peter/homelab-docker-config

Fork 0

Update pihole/pihole Docker tag to v2026.04.0 #306

Merged

renovate-bot merged 0 commits from refs/pull/306/head into master

2026-04-06 19:23:57 +00:00

renovate-bot commented

2026-04-06 00:03:13 +00:00

(Migrated from gitea.smittenfeld.nl)

This PR contains the following updates:

Package	Update	Change
pihole/pihole	minor	`2026.02.0` → `2026.04.0`

Release Notes

pi-hole/docker-pi-hole (pihole/pihole)

`v2026.04.0`

Compare Source

Group dependabot PRs to reduce PR spam by @yubiuser in #2004
ci: switch image publishing to docker/github-builder by @crazy-max in #2008
Readme Rework by @PromoFaux in #1958
Replace Python test suite with BATS and consolidate workflows by @PromoFaux in #2009
Add timeout to curl command in branch validation by @RynoCODE in #2011
Use bats-assert library functions in BATS test suite by @Copilot in #2018
ci: run build job on pull request event by @crazy-max in #2021
Update github-builder to v1.5.0 and enable fail-fast by @yubiuser in #2022

New Contributors

@crazy-max made their first contribution in #2008
@RynoCODE made their first contribution in #2011
@Copilot made their first contribution in #2018

Full Changelog: https://github.com/pi-hole/docker-pi-hole/compare/2026.02.0...2026.04.0

Component Release Notes

What's Changed (FTL v6.6)

Fix possible resolver issue on armv5tel by @DL6ER in pi-hole/FTL#2781
Introduce CMake options for optional dependencies by @aeolio in pi-hole/FTL#2795
Fix build without mbedtls [v2] by @aeolio in pi-hole/FTL#2796
Fix overTime data when database.DBimport = false by @DL6ER in pi-hole/FTL#2788
Fix cross-compilation issues w/ custom toolchain by @aeolio in pi-hole/FTL#2797
Add new option for controling name resolution via MAC address by @DL6ER in pi-hole/FTL#2790
Fix obtaining client groups by name by @DL6ER in pi-hole/FTL#2791
Ensure API sessions are restored before starting the HTTP server by @DL6ER in pi-hole/FTL#2803
Add form-action 'self' to Content-Security-Policy by @yubiuser in pi-hole/FTL#2804
Add query_frequency to /padd endpoint by @yubiuser in pi-hole/FTL#2806
Guard query-count counters against unsigned underflow by @DL6ER in pi-hole/FTL#2815
Add universal crash backtrace via _Unwind_Backtrace by @DL6ER in pi-hole/FTL#2811
config: show totp_secret presence in CLI output by @DL6ER in pi-hole/FTL#2813
Fix client count inflation for rate-limited queries by @DL6ER in pi-hole/FTL#2814
Fix stack buffer overflow in get_process_name() by @DL6ER in pi-hole/FTL#2821
Do not restart FTL while pihole -g is still ongoing by @DL6ER in pi-hole/FTL#2419

Security Advisories

GHSA-r7g8-3fj7-m5qq - Authorization bypass: CLI API sessions can import Teleporter archives and modify configuration reported by @mzalzahrani
Remote Code Execution (RCE) via Newline Injection in Multiple Configuration Parameters reported by @T0X1Cx

New Contributors

@aeolio made their first contribution in pi-hole/FTL#2795

Full Changelog: https://github.com/pi-hole/FTL/compare/v6.5...v6.6

What's Changed (Web v6.5)

Amend teleporter help text that the long-term data is not included by @yubiuser in pi-hole/web#3721
Do not use 3 columns when boxed layout is used by @rdwebdesign in pi-hole/web#3722
Use ENTER instead of ⏎ by @yubiuser in pi-hole/web#3727
Don't link to github releases if docker tag is nightly by @yubiuser in pi-hole/web#3718
Do not try to compare component version when remote version info is not available by @yubiuser in pi-hole/web#3729
Show loading overlay when adding/removing CNAME records as it requires a FTL restart by @yubiuser in pi-hole/web#3742
fix: check on responseJSON when wrong password by @guybrush2105 in pi-hole/web#3693
Remove the loggingButton from Settings > System > Actions by @yubiuser in pi-hole/web#3747

Security Advisories

Multiple Stored HTML Injections and XSS in different web interface pages reported by @andrejtomci

