This changelog lists all commits done in OpenWrt since the v23.05.0-rc2 tag, grouped by subsystem. The changes are chronologically ordered from top to bottom and cover the Git repository history until the tagging of the 23.05.0-rc3 release.
See also the release notes that provide a more accessible overview of the main changes in 23.05.0-rc3.
c719dfd
kernel: bump 5.15 to 5.15.119 (+131,-131)
27f68a3
kernel: fix KernelPackage when all KCONFIG are versioned (+1,-1)
5678bb8
kernel: bump 5.15 to 5.15.120 (+8,-8)
977ee43
image: add additional fields to Netgear encrypted image (+26,-2)
50507f5
scripts/mkits.sh: DT overlays don't need a loadaddr (-7)
4ab8abf
build: fix generation of large .vdi images (+8,-2)
476bf13
mediatek: add support for ZyXEL NWA50AX Pro (+298,-1)
5ded0a3
scripts: use sep-char for hash nodes (+10,-10)
7efec0a
kernel: bump 5.15 to 5.15.123 (+214,-571)
795a5dd
kernel: bump 5.15 to 5.15.124 (+46,-41)
ec0ff92
kernel: bump 5.15 to 5.15.125 (+41,-39)
a23aa1c
kernel: bump 5.15 to 5.15.126 (+11,-7)
c57275d
scripts: qemustart: Fix x86/legacy bootup (+2,-2)
097d689
kernel: bump 5.15 to 5.15.127 (+26,-26)
6eb6a75
kernel: modules: add xdp-sockets-diag support (+32)
2c69d3e
kernel: default ARM_PMU on for armsr/armv8 (+1)
2cece6e
firmware-utils: bump to git HEAD (+3,-3)
⇒ 1d42292
tplink-safeloader: Add TP-Link Archer A6 V3.20 (+3,-1)
⇒ 3338f53
tplink-safeloader: add TL-WPA8635P v3 (+4,-3)
⇒ 17ca5ee
tplink-safeloader: add TL-WPA8631P v4 (+1)
⇒ f730ad2
bcmblob: new tool for reading Broadcom's BLOBs (+456)
⇒ cb1ddac
firmware-utils: fix typo in error message when no OpenSSL library found (+1,-1)
⇒ 9166331
bcmclm: new tool for reading Broadcom's CLM data (+338)
⇒ a2d49fb
tplink-safeloader: add RU support-list entry for Archer C6U v1 (+2,-1)
⇒ bb12cf5
tplink-safeloader: Add support for TP-Link Deco M5 The special_id values are ... (+81)
⇒ 9e2de85
tplink-safeloader: add EAP610 v3 and EAP613 v1 (+33)
f147569
patchelf: Revert "tools/patchelf: update to 0.18.0" (+2,-2)
b58955e
ib: split out processing user provided packages (+3,-1)
b52cfba
sdk: rename README + update Makefile (+1,-1)
26093cb
fortify-headers: add __extension__ mark to strings.h (+29)
c719dfd
kernel: bump 5.15 to 5.15.119 (+131,-131)
0d324c6
generic: filter out CONFIG_FRAME_WARN (+1)
5678bb8
kernel: bump 5.15 to 5.15.120 (+8,-8)
ac2d6cf
kernel: sort generic configuration (+1,-1)
f4e1f99
kernel: net: phy: realtek: fix rtl822x_probe on unsupported devices (+5,-21)
ef7d800
kernel: backport NVMEM patches queued for the v6.5 (+920,-1)
a210fce
kernel: bgmac: fix regressed support for BCM53573 SoCs (+45)
339e71c
kernel: drop mips highmem offset start overrides (-38)
