Compare revisions

02fd2d04 · 02fd2d04 · 02fd2d04 · 02fd2d04 · 02fd2d04 · 02fd2d04
--- a/docs/releases/v2016.1.2.rst
+++ b/docs/releases/v2016.1.2.rst
+Gluon 2016.1.2
+==============
+
+Added hardware support
+~~~~~~~~~~~~~~~~~~~~~~
+
+The *x86-generic* images now contain the ATIIXP PATA driver, adding support for
+FUTRO Thin Clients.
+
+Bugfixes
+~~~~~~~~
+
+A nondeterministic boot hang (`#669 <https://github.com/freifunk-gluon/gluon/issues/669>`_) has been fixed.
+The TL-WR841N v5 seems to be affected in particular, but the kernel bug is not hardware-specific per se.
+
+Known Issues
+~~~~~~~~~~~~
+
+* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
+
+  Reducing the TX power in the Expert Mode is recommended.
+
+* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
+
+  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
+
+* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
+
+  The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
--- a/docs/releases/v2016.1.3.rst
+++ b/docs/releases/v2016.1.3.rst
+Gluon 2016.1.3
+==============
+
+Added hardware support
+~~~~~~~~~~~~~~~~~~~~~~
+
+ar71xx-generic
+^^^^^^^^^^^^^^
+
+* ALFA Hornet UB / AP121 / AP121U
+* TP-Link TL-WA7510N
+
+Bugfixes
+~~~~~~~~
+
+* The nondeterministic boot hang (`#669 <https://github.com/freifunk-gluon/gluon/issues/669>`_) that was thought to
+  be fixed in Gluon v2016.1.2 has resurfaced on other hardware. We believe it is now fixed properly.
+* Sysupgrades on the Xen DomU have been fixed.
+* Gluon can now be built on systems that use LibreSSL instead of OpenSSL.
+
+Known Issues
+~~~~~~~~~~~~
+
+* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
+
+  Reducing the TX power in the Expert Mode is recommended.
+
+* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
+
+  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
+
+* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
+
+  The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
+
+* Unwritable flash on some Ubiquiti PicoStations (`#687 <https://github.com/freifunk-gluon/gluon/issues/687>`_)
+
+  Gluon v2016.1.1 added support for Ubiquiti AirMAX devices with AirOS 5.6.x without downgrading AirOS first before
+  flashing Gluon. It was discovered that on Ubiquiti PicoStations, this downgrade is still necessary, as the
+  flash is not correctly unlocked, leaving the device unable to leave Config Mode and making regular sysupgrades
+  impossible.
+
+  TFTP recovery can be used in this state to flash a new firmware.
--- a/docs/releases/v2016.1.4.rst
+++ b/docs/releases/v2016.1.4.rst
+Gluon 2016.1.4
+==============
+
+Added hardware support
+~~~~~~~~~~~~~~~~~~~~~~
+
+ar71xx-generic
+^^^^^^^^^^^^^^
+
+* 8devices Carambola 2
+* Meraki MR12/MR62/MR16/MR66
+
+Bugfixes
+~~~~~~~~
+
+* Major update of all WLAN drivers
+
+  We've taken the unusual step of updating the WLAN drivers ("wireless-backports") to a much newer version, as
+  it was reported that the new version fixes unstable WLAN seen in many setups
+* Build fix: a race condition causing parallel builds to fail has been fixed
+* Build fix: the Gluon tree could get into a state in which all commands fail with "Too many levels of symbolic links"
+* Build fix: allow building Gluon on systems with certain versions of *dash* as */bin/sh*
+
+Known Issues
+~~~~~~~~~~~~
+
+* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
+
+  Reducing the TX power in the Expert Mode is recommended.
+
+* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
+
+  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
+
+* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
+
+  The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
+
+* Unwritable flash on some Ubiquiti PicoStations (`#687 <https://github.com/freifunk-gluon/gluon/issues/687>`_)
+
+  Gluon v2016.1.1 added support for Ubiquiti AirMAX devices with AirOS 5.6.x without downgrading AirOS first before
+  flashing Gluon. It was discovered that on Ubiquiti PicoStations, this downgrade is still necessary, as the
+  flash is not correctly unlocked, leaving the device unable to leave Config Mode and making regular sysupgrades
+  impossible.
+
+  TFTP recovery can be used in this state to flash a new firmware.
--- a/docs/releases/v2016.1.5.rst
+++ b/docs/releases/v2016.1.5.rst
+Gluon 2016.1.5
+==============
+
+Added hardware support
+~~~~~~~~~~~~~~~~~~~~~~
+
+ar71xx-generic
+^^^^^^^^^^^^^^
+
+* OpenMesh
+
+  - MR600 (v1, v2)
+  - MR900 (v1, v2)
+  - OM2P (v1, v2)
+  - OM2P-HS (v1, v2)
+  - OM2P-LC
+  - OM5P
+  - OM5P-AN
+
+* Ubiquiti
+
+  - Rocket M XW
+
+* TP-LINK
+
+  - TL-WR841N/ND v11
+
+Bugfixes
+~~~~~~~~
+
+* build: fix race condition caused by using certain make targets (like *clean*, *images* or *package/\**)
+  with parallel build options without doing a full build before
+* build: fix package dependency issue causing "recursive dependency" warning
+
+  This dependency issue could lead to broken configurations and reportedly caused failed builds in some cases
+  when additional (site-specific) packages were used.
+* build: Gluon will now build correctly with GCC 6 as host compiler
+* Fix configuration of batman-adv when VLANs are used on top of IBSS interfaces (regression due to netifd update in :doc:`v2016.1.4`)
+* Add back missing ath10k firmware (regression due to mac80211 update in :doc:`v2016.1.4`)
+* Gluon can now be used on all supported Ubiquiti AirMAX devices without downgrading to AirOS 5.5.x before
+
+  :doc:`v2016.1.1` added support for most Ubiquiti AirMAX devices with AirOS 5.6.x without downgrading AirOS,
+  but left some devices (at least some PicoStations and Bullets) with unwritable flash. This issue has been
+  resolved (`#687 <https://github.com/freifunk-gluon/gluon/issues/687>`_).
+* Add upgrade script to automatically remove whitespace from configured geolocation
+
+  The new respondd implementation included in :doc:`v2016.1` is stricter about the number format than the
+  old one and doesn't accept trailing whitespace (so one or both coordinates are missing from the output).
+
+  The Config Mode has been fixed to strip whitespace from numeric fields in new configurations since :doc:`v2016.1.1`.
+  This still left old configurations, which are now fixed by this script.
