OpenWrt 21.02.3 Third service release

Hauke Mehrtens hauke at hauke-m.de
Wed Apr 20 15:21:32 PDT 2022


Hi,

The OpenWrt community is proud to announce the third service release of 
OpenWrt 21.02. It fixes security issues, improves device support, and 
brings a few bug fixes.

We recently moved our bugs to GitHub, please report issues over there 
(after checking that nobody else posted the same issue before).
https://github.com/openwrt/openwrt/issues/

Download firmware images via the Firmware Selector or directly from our 
download servers:
	• https://firmware-selector.openwrt.orghttps://downloads.openwrt.org/releases/21.02.3/

Main changes from OpenWrt 21.02.2:

Security fixes
==============

  * wolfssl: Fix multiple security problems
    (CVE-2022-25638, CVE-2022-25640)
  * openssl: Fix security problem (CVE-2022-0778)
  * zlib: Backport security fix for a reproducible crash in compressor

Device support
==============

  * Support for the following devices was added:
    * Yuncore XD3200
    * Yuncore A930
    * MikroTik RouterBOARD mAPL-2nD (mAP lite)
  * ramips: Make memory detection more reliable
  * ramips: Fix reboot for remaining 32 MB boards
  * x86: Add pata_sis driver
  * ipTIME mt7620 devices: Fix flash detection
  * Turris Omnia: Improve detection of u-boot environment with
    U-boot 2021.09
  * Ubiquiti UniFi: Fix label MAC address
  * mvebu: udpu: Fix initramfs booting
  * a20-olinuxino-lime2: Fix Ethernet link detection on
  * TP-Link TL-WR1043ND v4: Fix TPLINK_HWREV field
  * OCEDO Raccoon: Fix link for long cables
  * Ubiquiti UniFi AP Outdoor+: Fix label MAC address
  * TP-Link WPA8630Pv2: Move to ath79-tiny target
  * Improve support for some GPON SFP modules

Various fixes and improvements
==============================

  * Fix SSL certificate validation with some sites especially sites
    using Let’s Encrypt certificates
  * hostapd fixes and improvemnts:
    * fix radius problem due to invalid attributes
    * Expose more data over ubus
  * base-files: Call “sync” after initial setup
  * imagebuilder: Fix broken image generation with external targets

Core components
===============

  * Update Linux kernel from 5.4.179 to 5.4.188
  * Update openssl from 1.1.1m to 1.1.1n
  * Update cypress-firmware from 5.4.18-2020_0402 to 5.4.18-2021_0812
  * Update mac80211 from 5.10.85 to 5.10.110
  * Update wolfssl from 5.1.1 to 5.2.0


Known issues
============

  * Some IPv6 packets are dropped when software flow offloading is used:
    https://bugs.openwrt.org/index.php?do=details&task_id=3373
    * As a workaround, do not activate software flow offloading, it is
      deactivate by default.

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/21.02/notes-21.02.3

In particular, make sure to read the regressions and known issues before 
upgrading:
https://openwrt.org/releases/21.02/notes-21.02.3#regressions

For a detailed list of all changes since 21.02.2, refer to
https://openwrt.org/releases/21.02/changelog-21.02.3

To download the 21.02.3 images, navigate to:
https://downloads.openwrt.org/releases/21.02.3/

As always, a big thank you goes to all our active package maintainers,
testers, documenters, and supporters.

Have fun!

The OpenWrt Community

---

To stay informed of new OpenWrt releases and security advisories, there
are new channels available:

  * a low-volume mailing list for important announcements:
https://lists.openwrt.org/mailman/listinfo/openwrt-announce

  * a dedicated "announcements" section in the forum:
https://forum.openwrt.org/c/announcements/14

  * other announcement channels (such as RSS feeds) might be added in the
    future, they will be listed at https://openwrt.org/contact



More information about the openwrt-announce mailing list