21f0ab5
kernel: move NXP DPAA2 SFP patches to generic patches (+2,-2)
7efec0a
kernel: bump 5.15 to 5.15.123 (+214,-571)
e723cb6
kernel: netdevices: add driver for Marvell 10G Ethernet PHYs (+18)
795a5dd
kernel: bump 5.15 to 5.15.124 (+46,-41)
ec0ff92
kernel: bump 5.15 to 5.15.125 (+41,-39)
40f9514
kernel: Autoload nvme at preinit time (+1,-1)
320cfa7
kernel: netsupport: Add kmod-sched-skbprio (+12)
0ecf7a3
generic: 5.15: rename patches to match correct version ()
b59d02b
generic: backport fix for Winbond SPI NAND (+49)
a23aa1c
kernel: bump 5.15 to 5.15.126 (+11,-7)
097d689
kernel: bump 5.15 to 5.15.127 (+26,-26)
6eb6a75
kernel: modules: add xdp-sockets-diag support (+32)
42c9978
uboot-envtools: Add u-boot env config for GL-MT3000 (+3)
7ff9577
mediatek: add support for Mercusys MR90X v1 (+361)
436ef37
ramips: add support for Sercomm S1500 devices (+568,-8)
4a79a94
mxs: rework image generation (+65,-103)
23d6474
mediatek: add support for Netgear EX6250v2 series (+281,-1)
f7daeec
uboot-mediatek: add H3C Magic NX30 Pro support (+454)
5bd5be0
uboot-mediatek: support classic uImage.FIT with internal images in imszb (+3,-4)
68a4c60
layerscape: armv8_64b: add Traverse Ten64 NAND variant (+93,-1)
cef98ca
layerscape: remove Traverse LS1043 boards (-739)
017827e
uboot-mvebu: update to version 2023.07.02 (+2,-2)
d0fc9e9
uboot-mediatek: add support for Xiaomi WR30U (+471)
34d8913
mediatek: filogic: add specific layout for WR30U (+44)
6ad85a6
arm-trusted-firmware-tools: update to version 2.9 (+2,-2)
513ab38
arm-trusted-firmware-mediatek: update to sources of 2023-07-24 (+142,-5)
⇒ 67a8a5c
fix(morello): dts: fix stdout-path target (+1,-1)
⇒ 30df890
fix(morello): dts: add model names (+4,-2)
⇒ 5016ee4
fix(morello): dts: fix SMMU IRQ ordering (+6,-6)
⇒ fba729b
fix(morello): dts: fix DP SMMU IRQ ordering (+3,-3)
⇒ 3169572
fix(morello): dts: use documented DPU compatible string (+1,-1)
⇒ 8aeb1fc
fix(morello): dts: fix SCMI shmem/mboxes grouping (+4,-4)
⇒ 41c310b
fix(morello): dts: fix DT node naming (+8,-8)
⇒ 982f258
fix(morello): dts: fix GICv3 compatible string (+1,-1)
⇒ f33e113
fix(morello): dts: remove #a-c and #s-c from memory node (-8)
⇒ a78b3b3
feat(gicv3): validate multichip data for GIC-700 (+117,-5)
⇒ 7d9648d
fix(ufs): fix slot base address computation (+1,-1)
⇒ 9d6d1a9
fix(ufs): init utrlba/utrlbau with desc_base (+10,-17)
⇒ dddf428
feat(bl): add interface to query TF-A semantic ver (+16,-3)
⇒ df56e9d
fix(bl31): pass the EA bit to 'delegate_sync_ea' (+1,-5)
⇒ 4d879e1
fix(lib/psa): update measured boot handle (+1,-5)
⇒ 14a6fed
fix(errata): workaround for Neoverse-V1 erratum 1618635 (+98)
⇒ + 1304 more...