+
+Known Issues
+~~~~~~~~~~~~
+
+* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
+
+  Reducing the TX power in the Expert Mode is recommended.
+
+* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
+
+  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
+
+* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
+
+  The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
--- a/docs/releases/v2016.1.6.rst
+++ b/docs/releases/v2016.1.6.rst
+Gluon 2016.1.6
+==============
+
+Bugfixes
+~~~~~~~~
+
+* build: fix nodejs host build on Debian Wheezy (`#776 <https://github.com/freifunk-gluon/gluon/issues/776>`_)
+* build: fix parallel builds with Make 4.2+
+
+  Trying to use ``-j N`` with Make 4.2 would spawn an unlimited number of processes,
+  eventually leading to memory exhaustion.
+
+* build: fix occasional build failure in libpcap package
+* build: don't require hexdump for x86 builds (`#811 <https://github.com/freifunk-gluon/gluon/issues/811>`_)
+
+  Trying to build Gluon for x86 on systems without hexdump would silently generate
+  broken images.
+
+* Add support for DNS servers given by their link-local IPv6 address in Router Advertisements
+  (`#854 <https://github.com/freifunk-gluon/gluon/issues/854>`_)
+
+* ar71xx-generic: correctly setup LNA GPIOs on CPE210/510 (`#796 <https://github.com/freifunk-gluon/gluon/issues/796>`_)
+
+  Improves the reception by about 20dB.
+
+* ar71xx-generic: switch default WAN/LAN assignment on Ubiquiti UAP Pro
+  (`#764 <https://github.com/freifunk-gluon/gluon/issues/764>`_)
+
+  Switch to the usual "PoE is WAN/setup mode, secondary is LAN" scheme. This only affects
+  new installations; the assignment won't be changed on updates unless the configuration is
+  reset.
+
+* ar71xx-generic: fix ath10k memory leak (`#690 <https://github.com/freifunk-gluon/gluon/issues/690>`_)
+* ar71xx-generic: add support for new TP-Link region codes
+  (`#860 <https://github.com/freifunk-gluon/gluon/issues/860>`_)
+
+  TP-Link has started providing US- and EU-specific firmwares for the Archer C7 v2. To generate
+  Gluon images installable from these new firmwares, the ``GLUON_REGION`` variable must be set
+  to ``eu`` or ``us`` in ``site.mk`` or on the ``make`` command line (the images will still be
+  installable from all old firmwares without region codes).
+
+Known Issues
+~~~~~~~~~~~~
+
+* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
+
+  Reducing the TX power in the Expert Mode is recommended.
+
+* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
+
+  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
+
+* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
+
+  The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
--- a/docs/releases/v2015.2.rst
+++ b/docs/releases/v2015.2.rst
-Gluon 2015.2 (in development)
-=============================
+Gluon 2016.1
+============

 Added hardware support
 ~~~~~~~~~~~~~~~~~~~~~~
@@ -9,7 +9,11 @@ ar71xx-generic

 * Buffalo

-  - WZR-HP-G300N
+  - WZR-HP-G300NH
+
+* D-Link
+
+  - DIR-505 (A1)

 * TP-Link

@@ -18,6 +22,7 @@ ar71xx-generic
  - TL-WR710N v2
  - TL-WR801N/ND v1, v2
  - TL-WR841N/ND v10
+  - TL-WR843N/ND v1
  - TL-WR940N v1, v2, v3
  - TL-WR941ND v6
  - TL-WR1043N/ND v3
@@ -25,6 +30,8 @@ ar71xx-generic
 * Ubiquiti

  - airGateway
+  - airRouter
+  - UniFi AP Outdoor+

 * Western Digital

@@ -47,8 +54,8 @@ New features
 Kernel module opkg repository
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

-We've not been able to keep ABI compatiblity with the kernel of the official OpenWrt images.
-Therefore, Gluon now generates a opkg repository with modules itself.
+We've not been able to keep ABI compatibility with the kernel of the official OpenWrt images.
+Therefore, Gluon now generates an opkg repository with modules itself.

 The repository can be found at `output/modules/` by default, the image output directory has
 been moved from `images/` to `output/images/`. See the updated :doc:`../user/getting_started` guide
@@ -67,7 +74,7 @@ nodes to aid with the alignment of antennas.
 ^^^^^^^^^^^^^^^^^^^^

 Gluon now supports using 802.11s for its mesh links instead of IBSS (Adhoc). This will allow supporting
-WLAN hardware which can't to AP and IBSS mode simultaneously in the future (like Ralink/Mediatek).
+more WLAN hardware in the future (like Ralink/Mediatek, which don't support AP and IBSS mode simultaneously).

 Note that batman-adv is still used on top of 802.11s (and 802.11s forwarding is disabled), the mesh routing protocol
 provided by 802.11s is not used.
@@ -168,9 +175,9 @@ Site changes
        mesh_vpn = {
          ifname = 'mesh-vpn',
          enabled = false,
-          limit_ingress = 3000,
          limit_egress = 200,
-        }
+          limit_ingress = 3000,
+        },
      }

    needs to be changed to
@@ -182,8 +189,8 @@ Site changes

        bandwidth_limit = {
          enabled = false,
-          ingress = 3000,
          egress = 200,
+          ingress = 3000,
        },
      }

@@ -212,10 +219,17 @@ Site changes
    - ``%GR`` is replaced by the Gluon release (as specified in ``site.mk``)


+* ``site.mk``
+
+  - The packages `gluon-announce` and `gluon-announced` were merged into
+    the package `gluon-respondd`. If you had any of them (probably
+    `gluon-announced`) in your package list, you have to replace them.
+
+
 * ``i18n/``

  - The translations of ``gluon-config-mode:pubkey`` now have to show the fastd
-    public key itself if desired, making the formatting of the key and whether it is shown at
+    public key themselves if desired, making the formatting of the key and whether it is shown at
    all configurable. To retain the old format, add ``<p>`` to the beginning of
    your translations and append::

@@ -238,9 +252,13 @@ Internals
  - gluon-cron -> micrond (the crontabs are now read from ``/usr/lib/micron.d`` instead of ``/lib/gluon/cron``)
  - gluon-radvd -> uradvd
  - gluon-simple-tc -> simple-tc (the config file has been renamed as well)
+
 * Some of the Gluon-specific i18n support code in the build system has been removed, as LuCI now provides
  similar facilities
 * The C-based `luci-lib-jsonc` library is now used for JSON encoding/decoding instead of the pure Lua `luci-lib-json`
+* The site config is now stored as JSON on the node. The Lua interface ``gluon.site_config`` is still available, and a C interface was added as part of the new package `libgluonutil`.
