OpenWrt 19.07.8 service release

Hauke Mehrtens hauke at hauke-m.de
Sat Aug 7 11:59:17 PDT 2021


Hi,

The OpenWrt community is proud to announce the eighth service release of 
OpenWrt 19.07. It fixes security issues, improves device support, and
brings a few bug fixes.

The main changes from OpenWrt 19.07.7 are:

Security fixes
==============

  * Fix FragAttacks (fragmentation and aggregation attacks)
    vulnerabilities in cfg80211, mac80211, ath10k and ath10k-ct
   * We are not sure if some closed source firmware files are still
     affected by these problems.
  * Security Advisory 2021-08-01-1 - XSS via missing input validation of
    host names displayed (CVE-2021-32019)
  * Security Advisory 2021-08-01-2 - Stored XSS in hostname UCI variable
    (CVE-2021-33425)
  * Security Advisory 2021-08-01-3 - luci-app-ddns: Multiple
    authenticated RCEs (CVE-2021-28961)
  * Various security fixes in packages

Major bug fixes
===============

  * Minor bugfixes to support GCC 11 as host compiler

Device support
==============

  * TP-Link C7v5 allow flashing from vendor firmware bigger than v1.1
  * FRIZZ!Box 7320 Activate power supply to USB ports.

Various fixes and improvements
==============================

* Only pack the signing keys for OpenWrt 19.07 and 21.02 and not the
   personal keys any more.

Core components
===============

  * Update Linux kernel from 4.14.221 to 4.14.241
  * Update mac80211 from 4.19.161-1 to 4.19.193-1
  * Update ath10k-ct 4.19 driver from 2019-09-09 to 2021-06-03
  * Update OpenVPN from 2.4.7 to 2.4.11
  * Update openssl from 1.1.1i to 1.1.1k
  * Update mbedtls from 2.16.9 to 2.16.10
  * Update wolfssl from 4.6.0 to 4.7.0


Full release notes and upgrade instructions are available at
https://openwrt.org/releases/19.07/notes-19.07.8

In particular, make sure to read the regressions and known issues before
upgrading:
https://openwrt.org/releases/19.07/notes-19.07.8#regressions

For a very detailed list of all changes since 19.07.7, refer to
https://openwrt.org/releases/19.07/changelog-19.07.8

For latest information about the 19.07 series, refer to the wiki at:
https://openwrt.org/releases/19.07/

To download a OpenWrt 19.07.8 firmware image for your device, head to 
the Table of Hardware:
https://openwrt.org/toh/start

Or use the new firmware selector:
https://firmware-selector.openwrt.org/

You can also navigate directly in the list of firmware images:
https://downloads.openwrt.org/releases/19.07.8/targets/

As always, a big thank you goes to all our active package maintainers,
testers, documenters, and supporters.

Have fun!

The OpenWrt Community

---

To stay informed of new OpenWrt releases and security advisories, there
are new channels available:

  * a low-volume mailing list for important announcements:
https://lists.openwrt.org/mailman/listinfo/openwrt-announce

  * a dedicated "announcements" section in the forum:
https://forum.openwrt.org/c/announcements/14

  * other announcement channels (such as RSS feeds) might be added in the
    future, they will be listed at https://openwrt.org/contact



More information about the openwrt-announce mailing list