ecfb961
arm-trusted-firmware-mediatek: fix PKG_MIRROR_HASH (+1,-1)
6553b1c
uboot-mediatek: update to version 2023.07.02 (+117,-459)
b7e9445
uboot-mediatek: add patches for MT7988 and builds for RFB (+9.0K,-13)
0415aba
uboot-mediatek: add missing 'memory' nodes to downstream boards (+36,-6)
d25b543
uboot-mediatek: fix build for MT7629 (+47)
f241408
arm-trusted-firmware-tools: fix build on macOS/Darwin (+21)
dd00bcb
uboot-mediatek: bpi-r3: prepare for larger FIT structures (+4,-4)
4e066f1
uboot-envtools: add u-boot env config for Xiaomi mi-mini (+4)
f9fadb8
libnl-tiny: update to latest git HEAD (+3,-3)
⇒ d433990
Make struct nla_policy and struct nlattr const (+41,-41)
f2a9897
wolfssl: update to 5.6.3 (+31,-6)
8d7d9aa
hostapd: update to 2023-06-22 (+162,-202)
⇒ bb45602
Add QCA vendor attribute to configure list of allowed frequencies for AP (+27)
⇒ 44c38af
Add QCA vendor interface to get connected channels utilization (+17)
⇒ 302d761
Add QCA vendor feature flag for allowed frequency list (+4)
⇒ 921f82c
Sync with wireless-next.git include/uapi/linux/nl80211.h (+23,-1)
⇒ 8f1d384
RNR: Skip interfaces on the same radio for MBSSID (+4,-2)
⇒ 5d06ace
RNR: Add elements by default for EMA AP (+136,-22)
⇒ ac54b61
nl80211: Support for RNR elements (+22)
⇒ 07a7bcd
WMM: Advertise support for 16 PTKSA replay counters for non-AP STA (+32,-5)
⇒ 9bad3c9
tests: Update server and user certificates (2023) (+315,-307)
⇒ 9932ff3
Allowed frequency list configuration for AP operation (+94,-7)
⇒ e891245
Export wpa_supplicant config item 'he' for external configuration (+2,-1)
⇒ f8931fc
hostapd: Restore the flow of set beacon and WPA key init (+3,-3)
⇒ c70405c
MLD STA: Do not fail on unknown IEs in Authentication frames (+2,-2)
⇒ 6002fe8
SAE: Fix expected AP MLD address info in a debug print (+2,-1)
⇒ b171c5e
Update QCA LL_STATS vendor command (+68,-15)
⇒ c858a63
Add a vendor specific roam status of background scan abort (+3)
⇒ + 107 more...
2f71a7e
libnftnl: update to 1.2.6 (+3,-3)
0b08707
nftables: update to 1.0.8 (+2,-2)
b607cd3
libbpf: Update to v1.2.2 (+3,-3)
⇒ e4d3827
libbpf: only reset sec_def handler when necessary (+19,-8)
⇒ dfc9c8b
libbpf: v1.2.1 bug fix version bump (+1,-1)
⇒ 4c98b37
libbpf: Fix realloc API handling in zero-sized edge cases (+16,-4)
⇒ 1728e3e
libbpf: v1.2.2 bug fix version bump (+1,-1)
476bf13
mediatek: add support for ZyXEL NWA50AX Pro (+298,-1)
ee910d1
dropbear: add ed25519 for failsafe key (+3,-2)
77b8ce6
libnl-tiny: update to latest Git HEAD (+6,-6)
⇒ bc92a28
build: allow passing SOVERSION value for dynamic library (+5)
e0d5621
openssl: opt-out of lto usage (+2,-2)
11b0c43
openssl: update to 3.0.10 (+4,-4)
4a3c66a
e2fsprogs: do not symlink tune2fs to findfs (-1)
a5b03a3
lua: fix integer overflow in LNUM patch (+16,-16)
e997456
util-linux: enable colrm util as package (+17)
1a33e4b
perf: opt-out of lto usage (+2,-2)
58d838d
mbedtls: Update to version 2.28.4 (+5,-5)
482c57a
hostapd: add fix for dealing with VHT 160 MHz via ext nss bw (+156,-15)