+* The `respondd` daemon now uses C modules instead of Lua snippets, which greatly enhances response speed and reduces memory usage. The Gluon integration package has
+  been renamed from `gluon-announced` to `gluon-respondd`.

 Known Issues
 ~~~~~~~~~~~~
@@ -251,7 +269,7 @@ Known Issues
 * batman-adv causes stability issues for both alfred and respondd/announced (`#177 <https://github.com/freifunk-gluon/gluon/issues/177>`_)
 * The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)

-  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promicious mode is disallowed).
+  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).

 * Inconsistent respondd/announced API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)


--- a/docs/releases/v2016.2.1.rst
+++ b/docs/releases/v2016.2.1.rst
+Gluon 2016.2.1
+==============
+
+Added hardware support
+~~~~~~~~~~~~~~~~~~~~~~
+
+ar71xx-generic
+^^^^^^^^^^^^^^
+
+* TP-Link
+
+  - TL-WA901ND v4
+
+Bugfixes
+~~~~~~~~
+
+* Make status page work with disabled cookies/local storage
+  (`#912 <https://github.com/freifunk-gluon/gluon/pull/912>`_)
+
+* Update kernel to 3.18.44
+
+  Fixes CVE-2016-5195 and CVE-2016-7117. It is unlikely that these issues pose
+  a threat to usual Gluon setups, but installing additional packages may make a
+  system vulnerable. In any case, updating is highly recommended.
+
+* Downgrade mac80211 to an earlier state
+
+  Unfortunately, a mac80211 update that was done shortly before the release of
+  Gluon v2016.2 (that seemed necessary to properly support ath10k devices) had
+  again caused severe ath9k stability issues that remained unreported until v2016.2
+  was out.
+
+  We have now reverted mac80211 to an earlier state that was reported to be very
+  stable (while keeping the ath10k-specific changes); in addition, some patches
+  that were reported to cause connection or performance issues with certain clients
+  have been reverted. While is it still not perfectly stable, is should be at least
+  as good as (and probably better than) the v2016.1.x release series.
+
+Known Issues
+~~~~~~~~~~~~
+
+* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
+
+  Reducing the TX power in the Advanced Settings is recommended.
+
+* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
+
+  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
+
+* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
+
+  The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
+
+* Git HTTPS downloads from git.kernel.org fail on Debian Wheezy (`#919 <https://github.com/freifunk-gluon/gluon/issues/919>`_)
+
+  The GnuTLS version on Debian Wheezy is too old and can't establish a connection with
+  git.kernel.org anymore. A newer GnuTLS version is available in wheezy-backports, but
+  as there is no libcurl3-gnutls package linked against the new version, installing the
+  new version has no effect.
--- a/docs/releases/v2016.2.2.rst
+++ b/docs/releases/v2016.2.2.rst
+Gluon 2016.2.2
+==============
+
+Added hardware support
+~~~~~~~~~~~~~~~~~~~~~~
+
+ar71xx-generic
+^^^^^^^^^^^^^^
+
+* TP-Link
+
+  - CPE210/510 EU/US versions
+  - TL-WA801N/ND v3
+  - TL-WR841ND v11 EU/US versions
+
+Bugfixes
+~~~~~~~~
+
+* Fix boot on certain QCA955x-based devices (e.g. OpenMesh OM5P AC v2) (`#965 <https://github.com/freifunk-gluon/gluon/pull/965>`_)
+
+  This issue was a regression in Gluon v2016.2.1.
+
+* Build: Fix git downloads from git.kernel.org on Debian Wheezy (`#919 <https://github.com/freifunk-gluon/gluon/issues/919>`_)
+
+  We've switched back from HTTPS to the git protocol for now to avoid using
+  the old GnuTLS version of Debian Wheezy which can't establish a HTTPS connection
+  with git.kernel.org anymore.
+
+  This issue was a regression in Gluon v2016.2.
+
+* Fix RX filter of Ubiquiti UAP Outdoor+ (`d43147a8e03d <https://github.com/freifunk-gluon/gluon/commit/d43147a8e03dd17bc27e4ab203736f2151f9db3d>`_)
+
+  This issue was a regression in Gluon v2016.2.
+
+* Fix switched WAN/LAN interface assignment on CPE210 (`59deb2064d54 <https://github.com/freifunk-gluon/gluon/commit/59deb2064d54a37e27139b76a3b6064f5f10f364>`_)
+
+  This issue was a regression in Gluon v2016.2.
+
+* Significantly reduce CPU load used by signal strength LEDs (`#897 <https://github.com/freifunk-gluon/gluon/issues/897>`_)
+
+* Fix ethernet port of the Ubiquiti UAP AC Lite (`#911 <https://github.com/freifunk-gluon/gluon/issues/911>`_)
+
+* Build: Don't use host ``/tmp`` directory (`f9072a36411b <https://github.com/freifunk-gluon/gluon/commit/f9072a36411b92089c697b2c0a564155bfe10bd1>`_)
+
+  Fixes build when ``/tmp`` is mounted with *noexec*.
+
+* Fix mesh interface type respondd/alfred announcements when using VLANs over IBSS (`#941 <https://github.com/freifunk-gluon/gluon/issues/941>`_)
+
+* Fix next-node ebtables rules without *next_node.ip4* (`9dbe9f785d2b <https://github.com/freifunk-gluon/gluon/commit/9dbe9f785d2b439c3ebdae365b808ebf42b3cf03>`_)
+
+  Gluon v2016.2 added support for using the next-node feature without specifying an IPv4
+  address. Some scripts had not been adjusted, making the next-node unreliable when
+  no IPv4 address was specified.
+
+Other changes
+~~~~~~~~~~~~~
+
+* x86-generic and x86-64 images now have PATA and MMC support to allow using them
+  on various devices that were previously unsupported.
+
+* Clean up opkg postinst scripts up on image generation
+
+  OpenWrt does this by default to save a little space.
+
+Known Issues
+~~~~~~~~~~~~
+
+* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
+
+  Reducing the TX power in the Advanced Settings is recommended.
+
+* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
+
+  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
+
+* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
+
+  The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
--- a/docs/releases/v2016.2.3.rst
+++ b/docs/releases/v2016.2.3.rst
+Gluon 2016.2.3
+==============
+
+Added hardware support
+~~~~~~~~~~~~~~~~~~~~~~
+
+ar71xx-generic
+^^^^^^^^^^^^^^
+
+* TP-Link TL-WR940N v4
+* TP-Link TL-WR1043ND v4
+
+Removed hardware support
+~~~~~~~~~~~~~~~~~~~~~~~~
+
+Support for Meraki devices (MR12/16/62/66) has been removed for now because of
+severe problems (all devices were using the same MAC addresses). Support will return
+when the issues have been fixed.
