pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: [pkgsrc-2026Q1] pkgsrc/net/unifi
Module Name: pkgsrc
Committed By: bsiegert
Date: Mon Apr 27 18:54:24 UTC 2026
Modified Files:
pkgsrc/net/unifi [pkgsrc-2026Q1]: Makefile PLIST distinfo
Log Message:
Pullup ticket #7085 - requested by abs
net/unifi: security fix
Revisions pulled up:
- net/unifi/Makefile 1.39
- net/unifi/PLIST 1.21
- net/unifi/distinfo 1.25
---
Module Name: pkgsrc
Committed By: abs
Date: Thu Apr 23 17:55:56 UTC 2026
Modified Files:
pkgsrc/net/unifi: Makefile PLIST distinfo
Log Message:
Updated net/unifi to 10.1.89
Update unifi to 10.1.89
This includes a pkgsrc update to enable the use of openjdk21 as well as
openjdk17. Note that an existing installation must be running at least
8.6.9 (the current version in pkgsrc) in order to upgrade
UniFi Network Application 10.1.89
- Fixed the security issues mentioned in Security Advisory Bulletin 062.
UniFi Network Application 10.1.84
UniFi Network Application 10.1.84 enhances high availability and
system logging, adds new connectivity insights, and includes
additional improvements and bugfixes.
UniFi Network Application 9.5.21
Added Channel AI
Uses neighboring AP signals to optimize channel distribution.
Designed for controlled, very high-density deployments where external
interference is limited.
- Provides a visual channel map for quick insights.
- Automated optimization ensures balanced channel usage.
- Requires AP firmware 8.2.14/6.7.31 or newer.
Added WiFi Multicast Filtering and VLAN Bridging
Enhances WiFi performance by allowing selective filtering of
multicast services to reduce unnecessary airtime usage. Also
introduces VLAN Bridging, enabling multicast proxying between VLANs
for WiFi clients. VLAN Bridging is available only when the Gateway
mDNS Proxy is disabled.
- Requires UAP firmware 8.2.14 or newer.
Improved Port Manager
- Port AI anomaly reporting – Gain deeper insights into port health
with anomaly detection and scoring. In addition to live insights,
Port AI now generates a 24-hour Anomaly Score across key categories:
- Cables & Power.
- Network Loops & Storm Control.
- Broadcasts & Discovery.
- Traffic Path Health.
- Enhanced Port Details – The side panel now provides richer
visibility and context for each port, including:
- Port status at a glance.
- Activity logs for anomaly events and admin changes.
- MAC table displaying currently connected devices.
- We recommend using UniFi Switch firmware 7.2.123 or newer.
Added Default Security Posture Setting (Allow All / Block All)
Introduces a global default security posture with options to Allow
All or Block All. Selecting Block All will isolate all newly created
VLANs, Ethernet Port Profiles, and devices by default, while existing
configurations remain unchanged.
Improvements
- Added adoption instructions in the Dashboard for UniFi OS Servers.
- Added support for Auto IPv6 WAN Prefix Delegation Size.
- Added a banner to Apple TV devices to update their firmware when
experiencing connectivity issues.
- Improved validation for Object-Oriented Networking.
- Improved the RADIUS Local User management user experience.
- Improved the NeXT AI Flows filtering user experience.
- Moved Profiles to Settings Overview.
Bugfixes
- Fixed an issue where the Objects page could freeze in rare cases.
- Fixed an issue where the Port Forward overlap validation was
incorrectly triggered.
- Fixed an issue where DS-Lite Auto & MAP-E didn't work with Static
and Single Network IPv6.
- Fixed an issue where deleting a client group or network used in
Objects could introduce dead ends.
- Fixed an issue where Site-to-Site VPN configurations weren't
updated when the WAN DHCP IP changed.
- Fixed an issue where Dashboard WiFi Upload/Download data was
shown incorrectly when using a single Radio.
- Fixed an issue where Firewall rules for NAT IPv6 were incorrectly
generated in rare cases.
- Fixed an issue where SLA profile changes are not provisioned.
- Fixed an issue where Source NAT didn't use the interface's IPv6
address in Policies/NAT.
- Fixed an issue where some VLAN Settings were not removed when
setting up MC-LAG.
Additional information
- Create a backup before upgrading your UniFi Network Application if any issues are encountered.
- See the UniFi Network Server Help Center article for more information on self-hosting a server.
- UniFi Network Application 7.5 and newer requires MongoDB 3.6 and Java 17.
- Version 7.5 to 8.0 supports up to MongoDB 4.4.
- Version 8.1 and newer supports up to MongoDB 7.0.
- Version 9.0 and newer supports up to MongoDB 8.0 and Java 17/21.
- UniFi Network Application updates may cause your adopted devices to be re-provisioned.
- Existing UniFi Network Applications must be on one of the following versions to upgrade directly to this version:
- 9.5.21 and earlier 9.5.x versions.
- 9.4.19 and earlier 9.4.x versions.