5deed17
hostapd: revert upstream commit to fix #13156 (+63)
023a885
ipq4019: add support for ZTE MF287+ aka DreiNeo (+410)
c54ec81
linux-firmware: ibt-firmware: install sfi/ddc files for AX210 card (+3,-1)
894b208
ipq-wifi: fix upstream board-2.bin ZTE M289F snafu (+4,-2)
57e7188
linux-firmware: update to 20230625 (+3,-3)
23953cf
ath11k-firmware: update to stable WLAN.HK.2.9.0.1-01837 (+5,-5)
fa3a56a
linux-firmware: update to 20230804 (+2,-2)
9d10944
firmware: intel-microcode: update to 20230808 (+2,-2)
1aeb247
linux-firmware: Update Intel AX200 and AX210 firmware (+2,-2)
2b889aa
uqmi: support split-APN IPv4 and IPv6 dual-stack (+11,-6)
e54e5bc
uqmi: do not start 464xlat for dual-stack configurations (+1)
a88795a
iwinfo: update to latest git HEAD (+4,-4)
⇒ d1f07cf
devices: add device id for Atheros AR9287 and AR9380 (+2)
⇒ 65ea345
nl80211: constify a few arrays (+14,-14)
⇒ ca79f64
lib: report byte counters as 64 bit values (+12,-4)
6984add
procd: update to latest git HEAD (+3,-3)
⇒ 122a5e3
Revert "sysupgrade: print errno on failure" (+1,-3)
⇒ 2db8365
system: add RISC-V CPU info (+6)
b52b6c5
rpcd: update to latest git HEAD (+3,-3)
⇒ 31c3907
file: strengthen exec access control (+5,-2)
2650ae4
rpcd: update to latest git HEAD (+3,-3)
⇒ c07ab2f
iwinfo: update byte counter to 64bit (+2,-2)
0904059
uci: update to git HEAD (+3,-3)
⇒ 3cda251
file: Fix uci -m import command (+1,-1)
⇒ 5781664
remove internal usage of redundant uci_ptr.last (+32,-65)
ec0ff92
kernel: bump 5.15 to 5.15.125 (+41,-39)
62496e9
armsr: v8: fix NVMEM_IMX_OCOTP_ELE build error (+1)
21f0ab5
kernel: move NXP DPAA2 SFP patches to generic patches (+2,-2)
ec0ff92
kernel: bump 5.15 to 5.15.125 (+41,-39)
79d669d
armsr: remove redundant phy-marvell-10g module (-11)
e306e46
armsr: armv8: sync Arm64 erratum options with kernel defconfig (+28)
88e7fe8
armsr: armv8: enable KVM host (+6)
f517d8a
armsr: armv8: sync CPU features, EFI, CMA and scheduler options with Linux de... (+44,-1)
14f7254
armsr: enable ACPI_BUTTON (+1)
cb0534d
armsr: armv8: enable CONFIG_ARCH_RENESAS (+67)
24b35fd
armsr: armv8: enable Broadcom arch'es (+60)
daf99a1
armsr: armv8: synchronize PCIE related options with arm64 defconfig (+20)
dfb159c
armsr: armv8: enable AHCI/SATA controllers for mvebu,qoriq,juno (+3)
80d1eb4
armsr: armv8: add Broadcom GENET and MDIO modules (+22)
3477c79
armsr: armv8: add bcmgenet (Raspberry Pi 4 GENET) to profile (+2,-1)
2a46bd9
armsr: add Marvell (Cavium) ThunderX2 network driver (+21,-3)
3c316f3
armsr: armv8: package and select MDIO driver for Thunder SoC's (+13,-1)
cebed31
armsr: armv8: fix invalid symbol value for FSL_ENETC_QOS (+1,-1)
a506859
armsr: add kmod-sfp to default device profile (+1,-1)
ec0ff92
kernel: bump 5.15 to 5.15.125 (+41,-39)
c719dfd
kernel: bump 5.15 to 5.15.119 (+131,-131)
fbb4aac
zbt-wd323: add GPIO WDT support (+8)
7bb616d
ath79: mikrotik: extract common bits for RB951x-2HnD devices (+83,-80)
98b397d
ath79: add support for MikroTik RB951G-2HnD (+70)
b7fac1b