+
+Bugfixes
+~~~~~~~~
+
+* Automatically restart respondd on failure (`#863 <https://github.com/freifunk-gluon/gluon/issues/863>`_)
+
+  There have been many reports of respondd processes disappearing; the exact cause is unclear,
+  but might be related to the batman-adv debugfs interface and/or out-of-memory conditions.
+
+  A new respondd initscript uses procd to automatically restart respondd when it dies.
+
+* Make autoupdater timeouts more robust (`#987 <https://github.com/freifunk-gluon/gluon/issues/987>`_)
+
+  It was reported that wget processes sometimes hang indefinitely during the autoupdater manifest
+  download. The autoupdater has been improved to ensure that wget can always be interrupted after
+  a timeout.
+
+  This issue, together with the recent addition of lock files to ensure that only one instance
+  of the autoupdater can run at a time, had caused the autoupdater to blocked completely
+  by hanging processes in some cases (till a node was rebooted).
+
+* Fix regulation domain switching in ath10k (`#1001 <https://github.com/freifunk-gluon/gluon/pull/1001>`_)
+
+  Prevents use of too high transmission power in some cases.
+
+* Ensure that *prefix6* in site.conf is always a /64 prefix (`6b62e2f <https://github.com/freifunk-gluon/gluon/commit/6b62e2fc788cd1f83f6634288a15724dfc42b0fd>`_)
+
+  Other prefix lengths were never supported and don't make sense in many places the prefix is used. Ensure
+  that such configurations will not pass validation.
+
+Known Issues
+~~~~~~~~~~~~
+
+* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
+
+  Reducing the TX power in the Advanced Settings is recommended.
+
+* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
+
+  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
+
+* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
+
+  The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
--- a/docs/releases/v2016.2.4.rst
+++ b/docs/releases/v2016.2.4.rst
+Gluon 2016.2.4
+==============
+
+Bugfixes
+~~~~~~~~
+
+* Fix batman-adv (compat 15) not being able to transmit packages of specific sizes (`b7eeef9 <https://github.com/freifunk-gluon/gluon/commit/b7eeef9b04b44a70b2a953c4efe35a3fdceba2db>`_)
+
+  We suspect that this issue was also the reason for the autoupdater/wget hangs observed by many communities.
+  Non-Gluon nodes like gateways should be updated to batman-adv 2017.0.1 to get the fix.
+
+* Fix build after ftp.all.kernel.org discontinuation (`#1059 <https://github.com/freifunk-gluon/gluon/issues/1059>`_)
+
+* Fix high load because of frequent calls of the respondd initscript (`9a0aeb9 <https://github.com/freifunk-gluon/gluon/commit/9a0aeb9b7482df4e4515e61356b9d393e3a7eacb>`_)
+
+  The respondd restart triggers added in v2016.2.3 ran a significant portion of the respondd initscript for each router advertisement
+  received. This was fixed by a backport of a netifd patch.
+
+* x86 sysupgrade fixes (`41fd50d <https://github.com/freifunk-gluon/gluon/commit/41fd50d20ba31d73c4796c5b2d4eb44ad2258b90>`_,
+  `ad37e2b <https://github.com/freifunk-gluon/gluon/commit/ad37e2b6b43b2c3389356d892b04f3873d8f6b93>`_)
+
+  This fixes sysupgrade on mmcblk and similar devices.
+
+Other changes
+~~~~~~~~~~~~~
+
+* The manifest generator has been extended to generate SHA256 checksums in addition to SHA512 ones
+  (`f9d59be <https://github.com/freifunk-gluon/gluon/commit/f9d59be731efd31a26c59e049ccbdc4b1762f6b1>`_)
+
+  We have recently switched the autoupdater to SHA256 in the Gluon master to avoid mixing two different
+  lengths of hashes for no good reason. This makes the manifests of Gluon v2016.2.x compatible with the
+  new autoupdater so it doesn't prevent backports or downgrades.
+
+  **Note:** Downgrades of major Gluon versions are generally unsupported and will often lead to
+  broken configurations.
+
+Known Issues
+~~~~~~~~~~~~
+
+* x86 sysupgrade (sometimes) loses config when kernel partition grows (`#1010 <https://github.com/freifunk-gluon/gluon/issues/1010>`_)
+
+  This issue affects upgrades from v2016.2.x and older to the Gluon master only, we hope to fix it before the next
+  major release.
+
+* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
+
+  Reducing the TX power in the Advanced Settings is recommended.
+
+* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
+
+  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
+
+* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
+
+  The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
--- a/docs/releases/v2016.2.5.rst
+++ b/docs/releases/v2016.2.5.rst
+Gluon 2016.2.5
+==============
+
+This version contains only a single bugfix for a regression introduced in Gluon v2016.2.4.
+As the regression affects batman-adv compat 15 only, firmwares using the compat 14 legacy
+version don't need to be updated.
+
+Bugfixes
+~~~~~~~~
+
+* Fix kernel crash with batman-adv compat 15 (`d452a7c <https://github.com/freifunk-gluon/gluon/commit/d452a7c2cf1c0da4e034666a50dc0e7aa9ddc592>`_)
+
+  An incorrect backport of a fix for a very improbable kernel crash caused a much more
+  frequent kernel crash. The backport has been fixed.
+
+  This bug a regression in Gluon v2016.2.4.
+
+Known Issues
+~~~~~~~~~~~~
+
+* x86 sysupgrade (sometimes) loses config when kernel partition grows (`#1010 <https://github.com/freifunk-gluon/gluon/issues/1010>`_)
+
+  This issue affects upgrades from v2016.2.x and older to the Gluon master only, we hope to fix it before the next
+  major release.
+
+* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
+
+  Reducing the TX power in the Advanced Settings is recommended.
+
+* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
+
+  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
+
+* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
+
+  The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
--- a/docs/releases/v2016.2.6.rst
+++ b/docs/releases/v2016.2.6.rst
+Gluon 2016.2.6
+==============
+
+Added hardware support
+~~~~~~~~~~~~~~~~~~~~~~
+
+ar71xx-generic
+^^^^^^^^^^^^^^
+
+* TP-Link TL-WR841N/ND v12
+
+Bugfixes
+~~~~~~~~
+
+* Fix `CVE-2016-10229 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10229>`_
+  (`#1097 <https://github.com/freifunk-gluon/gluon/pull/1097>`_)
+
+  Fortunately, the standard Gluon setup is not vulnerable, as the issue only affects
+  applications that use MSG_PEEK on UDP sockets. dnsmasq does use MSG_PEEK, but
+  only in the DHCP component, which is not enabled during normal node operation.
