We want to take a moment to express our heartfelt gratitude to each of you for participating in our beta program. Your feedback, support, and enthusiasm have been invaluable as we continue to enhance and improve the Pi-hole experience.
✨ The Party Continues!
The journey doesn’t stop here! The next phase is now available on our development branches, where we’ll keep refining things until we are finally ready for a general release.
If you were participating in the beta, you should move to the development branches in order to continue receiving updates.
The development-v6 branches will be deleted from the repositories soon™
Important Notes
On the web repository, the devel branch has now been replaced by development
On the docker-pi-hole repository, the dev branch has now been replaced by development
If you are using the nightly tag of the docker image and (against our better advice!) have it automatically updating, it will probably stop working for you from this evening as nightly builds are now based on the new v6 base
We appreciate your commitment and contributions, and we can’t wait for you to continue this adventure with us. Stay tuned for more updates and enjoy being a part of our ever-evolving community!
Thank you once again,
The Pi-hole Team
PS
No ETAs for full release… just Soon™
2024-09-02 21:50:33 +0000 UTC
View Post
A little over 10 months ago, we announced the beginning of a beta testing round for Pi-hole v6. We’re excited to share that after countless hours of testing, feedback, and fine-tuning, we believe it’s now (very nearly) ready for release!
The response from our community has been incredible, with over 250 discussion threads on our forum centred around the v6.0 beta. These conversations have been invaluable, helping us identify and resolve bugs, uncover new use cases, and polish the overall experience.
One of the most rewarding aspects of running a beta testing round is witnessing the collective effort to improve the software. Our users have shown tremendous dedication in helping us refine Pi-hole v6. Whether by spotting issues we missed or suggesting enhancements we hadn’t considered, the community’s contributions have been crucial in getting us to this point.
As we prepare for the final release, we want to assure you that your feedback has made Pi-hole v6 stronger and more reliable. Our goal has always been to ensure that when we finally hit the button on a general release, the majority of users will have a smooth and trouble-free experience.
In the coming weeks, we’ll be wrapping up the final touches, the first of which will be to move all of the development-v6 branches into their equivalent “main” development branches on each repo. For those of you on the beta already, once this switch happens you’ll need to switch to these branches to continue receiving updates (pihole checkout dev on bare metal installs, or switch to the dev tag on Docker)
IMPORTANT: Do not run any checkout commands until https://github.com/pi-hole/web/pull/3019, https://github.com/pi-hole/FTL/pull/1950, and https://github.com/pi-hole/pi-hole/pull/5100 have been merged!
As always, we are incredibly grateful for the continued support from our community. If you’ve found Pi-hole to be a valuable tool in your network, consider supporting our work through a donation at pi-hole.net/donate. Every contribution helps us to keep improving and maintaining Pi-hole for everyone.
Stay tuned for more updates as we move closer to releasing the best version of Pi-hole yet. Thank you for your continued support and participation—together, we’ve made Pi-hole v6 something truly special!
2024-08-18 11:39:25 +0000 UTC
View Post
A vulnerability was recently discovered in Pi-hole’s gravity script that would allow for any system file to be arbitrarily read and presented to an authenticated user on the web interface.
This release mitigates the vulnerability by limiting gravity’s ability to read local file’s to only those that are explicitly readable by anyone on the system.
More information can be found here: https://github.com/pi-hole/pi-hole/security/advisories/GHSA-95g6-7q26-mp9x
Many thanks to Github User @T0X1Cx for their responsible (and detailed!) disclosure of this vulnerability.
As a reminder, potential issues can be reported to us either through Github’s vulnerability reporting tools or by emailing us on disclosure@pi-hole.net
What’s Changed
Full Changelog: v5.17.3...v5.18
2024-03-27 18:22:23 +0000 UTC
View Post
Please run `pihole -up` to update Pi-hole with the fixes noted in the previous post.
Thanks!
2024-02-15 01:01:28 +0000 UTC
View Post
2024-02-13 21:17:22 +0000 UTC
View Post
While the majority of our development effort is currently focused on the running v6.0 beta, we are absolutely dedicated to supporting and enhancing v5. We understand that many users continue to depend on v5, and that’s why we are not leaving it behind. Certain improvements and changes developed for v6.0 will be backported to v5, ensuring that it remains robust and up-to-date. We believe in providing the best experience for all users, irrespective of if they joined the public beta or not.
2024-01-06 17:00:17 +0000 UTC
View Post
New release just dropped, get your release notes here!
Thank you for your continued support - we truly appreciate it!
2023-05-28 11:26:07 +0000 UTC
View Post
2023-01-22 17:12:29 +0000 UTC
View Post
2023-01-15 20:12:28 +0000 UTC
View Post
I've found a stash of Pi-hole Patreon supporter coins that we used a few years ago. Would anyone be interested in acquiring one? If there is some interest then I will research how to make them available.
2022-12-15 22:30:02 +0000 UTC
View Post
2022-11-15 21:25:55 +0000 UTC
View Post
Pi-hole FTL v5.18.2, Web v5.16 and Core v5.13 have been released and the docker image updated.