ath79: DTS improvement for buzzer on RB951G-2HnD (+6)
7efec0a
kernel: bump 5.15 to 5.15.123 (+214,-571)
795a5dd
kernel: bump 5.15 to 5.15.124 (+46,-41)
ec0ff92
kernel: bump 5.15 to 5.15.125 (+41,-39)
ac34f64
ath79: move ubnt-xm 64M RAM boards back to generic (+33,-31)
c719dfd
kernel: bump 5.15 to 5.15.119 (+131,-131)
7efec0a
kernel: bump 5.15 to 5.15.123 (+214,-571)
795a5dd
kernel: bump 5.15 to 5.15.124 (+46,-41)
a4792d7
bcm53xx: backport DT changes from v6.5 (+4.6K,-9)
b32a4bc
bcm53xx: backport DT changes queued for v6.6 (+450,-4)
3bac348
bcm53xx: add BCM53573 Ethernet fix sent upstream for v6.6 (+28)
e0c4da1
bcm53xx: backport more DT changes queued for v6.6 (+290,-28)
7efec0a
kernel: bump 5.15 to 5.15.123 (+214,-571)
ec0ff92
kernel: bump 5.15 to 5.15.125 (+41,-39)
ef7d800
kernel: backport NVMEM patches queued for the v6.5 (+920,-1)
a9c92b9
ipq40xx: Enable gpio-restart in kernel configuration (+1)
023a885
ipq4019: add support for ZTE MF287+ aka DreiNeo (+410)
894b208
ipq-wifi: fix upstream board-2.bin ZTE M289F snafu (+4,-2)
1face85
ipq40xx: move Teltonika RUT STM32 IO to specific DTS (+37,-37)
897d55b
ipq40xx: add support for Teltonika RUTX50 (+203,-2)
680a4c7
ipq4019: fix support for AVM FRITZ!Repeater 3000 (+3)
7efec0a
kernel: bump 5.15 to 5.15.123 (+214,-571)
73aa78c
ipq40xx: commonize Meraki recipe (+7,-8)
5cecf9a
ipq40xx: meraki: remove swconfig in DEVICE_PACKAGES (+1,-1)
4956ff4
ipq40xx: meraki: define DTB load address (+1,-2)
ec0ff92
kernel: bump 5.15 to 5.15.125 (+41,-39)
7efec0a
kernel: bump 5.15 to 5.15.123 (+214,-571)
ef7d800
kernel: backport NVMEM patches queued for the v6.5 (+920,-1)
68a4c60
layerscape: armv8_64b: add Traverse Ten64 NAND variant (+93,-1)
cef98ca
layerscape: remove Traverse LS1043 boards (-739)
6a89cfa
layerscape: base-files: remove redundant RAMFS_COPY_* additions (+2,-2)
795a5dd
kernel: bump 5.15 to 5.15.124 (+46,-41)
7ff9577
mediatek: add support for Mercusys MR90X v1 (+361)
fa1822a
mediatek: define NMBM management region for WAX220 (+5)
5678bb8
kernel: bump 5.15 to 5.15.120 (+8,-8)
977ee43
image: add additional fields to Netgear encrypted image (+26,-2)
23d6474
mediatek: add support for Netgear EX6250v2 series (+281,-1)
cf81850
mediatek: filogic: add H3C Magic NX30 Pro support (+278)
0af05cd
mediatek: dts: mt7988a: wire-up mediatek,pio for PHY LEDs (+2,-1)
6092c39
mediatek: use backported Ethernet PHY driver also for 5.15 (+1.4K,-1.3K)
f94cda0
mediatek: dts: mt7988a: remove boottrap hack (-5)
40a2623
mediatek: replace hack for MaxLinear 2.5G PHY (+63,-166)
b28d740
mediatek: filogic: set DEVICE_DTS_LOADADDR for BPi-R3 (+1)
476bf13
mediatek: add support for ZyXEL NWA50AX Pro (+298,-1)
65c1f41
kernel: update patches for mediatek filogic (+1,-1)
7efec0a
kernel: bump 5.15 to 5.15.123 (+214,-571)
c697057
mediatek: add support for Acer Predator W6 (+579)
0f0ea10
mediatek: filogic: add support for Xiaomi WR30U (+366,-3)
34d8913
mediatek: filogic: add specific layout for WR30U (+44)
5ae1b90
mediatek: filogic: fix broken sysupgrade script (+1)