+
+* Fix roaming issue affecting communication between clients
+  (`#1121 <https://github.com/freifunk-gluon/gluon/issues/1121>`_)
+
+  This issue affects all previous releases of Gluon v2016.2.x.
+
+* Fix build against OpenSSL 1.1 (`b6a22ce <https://github.com/freifunk-gluon/gluon/commit/b6a22ce79307853b175192178bb0333d976a3a6f>`_)
+
+* Fix build with long path names (`#1120 <https://github.com/freifunk-gluon/gluon/issues/1120>`_)
+
+* Use new staged sysupgrade procedure (`d4a69c0 <https://github.com/freifunk-gluon/gluon/commit/d4a69c00047f72696a2400cd7129be032de458e3>`_)
+
+  The new sysupgrade fixes an issue affecting x86, causing nodes to lose their
+  configuration on upgrade when the size of the kernel partition grows. This is
+  the case when upgrading from Gluon v2016.2.x to newer (LEDE-based) Gluon
+  versions. **This means that a Gluon node running an older version must be
+  upgraded to Gluon v2016.2.6 first before switching to a LEDE-based version!**
+
+  One downside of the staged sysupgrade is that all processes, including the SSH
+  server, will be terminated at the start of the sysupgrade to allow unmounting
+  the root filesystem. This makes it impossible to get any feedback from the
+  upgrade process without a serial console.
+
+Known Issues
+~~~~~~~~~~~~
+
+* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
+
+  Reducing the TX power in the Advanced Settings is recommended.
+
+* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
+
+  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
+
+* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
+
+  The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
--- a/docs/releases/v2016.2.7.rst
+++ b/docs/releases/v2016.2.7.rst
+Gluon 2016.2.7
+==============
+
+This release only fixes a single regression introduced in Gluon v2016.2.6, and
+add support for building using Perl 5.26.
+
+Bugfixes
+~~~~~~~~
+
+* Improve sysupgrade error handling (`#1160 <https://github.com/freifunk-gluon/gluon/issues/1160>`_)
+
+  If for some reason processes don't react to SIGKILL (usually because of a kernel bug),
+  a node could hang forever in sysupgrade, requiring a power cycle. This has been
+  fixed, triggering a reboot instead.
+
+* Backport fixes to support building with Perl 5.26 or newer (`76753ed <https://github.com/freifunk-gluon/gluon/commit/76753ede0da78e24208f10675fa288247deec961>`_)
+
+Known Issues
+~~~~~~~~~~~~
+
+* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
+
+  Reducing the TX power in the Advanced Settings is recommended.
+
+* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
+
+  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
+
+* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
+
+  The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
--- a/docs/releases/v2016.2.rst
+++ b/docs/releases/v2016.2.rst
+Gluon 2016.2
+============
+
+Added hardware support
+~~~~~~~~~~~~~~~~~~~~~~
+
+ar71xx-generic
+^^^^^^^^^^^^^^
+
+* ALFA Network
+
+  - Tube2H
+  - N2
+  - N5
+
+* Buffalo
+
+  - WZR-HP-G300NH2
+
+* GL Innovations
+
+  - GL-AR150
+
+* OpenMesh
+
+  - MR1750 v1, v2 [#ath10k]_
+  - OM2P-HS v3
+  - OM5P-AC v1, v2 [#ath10k]_
+
+* TP-Link
+
+  - Archer C5 v1 [#ath10k]_
+  - Archer C7 v2 [#ath10k]_
+  - TL-WR710N v2.1
+  - TL-WR842N/ND v3
+
+* Ubiquiti
+
+  - UniFi AP AC Lite [#ath10k]_
+  - UniFi AP AC Pro [#ath10k]_
+
+.. [#ath10k]
+  Device uses the ath10k WLAN driver; no image is built unless GLUON_ATH10K_MESH
+  is set as described in :ref:`getting-started-make-variables`
+
+brcm2708-bcm2708
+^^^^^^^^^^^^^^^^
+
+* Raspberry Pi 1
+
+brcm2708-bcm2709
+^^^^^^^^^^^^^^^^
+
+* Raspberry Pi 2
+
+New features
+~~~~~~~~~~~~
+
+* Many UBNT Airmax XM model names are detected correctly now (e.g., the Loco
+  is no longer displayed as Bullet) (`#632 <https://github.com/freifunk-gluon/gluon/pull/632>`_)
+
+  Also, various new image aliases have been added for these devices.
+
+* batman-adv: mesh_no_rebroadcast is now enabled for Mesh-on-WAN/LAN (`#652 <https://github.com/freifunk-gluon/gluon/issues/652>`_)
+
+* The new UCI option ``gluon-core.@wireless[0].preserve_channels`` can be used to
+  prevent a changed WLAN channel from being reset on firmware upgrades (`#640 <https://github.com/freifunk-gluon/gluon/pull/640>`_)
+
+* PoE passthrough can now be configured from site.conf and the Advanced Settings
+  on TP-Link CPE 210/510 and Ubiquiti NanoStations (`#328 <https://github.com/freifunk-gluon/gluon/issues/328>`_)
+
+* The config mode *altitude* field can now be hidden using the ``config_mode.geo_location.show_altitude``
+  site.conf setting (`#693 <https://github.com/freifunk-gluon/gluon/pull/693>`_)
+
+* The contact information field in the config mode can be made obligatory using
+  the ``config_mode.owner.obligatory`` site.conf option
+
+* The *node name* setting in the config mode is no longer restricted to valid DNS
+  hostnames, but allows any UTF-8 string (`#414 <https://github.com/freifunk-gluon/gluon/issues/414>`_)
+
+* Besides the hostname, public key, site config and primary MAC address, the contact
+  information can now be accessed from config mode site texts
+
+* The functions ``escape`` and ``urlescape`` for HTML and URL escaping are now available from config mode
+  site texts. They should always be used when including user-provided information like
+  hostnames and contact information in HTML code or URLs.