2022-10-11 20:10:47 +0000 UTC
View Post
2022-09-03 17:31:04 +0000 UTC
View Post
Please read the release notes prior to upgrading.
CentOS 7 support has been dropped in this release. Alma and Rocky will be detected properly.
2022-09-02 18:48:26 +0000 UTC
View Post
We're working away on a new release, and thought we would share some of the changes to expect
2022-08-29 20:55:39 +0000 UTC
View Post
Hello folks!
We're still here and we have released a new version. Please see the link above for the release notes before you upgrade.
Thanks for being a part of the Pi-hole Community!
2022-07-07 22:40:32 +0000 UTC
View Post
We've partnered with ThePiHut to make some custom Pi-hole cases for the Raspberry Pi 4!
There will be kits in more power supply standards, every kit should work with a USB-C PSU of the proper voltage/amperage.
Thanks for being a part of the Pi-hole Community!
2022-05-13 17:58:39 +0000 UTC
View Post
2022-04-20 18:49:28 +0000 UTC
View Post
2022-02-12 20:13:09 +0000 UTC
View Post
Hello Patrons!
We've added back the very frequently requested Pi-hole store!
We're granting our Patrons early access to shake out any bugs before we open the doors to all. Let us know what you see and think, feedback on everything is welcome.
2022-01-13 11:55:03 +0000 UTC
View Post
Please read the release notes before upgrading.
Thank you for your continued support!
2022-01-05 18:33:22 +0000 UTC
View Post
Please read the release notes before upgrading.
Thank you for your continued support!
2021-12-22 20:31:49 +0000 UTC
View Post
2021-12-16 18:40:27 +0000 UTC
View Post
Please read the release notes before upgrading.
Thank you for your continued support!
2021-10-23 19:32:43 +0000 UTC
View Post
One of the lesser known features of Pi-hole is the ability to see MAC and IP addresses from external servers. This feature was added in FTL version 5.3 and lets you set up external services that can send EDNS0 Client Subnet information with queries.
2021-09-30 15:14:32 +0000 UTC
View Post
2021-09-29 21:00:54 +0000 UTC
View Post
I'll find a way of auto-crossposting these links one day...
Thank you all for your continued support!
2021-09-11 23:19:09 +0000 UTC
View Post
Hi patrons,
We wanted to give you a heads up about a small change to required tax on pledges. Patreon already adds sales tax/VAT/GST to pledges from patrons in most US states and several other countries—anywhere that’s required by law. They’re now required to start adding tax in a few new places: Canada (other than Quebec where Patreon already charges QST), Thailand, Florida, and Kansas. If you live in one of those places, you should see a small amount of tax added to your pledge starting July 15th for per post, and August 1st for monthly.
If you have questions, you should be able to find answers here. If you still have questions, the best place to get an answer is from Patreon’s customer support team, here.
If this affects your ability to pledge via Patreon, please consider using our GitHub Sponsors link. GitHub is waiving fees and more of your donation is provided to the team.
Thanks for your support,
Dan, Adam, Dom and the Pi-hole Team
2021-07-25 19:35:14 +0000 UTC
View Post
As always, please read through the changelog before updating to the beta versions.
Read first: Please do not run this if you are not comfortable with digging into any issues that may arise. That said, we would like to have some support in making sure we have every imaginable configuration covered before release. Pi-hole can already do so much, it is almost impossible to test all features ourselves properly.
Also ensure that you have either backed up your configuration or are willing to start from scratch in case things go wrong.
Please use the "Beta" Category on our Discourse Forum to discuss the beta and/or report any findings.
With warnings out of the way...
Highlights
Update embedded dnsmasq DNS server to version 2.86
- Handle DHCPREBIND requests in the DHCPv6 server code
- Fix bug which caused dnsmasq to lose track of processes forked to handle TCP DNS connections under heavy load
The code checked that at least one free process table slot was available before listening on TCP sockets, but didn't take into account that more than one TCP connection could arrive, so that check was not sufficient to ensure that there would be slots for all new processes. It compounded this error by silently failing to store the process when it did run out of slots. Even when this bug is triggered, all the right things happen, and answers are still returned. Only under very exceptional circumstances, does the bug manifest itself: see https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q2/014976.html - Major rewrite of the DNS server and domain handling code
This should be largely transparent, but it drastically improves performance and reduces memory foot-print when configuring large numbers domains of the form local=/adserver.com/ or local=/adserver.com/#
Lookup times now grow as log-to-base-2 of the number of domains, rather than greater than linearly, as before. The change makes multiple addresses associated with a domain work address=/example.com/1.2.3.4 address=/example.com/5.6.7.8
It also handles multiple upstream servers for a domain better; using the same try/retry alogrithms as non domain-specific servers. This also applies to DNSSEC-generated queries.
