OpenWrt 19.07.5 service release

Hauke Mehrtens hauke at hauke-m.de
Wed Dec 9 18:49:38 EST 2020


Hi,

The OpenWrt community is proud to announce the fifth service release of 
OpenWrt 19.07. It focuses on fixing several regression as well as 
security issues.

Main changes from OpenWrt 19.07.4

Security fixes
* Security Advisory 2020-12-09-2 - libuci import heap use after free
   (CVE-2020-28951)
* Security Advisory 2020-12-09-1 - Linux kernel - ICMP rate limiting can
   be used to facilitate DNS poisoning attack (CVE-2020-25705)
* musl: fix possible destination buffer overflow in some applications
   (CVE-2020-28928)

Note: security fixes for most packages can also be applied by upgrading 
only the affected packages on running devices, without the need for a 
full firmware upgrade. This can be done with opkg update; opkg upgrade 
the_package_name or through the LuCI web interface.

Nevertheless, we encourage all users to upgrade their devices to OpenWrt 
19.07.5 or later versions whenever possible.

Major bug fixes
* Fix regression in 19.07.4 causing transmit timeout and packet loss on
   mt7620 devices: FS#3332
* Fix regression in 19.07.4 where VLAN tagging no longer works on
   ipq40xx devices: FS#3239
* Fix long-standing instability issue on Ethernet link on several ath79
   devices: FS#2216, FS#2730, FS#3225

Device support
* Various fixes for My Net Range Extender, PowerCloud Systems CAP324,
   D-Link DIR-645, Quad-E4G
* Support newer version of Turris Omnia
* Fix ath9k firmware extraction for UniFi AP
* Fix MAC address assignment on UniFi AC family (UniFi AC Mesh,
   UniFi AC LR, UniFi Lite)
* Allow booting espressobin with a mainline firmware

Various fixes and improvements
* Fix support for 3G USB modems
* uhttpd: fix spurious keepalive connection timeouts
* firewall: fix parsing of boolean attributes
* mac80211: do not allow bigger VHT MPDUs than the hardware supports

LuCI web interface
* Set the fallback default of rollback timeout to 90s
* luci-app-firewall: fix removing networks from zone (GH#4523, GH#4573)
* rpcd-mod-luci: handle lease files from all dnsmasq/odhcpd sections
   (GH#911, GH#4303, GH#4308)
* luci-app-firewall: rules: add ICMPv6 Packet Too Big (Type 2)
* Update translations from weblate

Core components
* Update Linux kernel from 4.14.195 to 4.14.209
* Update intel-microcode from 20190918 to 20200616
* Update amd-microcode from 20180524 to 20191218


Full release notes and upgrade instructions are available at
https://openwrt.org/releases/19.07/notes-19.07.5

In particular, make sure to read the regressions and known issues before 
upgrading:
https://openwrt.org/releases/19.07/notes-19.07.5#regressions

For a very detailed list of all changes since 19.07.4, refer to
https://openwrt.org/releases/19.07/changelog-19.07.5

- ---

To stay informed of new OpenWrt releases and security advisories, there
are new channels available:

  * a low-volume mailing list for important announcements: 
https://lists.openwrt.org/mailman/listinfo/openwrt-announce

  * a dedicated "announcements" section in the forum: 
https://forum.openwrt.org/c/announcements/14

  * other announcement channels (such as RSS feeds) might be added in the
    future, they will be listed at https://openwrt.org/contact

- ---

For latest information about the 19.07 series, refer to the wiki at:
https://openwrt.org/releases/19.07/

To download a OpenWrt 19.07.5 firmware image for your device, head to 
the Table of Hardware:
https://openwrt.org/toh/start

Or navigate directly in the list of firmware images:
https://downloads.openwrt.org/releases/19.07.5/targets/

As always, a big thank you goes to all our active package maintainers,
testers, documenters, and supporters.

Have fun!

The OpenWrt Community

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openwrt.org/pipermail/openwrt-announce/attachments/20201210/a96ff30a/attachment-0001.sig>


More information about the openwrt-announce mailing list