options are enabled. ### Unraid API -- Update Unraid API to dynamix.unraid.net 4.35.1. +* Update Unraid API to [dynamix.unraid.net 4.35.1](). ### Linux kernel -- Linux kernel: update to 6.18.37-Unraid. +* Linux kernel: update to 6.18.38-Unraid. + CONFIG_USB_AUTOSUSPEND_DELAY=-1 ## Base distro updates ### Added packages (3) -- libcbor: version 0.14.0 -- libfido2: version 1.17.0-2 -- libmaxminddb: version 1.13.3 - -### Updated packages (59) - -- aaa_libraries: version 15.1-50 -> 15.1-51 -- at-spi2-core: version 2.60.4 -> 2.60.5 -- bash: version 5.3.009-2 -> 5.3.015-2 -- bind: version 9.20.23 -> 9.20.24 (security fix noted; no CVE IDs listed) -- ca-certificates: version 20260413 -> 20260616 -- cifs-utils: version 7.5 -> 7.6 -- curl: version 8.20.0 -> 8.21.0 -- dnsmasq: version 2.92rel2 -> 2.93 (CVE-2026-2291) -- docker: version 29.5.2-1_LT -> 29.5.3-1_LT -- dynamix.unraid.net: version 4.34.0 -> 4.35.1 -- elogind: version 255.25 -> 255.27 -- etc: version 15.1-16 -> 15.1-17 -- exfatprogs: version 1.3.2 -> 1.4.2 -- file: version 5.47-2 -> 5.48 -- fontconfig: version 2.18.0-2 -> 2.18.1 -- gdk-pixbuf2: version 2.44.6 -> 2.44.7 -- git: version 2.54.0 -> 2.55.0 -- glib2: version 2.88.1 -> 2.88.2 -- graphite2: version 1.3.14-3 -> 1.3.15-2 -- harfbuzz: version 14.2.0 -> 14.2.1 -- iproute2: version 7.0.0 -> 7.1.0-2 -- json-c: version 0.18_20240915 -> 0.19 -- kbd: version 2.9.0 -> 2.10.0 -- less: version 702 -> 704 -- libarchive: version 3.8.7 -> 3.8.8 (security fix noted; no CVE IDs listed) -- libdrm: version 2.4.133 -> 2.4.134 -- libffi: version 3.5.2 -> 3.6.0 -- libidn: version 1.43 -> 1.44 (security fix noted; no CVE IDs listed) -- libnvme: version 1.16.1 -> 1.16.2 -- libpsl: version 0.21.5 -> 0.22.0 -- libxkbcommon: version 1.13.1 -> 1.13.2 -- lsof: version 4.99.6 -> 4.99.7 -- mesa: version 26.1.1 -> 26.1.3 -- nano: version 9.0 -> 9.1 -- net-tools: version 20181103_0eebece-3 -> 20181103_0eebece-5 (CVE-2025-46836) -- nghttp3: version 1.15.0 -> 1.17.0 -- nginx: version 1.30.1-1_SBo_LT -> 1.30.3-1_SBo_LT (NVD: CVE-2026-9256, CVE-2026-48142) -- ngtcp2: version 1.22.1 -> 1.24.0 -- noto-fonts-ttf: version 2026.05.01 -> 2026.06.01 -- openssh: version 10.3p1 -> 10.3p1-2 -- openssl: version 3.5.6-2 -> 3.5.7 (CVE-2026-34182, CVE-2026-34183, CVE-2026-42764, CVE-2026-45447; NVD: CVE-2026-7383, CVE-2026-9076, CVE-2026-34180, CVE-2026-34181, CVE-2026-42766, CVE-2026-42767, CVE-2026-42768, CVE-2026-42769, CVE-2026-42770, CVE-2026-45445, CVE-2026-45446) -- pango: version 1.57.1 -> 1.58.0 -- pkgtools: version 15.1-31 -> 15.1-32 -- qemu: version 10.2.2-1_SBo_LT -> 10.2.3-1_SBo_LT -- rsync: version 3.4.3 -> 3.4.4 -- shadow: version 4.19.4-2 -> 4.19.4-4 (security fix noted; no CVE IDs listed) -- shared-mime-info: version 2.4-2 -> 2.5.1 -- spirv-llvm-translator: version 22.1.2 -> 22.1.3 -- sqlite: version 3.53.1 -> 3.53.3 (NVD: CVE-2026-11822, CVE-2026-11824) -- sysvinit-scripts: version 15.1-36 -> 15.1-38 -- tree: version 2.3.1 -> 2.3.2 -- util-linux: version 2.42.1 -> 2.42.2 -- wireless-regdb: version 2026.03.18 -> 2026.05.30 -- xclock: version 1.1.1 -> 1.2.0 -- xinit: version 1.4.4 -> 1.4.4-2 -- xkeyboard-config: version 2.47 -> 2.48 -- xlsclients: version 1.1.5 -> 1.1.6 -- xorg-server: version 21.1.22-3 -> 21.1.23 (security fix noted; no CVE IDs listed) -- zfs: version 2.4.2_6.18.33_Unraid-1_LT -> 2.4.3_6.18.37_Unraid-1_LT +* libcbor: version 0.14.0 +* libfido2: version 1.17.0 +* libmaxminddb: version 1.13.3 + +### Updated packages (73) + +* aaa_libraries: version 15.1-50 -> 15.1-51 +* acl: version 2.3.2 -> 2.4.0 +* at-spi2-core: version 2.60.4 -> 2.60.5 +* attr: version 2.5.2 -> 2.6.0 +* bash: version 5.3.009-2 -> 5.3.015-2 +* bash-completion: version 2.17.0 -> 2.18.0 +* bind: version 9.20.23 -> 9.20.24-2 (security fix noted; no CVE IDs listed) +* ca-certificates: version 20260413 -> 20260616 +* cifs-utils: version 7.5 -> 7.6 +* curl: version 8.20.0 -> 8.21.0 (NVD: CVE-2026-9079, CVE-2026-9080, CVE-2026-9545, CVE-2026-9546, CVE-2026-9547) +* dnsmasq: version 2.92rel2 -> 2.93 (CVE-2026-2291) +* docker: version 29.5.2 -> 29.5.3 +* [dynamix.unraid.net](): version 4.34.0 -> 4.35.1 +* elogind: version 255.25 -> 255.27 +* etc: version 15.1-16 -> 15.1-17 +* exfatprogs: version 1.3.2 -> 1.4.2 +* file: version 5.47-2 -> 5.48 +* fontconfig: version 2.18.0-2 -> 2.18.1 +* gdk-pixbuf2: version 2.44.6 -> 2.44.7 +* git: version 2.54.0 -> 2.55.0 +* glib2: version 2.88.1 -> 2.88.2 +* graphite2: version 1.3.14-3 -> 1.3.15-2 +* harfbuzz: version 14.2.0 -> 14.2.1 +* iproute2: version 7.0.0 -> 7.1.0-2 +* jansson: version 2.15.0 -> 2.15.1 +* json-c: version 0.18_20240915 -> 0.19 +* kbd: version 2.9.0 -> 2.10.0 +* krb5: version 1.22.2-2 -> 1.22.2-3 +* less: version 702 -> 704 +* libarchive: version 3.8.7 -> 3.8.8 (security fix noted; no CVE IDs listed) +* libdrm: version 2.4.133 -> 2.4.134 +* libevent: version 2.1.12-4 -> 2.1.13 (security fix noted; no CVE IDs listed) +* libffi: version 3.5.2 -> 3.6.0 +* libidn: version 1.43 -> 1.44 (security fix noted; no CVE IDs listed) +* libjpeg-turbo: version 3.1.4.1 -> 3.2.0 +* libnvme: version 1.16.1 -> 1.16.2 +* libpsl: version 0.21.5 -> 0.22.0 +* libseccomp: version 2.6.0 -> 2.6.1 (security fix noted; no CVE IDs listed) +* libtiff: version 4.7.1 -> 4.7.2 +* liburing: version 2.14 -> 2.15 +* libvirt-php: version 0.5.8-8.4.21 -> 0.5.8-8.4.23 +* libxkbcommon: version 1.13.1 -> 1.13.2 +* lmdb: version 0.9.35 -> 1.0.0 +* lsof: version 4.99.6 -> 4.99.7 +* mesa: version 26.1.1 -> 26.1.4 +* nano: version 9.0 -> 9.1 +* net-tools: version 20181103_0eebece-3 -> 20181103_0eebece-5 (CVE-2025-46836) +* nghttp3: version 1.15.0 -> 1.17.0 +* nginx: version 1.30.1-1 -> 1.30.3-1 (NVD: CVE-2026-9256, CVE-2026-42055, CVE-2026-48142) +* ngtcp2: version 1.22.1 -> 1.24.0 +* noto-fonts-ttf: version 2026.05.01 -> 2026.07.01 +* openssh: version 10.3p1 -> 10.4p1 (security fix noted; no CVE IDs listed) +* openssl: version 3.5.6-2 -> 3.5.7 (CVE-2026-34182, CVE-2026-34183, CVE-2026-42764, CVE-2026-45447; NVD: CVE-2026-7383, CVE-2026-9076, CVE-2026-34180, CVE-2026-34181, CVE-2026-42766, CVE-2026-42767, CVE-2026-42768, CVE-2026-42769, CVE-2026-42770, CVE-2026-45445, CVE-2026-45446) +* pango: version 1.57.1 -> 1.58.0 +* php: version 8.4.21-1 -> 8.4.23-1 (CVE-2026-14355) +* pkgtools: version 15.1-31 -> 15.1-32 +* qemu: version 10.2.2-1 -> 10.2.3-1 +* rsync: version 3.4.3 -> 3.4.4 +* samba: version 4.22.8 -> 4.22.10 (CVE-2026-1933, CVE-2026-2340, CVE-2026-3012, CVE-2026-3238, CVE-2026-4408, CVE-2026-4480) +* shadow: version 4.19.4-2 -> 4.19.4-6 (security fix noted; no CVE IDs listed) +* shared-mime-info: version 2.4-2 -> 2.5.1 +* spirv-llvm-translator: version 22.1.2 -> 22.1.4 +* sqlite: version 3.53.1 -> 3.53.3 (NVD: CVE-2026-11822, CVE-2026-11824) +* sysvinit-scripts: version 15.1-36 -> 15.1-38 +* tree: version 2.3.1 -> 2.3.2 +* util-linux: version 2.42.1 -> 2.42.2 +* wireless-regdb: version 2026.03.18 -> 2026.05.30 +* xclock: version 1.1.1 -> 1.2.0 +* xinit: version 1.4.4 -> 1.4.4-2 +* xkeyboard-config: version 2.47 -> 2.48 +* xlsclients: version 1.1.5 -> 1.1.6 +* xorg-server: version 21.1.22-3 -> 21.1.23 (security fix noted; no CVE IDs listed) +* zfs: version 2.4.2 -> 2.4.3