+
+* Dropbear has been updated to a newer version, enabling new SSH crypto methods and removing
+  some old ones like DSA. This reduces the time needed for the first boot and makes
+  SSH logins faster (`#223 <https://github.com/freifunk-gluon/gluon/issues/223>`_)
+
+* WLAN basic and supported rate sets have been made configurable, to allow disabling
+  802.11b rates (`#810 <https://github.com/freifunk-gluon/gluon/pull/810>`_)
+
+* ath10k-based devices are now supported officially; it's possible to choose between
+  IBSS- and 11s-capable firmwares in site.mk (`#864 <https://github.com/freifunk-gluon/gluon/issues/864>`_)
+
+* The ``prefix4`` and ``next_node.ip4`` site.conf options are optional now.
+
+Bugfixes
+~~~~~~~~
+
+* The stability of the ath9k WLAN driver has been improved significantly
+  (`#605 <https://github.com/freifunk-gluon/gluon/issues/605>`_)
+
+  mac80211, hostapd and other related drivers and services have been backported from LEDE ``42f559e``.
+
+* Extremely slow downloads could lead to multiple instances of the autoupdater
+  running concurrently (`#582 <https://github.com/freifunk-gluon/gluon/issues/582>`_)
+
+  A lockfile is used to prevent this and timeouts have been added to download processes.
+
+* Usage of static DNS servers on the WAN port has been fixed
+  (`#886 <https://github.com/freifunk-gluon/gluon/issues/886>`_)
+
+  This is a regression introduced in Gluon v2016.1.6.
+
+Other changes
+~~~~~~~~~~~~~
+
+* The "Expert Mode" has been renamed to "Advanced Settings"
+
+Site changes
+~~~~~~~~~~~~
+
+site.mk
+^^^^^^^
+
+If you want to support ath10k-based devices, you should set GLUON_ATH10K_MESH
+and GLUON_REGION as described in :ref:`getting-started-make-variables`.
+
+i18n
+^^^^
+
+As the hostname field may now contain an arbitrary UTF-8 string, escaping must
+be added.
+
+Change
+
+::
+
+  <%=hostname%>
+
+to
+
+::
+
+  <%=escape(hostname)%>
+
+Inside of URLs, ``urlescape`` must be used instead of ``escape``.
+
+Internals
+~~~~~~~~~
+
+* Mesh interfaces are now configured in a protocol-independent way in UCI (`#870 <https://github.com/freifunk-gluon/gluon/pull/870>`_)
+
+  The MAC address assignment of all mesh and WLAN interfaces has been modified to prepare for support of
+  Ralink/Mediatek-based WLAN chips.
+
+* Preparations for supporting the new batman-adv multicast optimizations have been made
+  (`#674 <https://github.com/freifunk-gluon/gluon/pull/674>`_, `#675 <https://github.com/freifunk-gluon/gluon/pull/675>`_,
+  `#679 <https://github.com/freifunk-gluon/gluon/pull/679>`_)
+
+* All Lua code is minified now to save some space
+
+Known Issues
+~~~~~~~~~~~~
+
+* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
+
+  Reducing the TX power in the Advanced Settings is recommended.
+
+* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
+
+  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
+
+* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
+
+  The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
--- a/docs/releases/v2017.1.1.rst
+++ b/docs/releases/v2017.1.1.rst
+Gluon 2017.1.1
+==============
+
+Bugfixes
+~~~~~~~~
+
+* The autoupdater manifest has been extended to allow automatic upgrades from
+  old *x86-kvm* and *x86-xen_domu* systems to the new *x86-generic* image
+  (`869ceb4 <https://github.com/freifunk-gluon/gluon/commit/869ceb425cd5f9db3eafddcc52377fd94c6ba0dd>`_)
+
+* Make flash writable again on Ubiquiti PicoStations with certain bootloader
+  versions (and possibly other devices)
+  (`9a787c9 <https://github.com/freifunk-gluon/gluon/commit/9a787c9878069158151c843b8fd9aa338815d61e>`_)
+
+  Units affected by this issue running Gluon v2017.1 can't leave config mode and
+  no regular sysupgrades are possible. TFTP recovery is necessary to make them
+  work again.
+
+* Add workaround to prevent sporadic segfaults of busybox (ash) when running shell scripts on ar71xx
+  (`#1157 <https://github.com/freifunk-gluon/gluon/issues/1157>`_)
+
+* Disable batman-adv multicast optimizations to work around issue causing large
+  amounts of management traffic
+  (`819758f <https://github.com/freifunk-gluon/gluon/commit/819758f4250af8820851945ba1a6c17748b0ab4b>`_)
+
+  Multicast optimizations will be enabled again when a proper fix is available.
+
+Known issues
+~~~~~~~~~~~~
+
+* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
+
+  Reducing the TX power in the Advanced Settings is recommended.
+
+* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
+
+  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
+
+* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
+
+  The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
--- a/docs/releases/v2017.1.2.rst
+++ b/docs/releases/v2017.1.2.rst
+Gluon 2017.1.2
+==============
+
+New features
+~~~~~~~~~~~~
+
+* Preserve *gw_mode* on sysupgrades (`#1196 <https://github.com/freifunk-gluon/gluon/issues/1196>`_)
+
+  When a Gluon node is used as uplink (for example by connecting it to a router with
+  a DHCP server directly, instead of using non-Gluon servers for the internet uplink),
+  the *gw_mode* must be set to *server* on that node. The changed *gw_mode* is now
+  preserved on upgrades.
+
+* Allow configuring the batman-adv routing algorithm (*BATMAN IV* or *BATMAN V*)
+  in *site.conf* (`#1185 <https://github.com/freifunk-gluon/gluon/pull/1185>`_)
+
+  *BATMAN V* still hasn't received extensive testing (and is incompatible with *BATMAN IV*).
+  This new option allows to set up *BATMAN V*-based test meshes. If unset, the routing
+  algorithm will default to *BATMAN IV*.
+
+  Configuration:
+
+  .. code-block:: lua
+
+    mesh = {
+      batman_adv = {
+        routing_algo = 'BATMAN_V'
+      }
+    }
+
+* New *show-release* Make target
+
+  The command ``make show-release`` can be used to print the release number
+  defined by *GLUON_RELEASE* to the standard output. This can be useful for build scripts
+  when a ``$(shell ...)`` expression is used in *site.mk* to generate the release
+  number.
+
+Bugfixes
+~~~~~~~~
+
+* The image build code used for some devices has been fixed, solving multiple
+  issues (`#1193 <https://github.com/freifunk-gluon/gluon/issues/1193>`_)
+
+  Problems caused by this issue include:
+
+  - sysupgrade rejecting Allnet images
+  - OpenMesh devices losing their configuration on upgrades
+
+  This is a regression introduced in Gluon v2017.1.
