AWC 500 PCM5.2 software bundle (CODESYS SP15 Patch 20)

3.0.6.0

Fixed:

- https supports more secure methods with openssl 1.1.1k.
- Web interface: CODESYS webvisu detection failed after change to https.
- Memory free information in web interface and REST API now includes buffers and cached memory.
- Updated ethercatio to v1.1.4.1.
- Fixed mutex handling when using UART with IFM5.1 and IFM6.1.
- OE-Lite updated to continue to build as github no longer accepts http. This also causes changes to some of the package versions.

Added:

- Added gdb to the controller.
- Added backup/restore feature to web interface.
- nginx currently not configured and not started by default. Beware that applications may leave persistent config in /app/nginx.
- Added HID and HIDRAW configuration to the kernel, which are need for CODESYS Key (USB dongle).
- Added dedicated worker thread to solve low latency.
- Added `appmode` support to get the current status.

Changed:

- Openssl updated to version 1.1.1k.
- Added Windows SDK again since it contains tools for bootstrapping use in production.
- An empty /data/sysconf/ethercat file can be used to prevent EtherCAT master operation.
- SCP protocol support in OpenSSH removed. Users will have to use SFTP protocol instead.
- The vsftpd server will only be started automatically if configured with custom /data/sysconf/vsftpd.conf file.

Security:

- Updated Vue.js and jQuery components to fix various security issues.
- Updated OpenSSH to fix various security issues, including CVE-2020-14145.
- Updated OpenSSL to fix various security issues, including CVE-2022-0778.
- Updated lighttpd to fix various security issues, including CVE-2008-0983, CVE-2018-19052 and CVE-2019-11072.
- Updated busybox to fix various security issues.
- Lighttpd configuration changed to set X-Frame-Options HTTP header to protect against "clickjacking" attacks.
- Lighttpd configuration changed to set X-Content-Type-Options HTTP header to protect against MIME-sniffing on the response body.