34cd471
mediatek: filogic: enable driver for MediaTek XS-PHY (+1,-1)
830bb57
mediatek: filogic: sync pinctrl-mt7988 with MediaTek SDK (+300,-115)
c072069
mediatek: filogic: update MT7988 device tree (+394,-166)
ad2fa6b
mediatek: filogic: restore non-const type in pinctrl-mt7988 driver (+17,-17)
795a5dd
kernel: bump 5.15 to 5.15.124 (+46,-41)
ec0ff92
kernel: bump 5.15 to 5.15.125 (+41,-39)
452e4f0
mediatek: filogic: mt7988: mark RTC clock as critical (+8,-1)
a23aa1c
kernel: bump 5.15 to 5.15.126 (+11,-7)
795a5dd
kernel: bump 5.15 to 5.15.124 (+46,-41)
ec0ff92
kernel: bump 5.15 to 5.15.125 (+41,-39)
57bf52c
mvebu: mcbin-singleshot: enable hearbeat LED by default (+22)
4a79a94
mxs: rework image generation (+65,-103)
00d4a31
octeon: ubnt-edgerouter-e300: fix LED settings (+2,-2)
abe659e
octeon: ubnt-edgerouter-e300: fix missing MTD partition (+22,-16)
345bce7
octeon: ubnt-edgerouter-4/6p: devicetree cleanup (+10,-30)
ec0ff92
kernel: bump 5.15 to 5.15.125 (+41,-39)
7efec0a
kernel: bump 5.15 to 5.15.123 (+214,-571)
ec0ff92
kernel: bump 5.15 to 5.15.125 (+41,-39)
5399d03
ramips: sercomm.mk: preparation for Sercomm s1500 devices support (+9,-5)
436ef37
ramips: add support for Sercomm S1500 devices (+568,-8)
cd878b1
ramips: mt7621: add TP-Link EAP613 v1 (+166)
c49654f
ramips/mt7621: disable the cpufreq driver (+3,-7)
977ee43
image: add additional fields to Netgear encrypted image (+26,-2)
e5dea9e
ramips: mt7621: disable highmem support and remove highmem offset patch (+19,-3)
339e71c
kernel: drop mips highmem offset start overrides (-38)
3ac300c
ramips: backport upstream mt762x PCIe driver error log fixes (+102)
ead5860
ramips: do not print error log when mdio bus is disabled (+1,-1)
7efec0a
kernel: bump 5.15 to 5.15.123 (+214,-571)
ec0ff92
kernel: bump 5.15 to 5.15.125 (+41,-39)
5569b92
ramips: improve Xiaomi mi-mini indications (+4,-5)
4ebba8a
realtek: add support for HPE 1920-8g-poe+ (+154,-108)
795a5dd
kernel: bump 5.15 to 5.15.124 (+46,-41)
ec0ff92
kernel: bump 5.15 to 5.15.125 (+41,-39)
ec0ff92
kernel: bump 5.15 to 5.15.125 (+41,-39)
e4d7917
x86: set CONFIG_X86_AMD_PLATFORM_DEVICE (+2,-2)
ec0ff92
kernel: bump 5.15 to 5.15.125 (+41,-39)
f28a2a5
x86: Activate CONFIG_PCIEASPM (+15)
dd30399
x86: Add virtualization time sync support (+10)
8d6a905
mac80211: partly revert force-mac80211 loss detection (+56,-36)
8d6a905
mac80211: partly revert force-mac80211 loss detection (+56,-36)
649d9e3
mt76: update to the latest version (+4,-4)
⇒ 2c9c8ff
wifi: mt76: mt7615: fix possible race in mt7615_mac_sta_poll (+3)
⇒ 3365c80
wifi: mt76: connac: fix stats->tx_bytes calculation (+3,-2)
⇒ b69d821
wifi: mt76: connac: do not check WED status for non-mmio devices (+3)
⇒ 1f9cd65
wifi: mt76: mt7921e: fix probe timeout after reboot (+3,-3)
⇒ 42dace9
wifi: mt76: mt7921: Fix use-after-free in fw features query. (+5,-2)
⇒ 540adbb
wifi: mt76: mt7921: add Netgear AXE3000 (A8000) support (+3)
⇒ 150e2d0
wifi: mt76: mt7996: fix possible NULL pointer dereference in mt7996_mac_write... (+12,-7)
