OpenWrt 22.03.3 third service release
Hauke Mehrtens
hauke at hauke-m.de
Sun Jan 8 17:04:54 PST 2023
Hi,
The OpenWrt community is proud to announce the newest stable release of
the OpenWrt 22.03 stable version series. It fixes security issues,
improves device support, and brings a few bug fixes.
Download firmware images using the OpenWrt Firmware Selector:
* https://firmware-selector.openwrt.org/?version=22.03.3
Download firmware images directly from our download servers:
* https://downloads.openwrt.org/releases/22.03.3/targets/
Main changes between OpenWrt 22.03.2 and OpenWrt 22.03.3:
========================================================
Security fixes
==============
* CVE-2022-30065: busybox: Fix a use-after-free in Busybox 1.35-x's
awk applet
* CVE-2022-0934: dnsmasq: Fixes single-byte, non-arbitrary write/use-
after-free flaw in dnsmasq DHCPv6 server
* CVE-2022-1304: e2fsprogs: An out-of-bounds read/write vulnerability
was found in e2fsprogs 1.46.5
* CVE-2022-47939: kmod-ksmbd: ZDI-22-1690: Linux Kernel ksmbd Use-
After-Free Remote Code Execution Vulnerability
* CVE-2022-46393: mbedtls: Fix potential heap buffer overread and
overwrite
* CVE-2022-46392: mbedtls: An adversary with access to precise enough
information about memory accesses can recover an RSA private key
* CVE 2022-42905: wolfssl: In the case that the WOLFSSL_CALLBACKS
macro is set when building wolfSSL, there is a potential heap over
read of 5 bytes when handling TLS 1.3 client connections.
Device support
==============
* Support for the following devices was added:
* Ruckus ZoneFlex 7372
* Ruckus ZoneFlex 7321
* ZTE MF289F
* TrendNet TEW-673GRU
* Linksys EA4500 v3
* Wavlink WS-WN572HP3 4G
* Fix reboot loop by using LZMA loader. This affects the following
devices:
* NETGEAR EX6150
* HiWiFi HC5962
* ASUS RT-N56U B1
* Belkin F9K1109v1
* D-Link DIR-645
* D-Link DIR-860L B1
* NETIS WF2881
* ZyXEL WAP6805
* Fix WAN mac address assignment. This affects the following devices:
* UniElec U7621-01
* UniElec U7621-06
* TP-Link AR7241
* TP-Link TL-WR740N
* TP-Link TL-WR741ND v4
* Teltonika RUT230
* Luma Home WRTQ-329ACN
* mvebu: Disable devices using broken mv88e6176 switch. This affects
the following devices:
* CZ.NIC Turris Omnia
* Linksys WRT1200AC
* Linksys WRT1900ACS
* Linksys WRT1900AC v1
* Linksys WRT1900AC v2
* Linksys WRT3200ACM
* Linksys WRT32X
* Linksys WRT3200ACM
* SolidRun ClearFog Pro
* lantiq/xrx200: Enable interrupts on second VPE
* layerscape: Fix SPI-NOR issues with vendor patches
* RouterBoard 912UAG: Fix reference clock
* TP-Link RE200 v3/v4: Fix LED configuration
* GL.iNet GL-MT1300: Fix flash access by reducing SPI clock
* Youku YK-L2 and YK-L1: Allow installing initramfs-kernel.bin over
vendor web UI
* D-Link DIR-825 B1: Add factory image recipe
* D-Link DIR-825-B1: Expand rootfs
* D-Link DGS-1210-10P: Add support for extra buttons and LEDs
* Asus RT-AC88U: Include Broadcom 4366b1 firmware by default
* AVM FRITZ!Box 7430: Include USB driver by default
* HAOYU Electronics MarsBoard A10: Include sound driver by default
* Linksys EA6350v3, EA8300, MR8300 and WHW01: Allow flashing Linksys
factory firmware
Various fixes and improvements
==============================
* firewall4: Fix boot hang with firewall4 and loadfile
* Added the following kernel packages:
* kmod-sched-prio (extracted from kmod-sched)
* kmod-sched-red (extracted from kmod-sched)
* kmod-sched-act-police (extracted from kmod-sched)
* kmod-sched-act-ipt (extracted from kmod-sched)
* kmod-sched-pie (extracted from kmod-sched)
* kmod-sched-drr
* kmod-sched-fq-pie
* kmod-sched-act-sample
* kmod-nvme
* kmod-phy-marvell
* kmod-hwmon-sht3x
* kmod-netconsole
* kmod-btsdio
* Added firmware files for mt7916 and mt7921 devices
* ucode: lexer: Fixes for regex literal parsing
* hostapd: Remove dtim_period option from device, it is already a BSS
property
* procd: Service: pass all arguments to service
* ustream-openssl: Disable renegotiation in TLSv1.2 and earlier
* comgt-ncm: Add support for quectel modem EC200T-EU
* umbim: Allow roaming and partner connections
* kernel: Add support for EON EN25QX128A spi nor flash
* iwinfo: Many bugfixes and improvements:
* improvements in showing the used band, ht mode and hw mode
* Added support for HE (Wifi 6) modes
* Added support for new devices (MT7921AU, MT7986 WiSoC)
* Add support for CCMP-256 and GCMP-256 ciphers
* uhttpd: Fix incorrectly emitting HTTP 413 for certain content
lengths
* gcc: Import patch fixing asm machine directive for powerpc
Core components update
======================
* Update Linux kernel from 5.10.146 to 5.10.161
* Update mac80211 backports from 5.15.58-1 to 5.15.81-1
* Update strace from 5.16 to 5.19
* Update mbedtls from 2.28.1 to 2.28.2
* Update openssl from 1.1.1q to 1.1.1s
* Update wolfssl from 5.5.1 to 5.5.4
* Update util-linux from 2.37.3 to 2.37.4
* Update firewall4 from 2022-10-14 to 2022-10-18
* Update odhcpd from 2022-03-22 to 2023-01-02
* Update uhttpd from 2022-08-12 to 2022-10-31
* Update iwinfo from 2022-08-19 to 2022-12-15
* Update ucode from 2022-10-07 to 2022-12-02
-----------------
Full release notes and upgrade instructions are available at
https://openwrt.org/releases/22.03/notes-22.03.3
In particular, make sure to read the regressions and known issues before
upgrading:
https://openwrt.org/releases/22.03/notes-22.03.3#known_issues
For a detailed list of all changes since 22.03.2, refer to
https://openwrt.org/releases/22.03/changelog-22.03.3
To download the 22.03.3 images, navigate to:
https://downloads.openwrt.org/releases/22.03.3/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org/?version=22.03.3
As always, a big thank you goes to all our active package maintainers,
testers, documenters and supporters.
Have fun!
The OpenWrt Community
---
To stay informed of new OpenWrt releases and security advisories, there
are new channels available:
* a low-volume mailing list for important announcements:
https://lists.openwrt.org/mailman/listinfo/openwrt-announce
* a dedicated "announcements" section in the forum:
https://forum.openwrt.org/c/announcements/14
* other announcement channels (such as RSS feeds) might be added in the
future, they will be listed at https://openwrt.org/contact
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x93DD20630910B515.asc
Type: application/pgp-keys
Size: 15497 bytes
Desc: OpenPGP public key
URL: <http://lists.openwrt.org/pipermail/openwrt-announce/attachments/20230109/7a51e6f9/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openwrt.org/pipermail/openwrt-announce/attachments/20230109/7a51e6f9/attachment-0001.sig>
More information about the openwrt-announce
mailing list