+
+* Improve sysupgrade error handling (`#1160 <https://github.com/freifunk-gluon/gluon/issues/1160>`_)
+
+  If for some reason processes don't react to SIGKILL (usually because of a kernel bug),
+  a node could hang forever in sysupgrade, requiring a power cycle. This has been
+  fixed, triggering a reboot instead.
+
+* Also display *gluon-config-mode:novpn* message when Tunneldigger is installed, but disabled
+  (`#1172 <https://github.com/freifunk-gluon/gluon/pull/1172>`_)
+
+  It was only displayed on nodes with fastd before.
+
+* Fix migration of enabled/disabled state between fastd and Tunneldigger
+  (`#1187 <https://github.com/freifunk-gluon/gluon/issues/1187>`_)
+
+Known issues
+~~~~~~~~~~~~
+
+* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
+
+  Reducing the TX power in the Advanced Settings is recommended.
+
+* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
+
+  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
+
+* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
+
+  The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
+
+* Sporadic segfaults of busybox (ash) when running shell scripts on ar71xx
+  (`#1157 <https://github.com/freifunk-gluon/gluon/issues/1157>`_)
+
+  The workaround added in Gluon v2017.1.1 has greatly reduced the frequency of
+  segfaults, but did not make them disappear completely.
--- a/docs/releases/v2017.1.3.rst
+++ b/docs/releases/v2017.1.3.rst
+Gluon 2017.1.3
+==============
+
+The LEDE base of Gluon has been updated to v17.01.3, including various updates,
+stability improvements and security fixes. This includes some critical fixes
+to core packages like dnsmasq (see below for details); upgrading all Gluon
+nodes to v2017.1.3 is highly recommended.
+
+
+Bugfixes
+~~~~~~~~
+
+* dnsmasq has been upgraded to v2.78, fixing CVE-2017-13704, CVE-2017-14491,
+  CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, 2017-CVE-14495 and
+  2017-CVE-14496
+
+  While many of the most severe (remote code execution) vulnerabilities are in
+  the DHCP component of dnsmasq, which is not active on a Gluon node unless in
+  Config Mode, CVE-2017-14491 does affect us. An attacker can cause memory
+  corruption and possibly remote code execution by deploying a malicious DNS
+  server and tricking a node into querying this server.
+
+* The Linux kernel has been upgraded to v4.4.89
+
+* Multiple security issues have been fixed in packages that are not usually part
+  of the Gluon build, including tcpdump, curl and mbedtls
+
+  Please refer to the
+  `LEDE commit log <https://git.openwrt.org/?p=openwrt/openwrt.git;a=shortlog;h=refs/heads/lede-17.01>`_
+  for details.
+
+* Filtering of multicast packets between the mesh and the *local-node* interface
+  has been fixed (`#1230 <https://github.com/freifunk-gluon/gluon/issues/1230>`_)
+
+  This issue was causing gluon-radvd to send a router advertisement to the local
+  clients whenever a router solicitation from the mesh was received. In busy
+  meshes, it would continuously send router advertisements every 3 seconds.
+
+* Reject autoupdater mirror URLs not starting with ``http://`` during build
+  (`9ab93992d1fc <https://github.com/freifunk-gluon/gluon/commit/9ab93992d1fca1b9cfa09c54d39cc92d3699055a>`_)
+
+* Fix MAC addresses on TP-Link TL-WR1043ND v4 when installing Gluon over newer
+  stock firmwares (`#1223 <https://github.com/freifunk-gluon/gluon/issues/1223>`_)
+
+
+Known issues
+~~~~~~~~~~~~
+
+* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
+
+  Reducing the TX power in the Advanced Settings is recommended.
+
+* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
+
+  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
+
+* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
+
+  The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
+
+* Sporadic segfaults of busybox (ash) when running shell scripts on ar71xx
+  (`#1157 <https://github.com/freifunk-gluon/gluon/issues/1157>`_)
+
+  The workaround added in Gluon v2017.1.1 has greatly reduced the frequency of
+  segfaults, but did not make them disappear completely.
--- a/docs/releases/v2017.1.4.rst
+++ b/docs/releases/v2017.1.4.rst
+Gluon 2017.1.4
+==============
+
+Added hardware support
+~~~~~~~~~~~~~~~~~~~~~~
+
+ar71xx-generic
+^^^^^^^^^^^^^^
+
+* GL Innovations GL-AR300M
+
+
+Bugfixes
+~~~~~~~~
+
+* LEDE has been updated to the latest stable commit, including various fixes for
+  the kernel (including security updates), and making opkg work again. This also
+  includes fixes for the KRACK issue (which is irrelevant for most Gluon
+  deployments, as Gluon nodes are rarely used as WLAN clients)
+  (`b62af904bbfd <https://github.com/freifunk-gluon/gluon/commit/b62af904bbfd6360ed728fc9ae69af3d8e8db1d7>`_,
+  `ba56b41ddaf6 <https://github.com/freifunk-gluon/gluon/commit/ba56b41ddaf6033e3cdef18d30da6b34cd438e8c>`_,
+  `ad0824136e5b <https://github.com/freifunk-gluon/gluon/commit/ad0824136e5b47482e11483c50e7bc88ba2c506e>`_,
+  `017fbe88bb8a <https://github.com/freifunk-gluon/gluon/commit/017fbe88bb8a89623464b02e09178696c1d077a6>`_)
+
+* Fix DNS resolution for mesh VPN (fastd / tunneldigger) on ARM-based targets
+  (`#1245 <https://github.com/freifunk-gluon/gluon/issues/1245>`_)
+
+* Fix a build issue in *kmod-jool*
+  (`06842728233a <https://github.com/freifunk-gluon/gluon/commit/06842728233a39784c437767eb9df4167ab07a87>`_)
+
+* Fix enabling/disabling PoE Passthrough in *site.conf* or in the
+  advanced settings
+  (`7268e49a301f <https://github.com/freifunk-gluon/gluon/commit/7268e49a301fcd643a49b329bd6097a0f85bdaBb>`_,
+  `7c2636d28264 <https://github.com/freifunk-gluon/gluon/commit/7c2636d28264df20b448b0160b69f5059c40b84a>`_)
+
+
+Known issues
+~~~~~~~~~~~~
+
+* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
+
+  Reducing the TX power in the Advanced Settings is recommended.
+
+* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
+
+  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
+
+* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
+
+  The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
+
+* Sporadic segfaults of busybox (ash) when running shell scripts on ar71xx
+  (`#1157 <https://github.com/freifunk-gluon/gluon/issues/1157>`_)
+
+  The workaround added in Gluon v2017.1.1 has greatly reduced the frequency of
+  segfaults, but it did not make them disappear completely.