⇒ 5b7519b
wifi: mt76: mt7996: fix endianness of MT_TXD6_TX_RATE (+1,-1)
⇒ 40f6e43
wifi: mt76: mt76x02: remove WEP support (-13)
⇒ 84ea1a2
mt76: mt7921: don't assume adequate headroom for SDIO headers (+4)
⇒ 5c28e17
wifi: mt76: mt7996: fix header translation logic (+9,-4)
⇒ 2386cec
wifi: mt76: mt7996: enable BSS_CHANGED_MU_GROUPS support (+38,-7)
⇒ 748d4a2
wifi: mt76: mt7615: enable BSS_CHANGED_MU_GROUPS support (+40)
⇒ 458ad0a
wifi: mt76: enable UNII-4 channel 177 support (+1)
⇒ 7fb0460
wifi: mt76: mt7915: fix background radar event being blocked (+1,-1)
⇒ d2a77a9
wifi: mt76: mt7915: report tx retries/failed counts for non-WED path (+39,-13)
⇒ + 55 more...
7be76a9
mt76: fix download hash (+1,-1)
a70d030
mt76: update to the latest version (+3,-3)
⇒ f704e4f
mt76: mt7915: fix copy&paste issue on capability check rework (+9,-8)
dc370ad
mt76: update to the latest version (+3,-3)
⇒ bb3937d
wifi: mt76: mt7915: remove VHT160 capability on MT7915 (-1)
4d88031
mt76: update to the latest version (+3,-3)
⇒ 53edfc7
wifi: mt76: mt7603: fix beacon interval after disabling a single vif (+2,-1)
⇒ 7ef4dd1
wifi: mt76: mt7603: fix tx filter/flush function (+28,-7)
⇒ 152608a
wifi: mt76: mt7615: do not advertise 5 GHz on first phy of MT7615D (DBDC) (+3,-3)
⇒ cacac39
wifi: mt76: split get_of_eeprom in subfunction (+35,-16)
⇒ cd3dfe3
wifi: mt76: add support for providing eeprom in nvmem cells (+37,-1)
Description: On-Board Intel Bluetooth firmware not working due to two missing files
Link: https://github.com/openwrt/openwrt/issues/8558
Commits:
c54ec81
linux-firmware: ibt-firmware: install sfi/ddc files for AX210 card (+3,-1)
Description: MT7921u drivers hangs when starts access point
Link: https://github.com/openwrt/openwrt/issues/12661
Commits:
8d7d9aa
hostapd: update to 2023-06-22 (+162,-202)
⇒ bb45602
Add QCA vendor attribute to configure list of allowed frequencies for AP (+27)
⇒ 44c38af
Add QCA vendor interface to get connected channels utilization (+17)
⇒ 302d761
Add QCA vendor feature flag for allowed frequency list (+4)
⇒ 921f82c
Sync with wireless-next.git include/uapi/linux/nl80211.h (+23,-1)
⇒ 8f1d384
RNR: Skip interfaces on the same radio for MBSSID (+4,-2)
⇒ 5d06ace
RNR: Add elements by default for EMA AP (+136,-22)
⇒ ac54b61
nl80211: Support for RNR elements (+22)
⇒ 07a7bcd
WMM: Advertise support for 16 PTKSA replay counters for non-AP STA (+32,-5)
⇒ 9bad3c9
tests: Update server and user certificates (2023) (+315,-307)
⇒ 9932ff3
Allowed frequency list configuration for AP operation (+94,-7)
⇒ e891245
Export wpa_supplicant config item 'he' for external configuration (+2,-1)
⇒ f8931fc
hostapd: Restore the flow of set beacon and WPA key init (+3,-3)
⇒ c70405c
MLD STA: Do not fail on unknown IEs in Authentication frames (+2,-2)
⇒ 6002fe8
SAE: Fix expected AP MLD address info in a debug print (+2,-1)
⇒ b171c5e
Update QCA LL_STATS vendor command (+68,-15)
⇒ c858a63
Add a vendor specific roam status of background scan abort (+3)
⇒ + 107 more...