New Contributors

@guybrush2105 made their first contribution in pi-hole/web#3693

Full Changelog: https://github.com/pi-hole/web/compare/v6.4.1...v6.5

What's Changed (Core v6.4.1)

Remove additional ':' from debug log system time output by @yubiuser in pi-hole/pi-hole#6551
Remove readonly from piholeNetworkFlush.sh to avoid error message by @rdwebdesign in pi-hole/pi-hole#6554
Add antigravity index by @DL6ER in pi-hole/pi-hole#6573
Fix return status capture of FTL check_download exists by @yubiuser in pi-hole/pi-hole#6572
Remove misleading TODO comment for SetWebPassword by @10adnan75 in pi-hole/pi-hole#6531

Security Advisories

GHSA-c935-8g63-qp74 – Local Privilege Escalation reported by @smittix

New Contributors

@10adnan75 made their first contribution in pi-hole/pi-hole#6531
@Copilot made their first contribution in pi-hole/pi-hole#6580

Full Changelog: https://github.com/pi-hole/pi-hole/compare/v6.4...v6.4.1

Configuration

📅 Schedule: (UTC)

Branch creation
- At any time (no schedule defined)
Automerge
- At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [pihole/pihole](https://github.com/pi-hole/docker-pi-hole) | minor | `2026.02.0` → `2026.04.0` | --- ### Release Notes <details> <summary>pi-hole/docker-pi-hole (pihole/pihole)</summary> ### [`v2026.04.0`](https://github.com/pi-hole/docker-pi-hole/releases/tag/2026.04.0) [Compare Source](https://github.com/pi-hole/docker-pi-hole/compare/2026.02.0...2026.04.0)  #### What's Changed (Docker Specific - all related to CI/build) - Group dependabot PRs to reduce PR spam by [@yubiuser](https://github.com/yubiuser) in [#2004](https://github.com/pi-hole/docker-pi-hole/pull/2004) - ci: switch image publishing to docker/github-builder by [@crazy-max](https://github.com/crazy-max) in [#2008](https://github.com/pi-hole/docker-pi-hole/pull/2008) - Readme Rework by [@PromoFaux](https://github.com/PromoFaux) in [#1958](https://github.com/pi-hole/docker-pi-hole/pull/1958) - Replace Python test suite with BATS and consolidate workflows by [@PromoFaux](https://github.com/PromoFaux) in [#2009](https://github.com/pi-hole/docker-pi-hole/pull/2009) - Add timeout to curl command in branch validation by [@RynoCODE](https://github.com/RynoCODE) in [#2011](https://github.com/pi-hole/docker-pi-hole/pull/2011) - Use bats-assert library functions in BATS test suite by [@Copilot](https://github.com/Copilot) in [#2018](https://github.com/pi-hole/docker-pi-hole/pull/2018) - ci: run build job on pull request event by [@crazy-max](https://github.com/crazy-max) in [#2021](https://github.com/pi-hole/docker-pi-hole/pull/2021) - Update github-builder to v1.5.0 and enable fail-fast by [@yubiuser](https://github.com/yubiuser) in [#2022](https://github.com/pi-hole/docker-pi-hole/pull/2022) #### New Contributors - [@crazy-max](https://github.com/crazy-max) made their first contribution in [#2008](https://github.com/pi-hole/docker-pi-hole/pull/2008) - [@RynoCODE](https://github.com/RynoCODE) made their first contribution in [#2011](https://github.com/pi-hole/docker-pi-hole/pull/2011) - [@Copilot](https://github.com/Copilot) made their first contribution in [#2018](https://github.com/pi-hole/docker-pi-hole/pull/2018) **Full Changelog**: <https://github.com/pi-hole/docker-pi-hole/compare/2026.02.0...2026.04.0> #### Component Release Notes  #### What's Changed (FTL v6.6) - Fix possible resolver issue on armv5tel by [@DL6ER](https://github.com/DL6ER) in [pi-hole/FTL#2781](https://github.com/pi-hole/FTL/pull/2781) - Introduce CMake options for optional dependencies by [@aeolio](https://github.com/aeolio) in [pi-hole/FTL#2795](https://github.com/pi-hole/FTL/pull/2795) - Fix build without mbedtls \[v2] by [@aeolio](https://github.com/aeolio) in [pi-hole/FTL#2796](https://github.com/pi-hole/FTL/pull/2796) - Fix overTime data when database.DBimport = false by [@DL6ER](https://github.com/DL6ER) in [pi-hole/FTL#2788](https://github.com/pi-hole/FTL/pull/2788) - Fix cross-compilation issues w/ custom toolchain by [@aeolio](https://github.com/aeolio) in [pi-hole/FTL#2797](https://github.com/pi-hole/FTL/pull/2797) - Add new option for controling name resolution via MAC address by [@DL6ER](https://github.com/DL6ER) in [pi-hole/FTL#2790](https://github.com/pi-hole/FTL/pull/2790) - Fix obtaining client groups by name by [@DL6ER](https://github.com/DL6ER) in [pi-hole/FTL#2791](https://github.com/pi-hole/FTL/pull/2791) - Ensure API sessions are restored before starting the HTTP server by [@DL6ER](https://github.com/DL6ER) in [pi-hole/FTL#2803](https://github.com/pi-hole/FTL/pull/2803) - Add form-action 'self' to Content-Security-Policy by [@yubiuser](https://github.com/yubiuser) in [pi-hole/FTL#2804](https://github.com/pi-hole/FTL/pull/2804) - Add query\_frequency to /padd endpoint by [@yubiuser](https://github.com/yubiuser) in [pi-hole/FTL#2806](https://github.com/pi-hole/FTL/pull/2806) - Guard query-count counters against unsigned underflow by [@DL6ER](https://github.com/DL6ER) in [pi-hole/FTL#2815](https://github.com/pi-hole/FTL/pull/2815) - Add universal crash backtrace via \_Unwind\_Backtrace by [@DL6ER](https://github.com/DL6ER) in [pi-hole/FTL#2811](https://github.com/pi-hole/FTL/pull/2811) - config: show totp\_secret presence in CLI output by [@DL6ER](https://github.com/DL6ER) in [pi-hole/FTL#2813](https://github.com/pi-hole/FTL/pull/2813) - Fix client count inflation for rate-limited queries by [@DL6ER](https://github.com/DL6ER) in [pi-hole/FTL#2814](https://github.com/pi-hole/FTL/pull/2814) - Fix stack buffer overflow in get\_process\_name() by [@DL6ER](https://github.com/DL6ER) in [pi-hole/FTL#2821](https://github.com/pi-hole/FTL/pull/2821) - Do not restart FTL while `pihole -g` is still ongoing by [@DL6ER](https://github.com/DL6ER) in [pi-hole/FTL#2419](https://github.com/pi-hole/FTL/pull/2419) #### Security Advisories - [GHSA-r7g8-3fj7-m5qq - Authorization bypass: CLI API sessions can import Teleporter archives and modify configuration](https://github.com/pi-hole/FTL/security/advisories/GHSA-r7g8-3fj7-m5qq) reported by [@mzalzahrani](https://github.com/mzalzahrani) - Remote Code Execution (RCE) via Newline Injection in Multiple Configuration Parameters reported by [@T0X1Cx](https://github.com/T0X1Cx) - [pi-hole/FTL/security/advisories/GHSA-vfmq-jrx3-wv3c](https://github.com/pi-hole/FTL/security/advisories/GHSA-vfmq-jrx3-wv3c) - [pi-hole/FTL/security/advisories/GHSA-wxhv-w77q-6qwp](https://github.com/pi-hole/FTL/security/advisories/GHSA-wxhv-w77q-6qwp) - [pi-hole/FTL/security/advisories/GHSA-28g5-gg88-wh5m](https://github.com/pi-hole/FTL/security/advisories/GHSA-28g5-gg88-wh5m) - [pi-hole/FTL/security/advisories/GHSA-fqv2-qhfh-ghcj](https://github.com/pi-hole/FTL/security/advisories/GHSA-fqv2-qhfh-ghcj) - [pi-hole/FTL/security/advisories/GHSA-23w8-7333-p9fj](https://github.com/pi-hole/FTL/security/advisories/GHSA-23w8-7333-p9fj) #### New Contributors - [@aeolio](https://github.com/aeolio) made their first contribution in [pi-hole/FTL#2795](https://github.com/pi-hole/FTL/pull/2795) **Full Changelog**: <https://github.com/pi-hole/FTL/compare/v6.5...v6.6>  #### What's Changed (Web v6.5) - Amend teleporter help text that the long-term data is not included by [@yubiuser](https://github.com/yubiuser) in [pi-hole/web#3721](https://github.com/pi-hole/web/pull/3721) - Do not use 3 columns when boxed layout is used by [@rdwebdesign](https://github.com/rdwebdesign) in [pi-hole/web#3722](https://github.com/pi-hole/web/pull/3722) - Use <kbd>ENTER</kbd> instead of <kbd>⏎</kbd> by [@yubiuser](https://github.com/yubiuser) in [pi-hole/web#3727](https://github.com/pi-hole/web/pull/3727) - Don't link to github releases if docker tag is nightly by [@yubiuser](https://github.com/yubiuser) in [pi-hole/web#3718](https://github.com/pi-hole/web/pull/3718) - Do not try to compare component version when remote version info is not available by [@yubiuser](https://github.com/yubiuser) in [pi-hole/web#3729](https://github.com/pi-hole/web/pull/3729) - Show loading overlay when adding/removing CNAME records as it requires a FTL restart by [@yubiuser](https://github.com/yubiuser) in [pi-hole/web#3742](https://github.com/pi-hole/web/pull/3742) - fix: check on responseJSON when wrong password by [@guybrush2105](https://github.com/guybrush2105) in [pi-hole/web#3693](https://github.com/pi-hole/web/pull/3693) - Remove the loggingButton from Settings > System > Actions by [@yubiuser](https://github.com/yubiuser) in [pi-hole/web#3747](https://github.com/pi-hole/web/pull/3747) #### Security Advisories - Multiple Stored HTML Injections and XSS in different web interface pages reported by [@andrejtomci](https://github.com/andrejtomci) - [GHSA-jx8x-mj2r-62vq - Stored HTML Injection in queries.js](https://github.com/pi-hole/web/security/advisories/GHSA-jx8x-mj2r-62vq) - [GHSA-9rfm-c5g6-538p - Stored HTML attribute injection](https://github.com/pi-hole/web/security/advisories/GHSA-9rfm-c5g6-538p) - [GHSA-px6w-85wp-ww9v - Stored XSS / HTML injection in the Network page/Dashboard](https://github.com/pi-hole/web/security/advisories/GHSA-px6w-85wp-ww9v) - [GHSA-7xqw-r9pr-qv59 - Reflected XSS / HTML injection in taillog.js](https://github.com/pi-hole/web/security/advisories/GHSA-7xqw-r9pr-qv59) (Also reported by [@n1rwhex](https://github.com/n1rwhex) and [@mzalzahrani](https://github.com/mzalzahrani)) #### New Contributors - [@guybrush2105](https://github.com/guybrush2105) made their first contribution in [pi-hole/web#3693](https://github.com/pi-hole/web/pull/3693) **Full Changelog**: <https://github.com/pi-hole/web/compare/v6.4.1...v6.5>  #### What's Changed (Core v6.4.1) - Remove additional ':' from debug log system time output by [@yubiuser](https://github.com/yubiuser) in [pi-hole/pi-hole#6551](https://github.com/pi-hole/pi-hole/pull/6551) - Remove `readonly` from piholeNetworkFlush.sh to avoid error message by [@rdwebdesign](https://github.com/rdwebdesign) in [pi-hole/pi-hole#6554](https://github.com/pi-hole/pi-hole/pull/6554) - Add antigravity index by [@DL6ER](https://github.com/DL6ER) in [pi-hole/pi-hole#6573](https://github.com/pi-hole/pi-hole/pull/6573) - Fix return status capture of FTL check\_download exists by [@yubiuser](https://github.com/yubiuser) in [pi-hole/pi-hole#6572](https://github.com/pi-hole/pi-hole/pull/6572) - Remove misleading TODO comment for SetWebPassword by [@10adnan75](https://github.com/10adnan75) in [pi-hole/pi-hole#6531](https://github.com/pi-hole/pi-hole/pull/6531) #### Security Advisories - [GHSA-c935-8g63-qp74 – Local Privilege Escalation](https://github.com/pi-hole/pi-hole/security/advisories/GHSA-c935-8g63-qp74) reported by [@smittix](https://github.com/smittix) #### New Contributors - [@10adnan75](https://github.com/10adnan75) made their first contribution in [pi-hole/pi-hole#6531](https://github.com/pi-hole/pi-hole/pull/6531) - [@Copilot](https://github.com/Copilot) made their first contribution in [pi-hole/pi-hole#6580](https://github.com/pi-hole/pi-hole/pull/6580) **Full Changelog**: <https://github.com/pi-hole/pi-hole/compare/v6.4...v6.4.1> </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

No reviewers

No labels

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

peter/homelab-docker-config!306

No description provided.

Rows
Columns