Finally, some of the oldest and gnarliest code in dnsmasq has had a significant clean-up. It's far from perfect, but it is better. - Revise resource handling for number of concurrent DNS queries
This used to have a global limit, but that has a problem when using different servers for different upstream domains. Queries which are routed by domain to an upstream server which is not responding will build up and trigger the limit, which breaks DNS service for all other domains which could be handled by other servers. The change is to make the limit per server-group, where a server group is the set of servers configured for a particular domain. In the common case, where only default servers are declared, there is no effective change. - Improve efficiency of DNSSEC
The sharing point for DNSSEC RR data used to be when it entered the cache, having been validated. After that queries requiring the KEY or DS records would share the cached values. There is a common case in dual-stack hosts that queries for A and AAAA records for the same domain are made simultaneously. If required keys were not in the cache, this would result in two requests being sent upstream for the same key data (and all the subsequent chain-of-trust queries.) Now we combine these requests and elide the duplicates, resulting in fewer queries upstream and better performance. To keep a better handle on what's going on, the "extra" logging mode has been modified to associate queries and answers for DNSSEC queries in the same way as ordinary queries. The requesting address and port have been removed from DNSSEC logging lines, since this is no longer strictly defined. - Allow wildcards in dnsmasq config domain patterns
Domain patterns in --address, --server and --local have, for many years, matched complete labels only, so
--server=/google.com/1.2.3.4 will apply to google.com and www.google.com but NOT supergoogle.com.
dnsmasq now introduces an optional * at the LHS of the domain string which changes this behaviour so as to include substring matches within labels. So, --server=/*google.com/1.2.3.4 applies to google.com and www.google.com AND supergoogle.com
FTL also imported the requested feature to Support Cisco Umbrella/OpenDNS Device ID & Remote IP (see FTL#1096)
Interface-dependent handling of pi.hole and hostname
This makes FTL automatically reply with the appropriate IP address to both pi.hole and the machine's hostname. Before this change, FTL always used a hard-coded address set during the weekly gravity updates (pihole -g). The new method is interface-aware and may reply with different addresses on different interfaces (e.g. Ethernet, WiFi or Wireguard network). The address FTL replies with can be overwritten using the REPLY_ADDR4/6 settings in /etc/pihole/pihole-FTL.conf.
Show automatically generated DNSSEC queries
After each restart of pihole-FTL, there will be a high number of DNSSEC-related queries (DNSKEY and DS) as the DNSSEC chain of trust needs to build for all domains queried in your network. The number of queries will quickly drop afterwards when the chain has been primed with all the top-level domains you are typically visiting. You should then only rarely see a DS query when visiting an altogether new webpage.
To ensure this new information is valuable for you, we will sketch how DNSSEC validation works in another upcoming blog post.
If you don't want to see these queries, you can easily set SHOW_DNSSEC=false in /etc/pihole/pihole-FTL.conf to suppress analyzing them altogether (they will still be happening in the background).
Update embedded SQLite engine to version 3.36
- Improvement to the EXPLAIN QUERY PLAN output to make it easier to understand.
- Byte-order marks at the start of a token are skipped as if they were whitespace.
- An error is raised on any attempt to access the rowid of a VIEW or subquery. Formerly, the rowid of a VIEW would be indeterminate and often would be NULL.
- The "memdb" VFS now allows the same in-memory database to be shared among multiple database connections in the same process as long as the database name begins with "/".
- Back out the EXISTS-to-IN optimization (item 8b in the SQLite 3.35.0 change log) as it was found to slow down queries more often than speed them up.
- Improve the constant-propagation optimization so that it works on non-join queries.
- The REGEXP extension is now included in CLI builds (use pihole-FTL sqlite in your terminal to access the embedded SQLite engine).
Enable .recover option for embedded SQLite engine
Exemplary use to repair a corrupted long-term database:
pihole-FTL /etc/pihole/pihole-FTL.db ".recover" | pihole-FTL ~/pihole-FTL_recovered.db
On success, the old database can be replaced by the repaired one.
Other changes and bugfixes
- Improve reliability under heavy TCP query load
- Log when listening on the wildcard address. This will help debugging edge-case setups.
- Fix crash when bind-address is used.
- Fix for incorrect (but harmless) FATAL: Trying to access query ID -1 errors messages in pihole-FTL.log
- Show hostnames also for clients specified by MAC address
- Improve warning messages for defect hwclocks
- Delay startup of FTL earlier to avoid database importing issues with incorrectly configured fake-clocks (if applicable)
- Add a new theme that can automatically switch to dark mode if used on the device
- Enable PHP8 support for Debian/Ubuntu
- Be explicit in IPv6 RA values
- Don't overwrite existing logrotate script
OK, enough reading.. how do I switch to the beta?
pihole checkout ftl release/v5.9
pihole checkout core release/v5.4
pihole checkout web release/v5.6
And, again, please use the "Beta" Category on our Discourse Forum to discuss the beta/report any findings. We'll be there to give help and update the beta quickly in case you find any errors.
2021-07-04 17:01:08 +0000 UTC
View Post
We've released a new version today.
Release notes are at https://pi-hole.net/2021/04/14/pi-hole-ftl-v5-8-web-v5-5-and-core-v5-3-released/
Please let us know on Discourse or Mattermost if you have any issues or concerns.
Thanks!
2021-04-15 02:40:25 +0000 UTC
View Post