- 9.3.45 and earlier 9.3.x versions.
- 9.2.87 and earlier 9.2.x versions.
- 9.1.120 and earlier 9.1.x versions.
- 9.0.114 and earlier 9.0.x versions.
- 8.6.9 and earlier 8.6.x versions.
UniFi Network Application 9.4.19
Object Oriented Networking
A new and powerful way to streamline the creation of multiple
dynamic policies.
- Apply complete policy sets (Security, Routing, and QoS) from a
single screen.
- Match on specific clients, client groups, or networks.
- Configures multiple Firewall Rules, ACLs, Policy-Based Routes,
and QoS Rules at once.
- Requires Full UniFi stack and Zone Based Firewall to be active.
Master Policy Table
The single source of truth containing all policies.
- Create and manage Firewall, ACL, DNS, NAT, QoS, Routing, and
Port Forwarding policies from a single screen.
- Apply intelligent filters and customize columns to focus on
specific policies.
- Set up OSPF and BGP Dynamic Routing.
Improvements
IPv6
- Added support for IPv6 NAT66 rules to the Policy Table.
- Added support for MAP-E IPv4 over IPv6 internet connection type
in Japan.
- Supported access services are JPIX v6 Plus and NTT OCN Virtual
Connect.
- Requires UniFi OS 4.4 or newer.
- Added DHCPv6 client options to WAN settings for increased
compatibility with select ISPs.
- Requires UniFi OS 4.4 or newer.
- Added DHCPv6 CoS to WAN settings.
- Improved IPv6 validation.
- Improved IPv6 subnet validation to block use of reserved
ranges, including 2001:db8::/32, multicast, link-local, and
IPv6-mapped IPv4 addresses.
- Improved IPv6 Static Route validation.
- Blocked IPv4-mapped IPv6 addresses from all input fields.
- Disallowed documentation-only CIDRs such as 2001:db8::/32.
- Restricted Multicast IPv6 addresses to Firewall rules only.
Dashboard
- Added the Most Common Devices widget for visibility of top device
types.
- Added WiFi graph filtering by WiFi Broadcasts.
- Improved WAN monitoring and traffic flow graphs for greater
detail.
- Improved performance on sites with active CyberSecure subscriptions.
Routing & Policy
- Added Source and Destination Networks for Destination NAT.
- Added Destination IP List option for Destination NAT.
- Moved Dynamic Routing (BGP, OSPF) to Policy Table > Dynamic
Routing for unified management.
- Changed VLAN Groups on EFG and UXG-Enterprise to Native and
Tagged VLAN Management settings.
- Requires UniFi OS 4.3 or newer.
Content Filtering
- Added a user-facing Block Page to indicate why a website's access
is denied.
- UniFi intercepts HTTPS traffic to display this page, which
may trigger browser security warnings if the gateway's certificate
is not installed and trusted on the client.
- Enable UniFi Identity Certificate Distribution or manually
download the certificate from the Protection page.
- When UniFi Identity is deployed, the gateway certificate is
automatically distributed via the Identity Endpoint Agent,
allowing supported client devices to bypass browser warnings
and display the block page securely and seamlessly.
- Requires UniFi OS 4.4 or newer.
Others
- Added filtering by installed date, uptime, and model on the
Devices page.
- Added option to toggle All Clients On/Off on the Topology page.
- Added Signal filtering to the Clients page.
- Added Counters to the System Logs Filter.
- Added the last connected uplink for non-network UniFi Devices
and Clients.
- Allow Public IPs for switch IP ACLs.
- Improved filtering and navigation experience across Port Manager,
Device page, and System Logs & Insights for smoother and more
consistent usability.
- Improved DHCP Manager user experience with direct access from
the Clients page and better filtering options.
- Moved MC-LAG to the Network settings.
- Updated Auto Querrier IP range from the 0.0.0.X to the 10.0.0.X
subnet.
Bugfixes
- Fixed an issue where Policy Based Routes didn't work when created
from Object Manager while using UniFi OS 4.4 or newer.
- Fixed an issue where WiFi clients using 3rd Party Access Points
weren't shown in the client page in rare cases.
- Fixed an issue where the WiFi Channel Plan was only being applied
to the 5GHz band in some cases.
- Fixed an issue where creating VLANs failed in rare cases.
- Fixed an issue where an incorrect subnet could be generated in
Auto mode for VPN servers in rare cases.
- Fixed an issue where the All Traffic Flows option was not working
for the UXG-Max.
- Fixed an issue where creating IPv6 Static Routes could fail in
rare cases.
- Fixed issue where Zone-Based Firewall did not correctly match
traffic from IPv6 clients.
- Fixed an issue where the VLAN 4040 IP was incorrectly assigned
to L3 switches in rare cases, potentially causing routing conflicts.
- Fixed an issue where multicast traffic was incorrectly reported
as 100% in AirView when no clients were connected to the radio.