--- a/docs/releases/v2017.1.5.rst
+++ b/docs/releases/v2017.1.5.rst
+Gluon 2017.1.5
+==============
+
+Added hardware support
+~~~~~~~~~~~~~~~~~~~~~~
+
+ar71xx-generic
+^^^^^^^^^^^^^^
+
+* TP-Link TL-WR1043N v5
+
+ramips-mt7621
+^^^^^^^^^^^^^
+
+* Ubiquiti EdgeRouter-X
+* Ubiquiti EdgeRouter-X SFP
+
+
+Bugfixes
+~~~~~~~~
+
+* Fix build with empty ``site/modules``
+  (`#1262 <https://github.com/freifunk-gluon/gluon/issues/1262>`_)
+
+* Fix Ethernet stalls at high throughput on certain devices
+  (`#1101 <https://github.com/freifunk-gluon/gluon/issues/1101>`_)
+
+* Update Tunneldigger to support connections with servers running newer kernel
+  versions (`9ed6ff752eb7 <https://github.com/freifunk-gluon/gluon/commit/9ed6ff752eb7972d90b138197641f12eeb4572fb>`_)
+
+* Fix batman-adv Bridge Loop Avoidance (BLA) with *gluon-ebtables-filter-multicast*
+  (`#1198 <https://github.com/freifunk-gluon/gluon/issues/1198>`_)
+
+
+Known issues
+~~~~~~~~~~~~
+
+* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
+
+  Reducing the TX power in the Advanced Settings is recommended.
+
+* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
+
+  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
+
+* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
+
+  The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
+
+* Sporadic segfaults of busybox (ash) when running shell scripts on ar71xx
+  (`#1157 <https://github.com/freifunk-gluon/gluon/issues/1157>`_)
+
+  The workaround added in Gluon v2017.1.1 has greatly reduced the frequency of
+  segfaults, but it did not make them disappear completely.
+
+* Frequent reboots due to out-of-memory on weak hardware in larger meshes
+  (`#1243 <https://github.com/freifunk-gluon/gluon/issues/1243>`_)
--- a/docs/releases/v2017.1.6.rst
+++ b/docs/releases/v2017.1.6.rst
+Gluon 2017.1.6
+==============
+
+Bugfixes
+~~~~~~~~
+
+* Remove broken DNS cache feature
+  (`#1362 <https://github.com/freifunk-gluon/gluon/issues/1362>`_)
+
+  It was found that dnsmasq does not handle all answer records
+  equally. In particular, its cached answers are missing DNSKEY and DS
+  records, breaking DNSSEC validation on clients.
+
+  Nodes can still resolve the next-node hostname locally and will continue to
+  work as DNS forwarders. The DNS cache feature may return if dnsmasq is fixed
+  or if we switch to a different resolver.
+
+* Ensure that corefiles are stored in /tmp rather than cluttering the root
+  filesystem
+  (`00df8b76e54c <https://github.com/freifunk-gluon/gluon/commit/00df8b76e54c9bb89299df4b2ec49e972046d6b6>`_)
+
+  Nodes upgrades from Gluon v2016.2.x or earlier did not set kernel.core_pattern
+  correctly, leading to corefiles being stored in the current directory (usually
+  / for system services) in the case of crashes.
+
+  This is a regression introduced in Gluon v2017.1.
+
+* Only request a single IPv6 address instead of a prefix on the WAN interface
+  (`5db54ba78c3 <https://github.com/freifunk-gluon/gluon/commit/5db54ba78c3e245f06e4a407371608f6cb247b49>`_)
+
+* Fix signal graph on status page when there are many neighbours
+  (packages/`d1e0b6e0bdae <https://github.com/freifunk-gluon/packages/commit/d1e0b6e0bdaea14d8b9425cee6ca83087be1a905>`_)
+
+* Fix config files managed by opkg not being saved on sysupgrades on ar71xx-tiny
+  (LEDE/`17c0362178ca <https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=17c0362178caf837680a4631b8d0de94e5393448>`_,
+  LEDE/`75be005e8bdc <https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=75be005e8bdcbf86f9ad167a8737126dda98a444>`_)
+
+* Fix kernel crash in batman-adv-14
+  (`#1358 <https://github.com/freifunk-gluon/gluon/issues/1358>`_)
+
+  Starting with Gluon v2017.1, respondd could trigger a kernel crash caused by
+  a use-after-free in batman-adv-14, in particular after a gateway disappeared.
+
+  batman-adv-15 is not affected.
+
+* Increase bridge multicast querier timeout ("robustness") to avoid
+  "querier appeared/disappeared" log spam by batman-adv in the presence of
+  an external querier
+  (`e305a8c01917 <https://github.com/freifunk-gluon/gluon/commit/e305a8c019179472dbfc6fccea6c87cf40c08a75>`_)
+
+* Fix "broken pipe" log spam caused by the status page
+  (`883c32f2f1dc <https://github.com/freifunk-gluon/gluon/commit/883c32f2f1dc368626069865c07a5701e3e9bcae>`_)
+
+* Reduce memory limit of WLAN packet queues to 256KB on devices with small RAM
+  (`e63c6ca01f50 <https://github.com/freifunk-gluon/gluon/commit/e63c6ca01f50c96d76e5570faa290617a8a312b4>`_)
+
+  Will hopefully make out-of-memory crashes in busy meshes less likely.
+
+* Improve image validation for TP-Link CPE/WBS 210/510 and make it ready for
+  future images
+  (LEDE/`6577fe2198f5 <https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=6577fe2198f5c75acb1dba789941d96a036f4dae>`_)
+
+  Future OpenWrt/Gluon images will move the image metadata ("support-list") of
+  the CPE/WBS 210/510 images to a different offset. Make sysupgrade ready
+  to allow installing such images.
+
+  This change was also backported to Gluon v2016.2.x to allow direct updates
+  to future Gluon master versions without installing v2017.1.x first.
+
+* Sporadic segfaults of busybox (ash) when running shell scripts on ar71xx
+  have disappeared with the latest updates
+  (`#1157 <https://github.com/freifunk-gluon/gluon/issues/1157>`_)
+
+
+Known issues
+~~~~~~~~~~~~
+
+* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
+
+  Reducing the TX power in the Advanced Settings is recommended.
+
+* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
+
+  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
+
+* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
+
+  The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
+
+* Frequent reboots due to out-of-memory on weak hardware in larger meshes
+  (`#1243 <https://github.com/freifunk-gluon/gluon/issues/1243>`_)
No results found