ESPHome 2021.9.0 - 15th September 2021¶
Web Server Vulnerability¶
It was brought to our attention by @andir that the Web Server Component had a vulnerability in that
the OTA form could be POST’d to without the basic auth credentials set in the
If you use the
web_server and rely on the credentials for security, then you need to upgrade to 2021.9.2 or
web_server completely. The Security Advisory on GitHub
has been given
You get the most out of your ESPHome devices when you combine it with Home Assistant, which offers a seamless and local integration to control and manage all your ESPHome devices. Today Home Assistant launched a crowdfunding campaign for the Home Assistant Yellow, the easiest way to get started with Home Assistant and a privacy focused smart home.
@OttoWinter has been hard at work adding a layer of encryption to the API which utilises the
noise protocol. This releases adds the capabilities to ESPHome devices, but Home Assistant (or other clients)
will need to upgrade their client libraries (e.g.
aioesphomeapi) before they can connect and communicate to
devices with encryption. This is scheduled to be available in Home Assistant 2021.10.
Packages have been extended to allow loading (multiple) YAML file(s) from a git repo. Take a look at the examples to see how to use them.
platform: midea_ac has been changed to
platform: midea in this release and has
quite a few upgrades. Check the docs for the new features. Midea Air Conditioner
SDM Meters have been fixed to use kWh instead of Wh as the energy unit of measurement.
The template selects, numbers and switches now have more validations on them preventing weird usage.
If you do not set a
lambda then you are required to make them either
optimistic: true, or
set_action (select/number) /