- Fixed an issue where the Isolate Spokes option within Site Magic
SD-WAN was not working in rare cases.
- Fixed an issue where invalid Blackhole Static Routes could cause
Gateway configuration issues.
- Fixed an issue where the Traffic Flows could incorrectly list
the Allow action instead of Block.
- Fixed an issue where creating a Third-party Gateway network on
the UDR7 resulted in a gateway configuration error.
- Fixed an issue where Speed Limits could be configured on the
UX7 when connected via a Wireless Uplink.
- Fixed an issue where Switch ACL was unavailable when a UniFi
Gateway was not adopted.
- Fixed an issue where IP conflicts could occur when cloning
configurations from another device with a Fixed IP configured.
- Fixed an issue where WAN failover system logs would be shown
after Console setup.
- Fixed an issue where VLAN tagging did not work correctly when
all ports are set to allow all on InWall APs.
- Fixed an issue where AP/WiFi client selection was missing in
AirView.
- Fixed an issue where Content Filtering settings were being
removed when removing networks in rare cases.
- Fixed an issue where the Jumbo Frames setting was missing for
the EFG and UXG-Enterprise.
- Fixed an issue where flows from the built-in Firewall Policies
were incorrectly shown as Blocked.
UniFi Network Application 9.3.45
UniFi Network Application 9.3.45 includes the improvements and
bugfixes listed below.
Improvements
- Added a confirmation prompt when pausing or removing Content
Filters.
- Improved Alarm Manager webhook formatting.
Bugfixes
- Fixed an issue where configuring Shadow Mode could fail due to
incorrectly applied WAN MAC Overrides.
- Fixed the inability to subscribe to CyberSecure on UniFi OS
Servers.
- Fixed an issue where pausing or resuming Content Filtering
deleted other rules.
- Fixed an issue where Static Routes with VPN interfaces weren't
paused correctly.
UniFi Network Application 9.2.87
UniFi Network Application 9.2.87 adds WAN SLA, Roaming Assistant,
and includes the improvements and bugfixes listed below.
WAN SLA
Provides customizable monitoring of Internet connection health to
ensure reliable failover and maintain network stability.
DHCP Manager
- Manage DHCP leases, Fixed IPs, and local DNS.
- Import/export settings with ease.
- Simplify network configuration in one place.
Improvements
- Added 5GHz Roaming Assistant option in the WiFi Settings.
- Requires Access Point 8.0.36 or newer.
- Added Remote Logging Option to the Predefined Firewall Policies.
- Added hardware acceleration setting for the UCG models and UDR7.
- Added Policy Filtering in Traffic Flows.
- Added the ability to change interface priority for OSPF.
- Added the ability to select Objects in the Port Forward Settings.
- Allowed selecting non-consecutive ports for Link Aggregation.
- Improved the Dashboard user experience.
- Improved the Link Aggregation user experience.
- Improved the AirView user experience and integrated it with
Client Analyzer.
- Improved the ISP side panel user experience.
- Improved configuration applying resiliency.
- Improved the Port Manager user experience.
- Improved the Client Filtering user experience.
- Improved the Settings and WiFi Channel Diagram user experience.
- Improved the Speed Test user experience.
- Improved the side panel behaviour by keeping the same tab open
while navigating between different items on the page.
- Improved the topology user experience.
- Improved Statistics Data Retention handling.
- Moved Insights Viewer to Settings Overview.
- Moved Inform Host & Device SSH settings to the Devices Page.
- Updated Traffic Identification signatures.
Bugfixes
- Fixed an issue where autobackups weren't deleted as configured
in the retention settings.
- Fixed System Log formatting in rare cases.
- Fixed the inability to enable AFC in Canada.
- Fixed an issue where layer-3 blackhole routes were ineffective.
- Fixed an issue where Apply to All APs didn't work in rare cases.
- Fixed an issue where 80MHz was shown in the Conservative WiFi
preset for 5GHz.
- Fixed an issue where incorrect TX retries were shown for Cloud
Gateways with built-in WiFi.
- Fixed an issue where Static Routes could be lost after a L3
switch reboots in rare cases.
- Fixed an issue where WAN2 didn't work on setups with a USG.
UniFi Network Application 9.1.120
UniFi Network Application 9.1.120 adds Traffic Flows, enhances QoS,
expands Multi-WAN, and includes improvements and bugfixes.
UniFi Network Application 9.0.108
UniFi Network Application 9.0.108 adds Zone-Based Firewall,
CyberSecure, Network Application API, and includes improvements
and bugfixes.
To generate a diff of this commit:
cvs rdiff -u -r1.37 -r1.37.10.1 pkgsrc/net/unifi/Makefile
cvs rdiff -u -r1.20 -r1.20.10.1 pkgsrc/net/unifi/PLIST
cvs rdiff -u -r1.24 -r1.24.10.1 pkgsrc/net/unifi/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
diffs are larger than 1MB and have been omitted
Home |
Main Index |
Thread Index |
Old Index