Description: [23.05-rc1] ipq40xx: zte_mf289f: ath10k_ahb: could not probe fw (-110)
Link: https://github.com/openwrt/openwrt/issues/12886
Commits:
894b208
ipq-wifi: fix upstream board-2.bin ZTE M289F snafu (+4,-2)
Description: Error building VDI image on latest Arch Linux
Link: https://github.com/openwrt/openwrt/issues/13056
Commits:
4ab8abf
build: fix generation of large .vdi images (+8,-2)
Description: Trying to install anything that has libnl-tiny as dependency fails
Link: https://github.com/openwrt/openwrt/issues/13082
Commits:
77b8ce6
libnl-tiny: update to latest Git HEAD (+6,-6)
⇒ bc92a28
build: allow passing SOVERSION value for dynamic library (+5)
Description: patchelf failed to compile with gcc-10.2
Link: https://github.com/openwrt/openwrt/issues/13102
Commits:
f147569
patchelf: Revert "tools/patchelf: update to 0.18.0" (+2,-2)
Description: [23.05-SNAPSHOT] filogic: WPA2+WPA3 Unable to connect periodically
Link: https://github.com/openwrt/openwrt/issues/13156
Commits:
5deed17
hostapd: revert upstream commit to fix #13156 (+63)
Description: r8169 ASPM issues on x86
Link: https://github.com/openwrt/openwrt/issues/13248
Commits:
f28a2a5
x86: Activate CONFIG_PCIEASPM (+15)
Description: Hyper-V integration degraded in 23.05.0 RCs, hv_utils not loaded
Link: https://github.com/openwrt/openwrt/issues/13277
Commits:
dd30399
x86: Add virtualization time sync support (+10)
Description: Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40982
Commits:
9d10944
firmware: intel-microcode: update to 20230808 (+2,-2)
Description: Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41804
Commits:
9d10944
firmware: intel-microcode: update to 20230808 (+2,-2)
Description: Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence. Impact summary: Applications that use the AES-SIV algorithm and want to authenticate empty data entries as associated data can be mislead by removing adding or reordering such empty entries as these are ignored by the OpenSSL implementation. We are currently unaware of any such applications. The AES-SIV algorithm allows for authentication of multiple associated data entries along with the encryption. To authenticate empty data the application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with NULL pointer as the output buffer and 0 as the input buffer length. The AES-SIV implementation in OpenSSL just returns success for such a call instead of performing the associated data authentication operation. The empty data thus will not be authenticated. As this issue does not affect non-empty associated data authentication and we expect it to be rare for an application to use empty associated data entries this is qualified as Low severity issue.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2975
Commits:
11b0c43
openssl: update to 3.0.10 (+4,-4)
Description: Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus ('p' parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the '-check' option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3446
Commits:
11b0c43
openssl: update to 3.0.10 (+4,-4)
Description: Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A correct q value, if present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if q is larger than p. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the "-check" option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3817
Commits:
11b0c43
openssl: update to 3.0.10 (+4,-4)
Description: Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23908
Commits:
9d10944
firmware: intel-microcode: update to 20230808 (+2,-2)