User Tools

Site Tools


releases:17.01:changelog-17.01.2

LEDE v17.01.2 Changelog

This changelog lists all commits done in LEDE since the v17.01.1 tag, grouped by subsystem. The changes are chronologically ordered from top to bottom and cover the Git repository history until the tagging of the final 17.01.2 release.

Build System / Buildroot (7 changes)

7ee0937 feeds: add option to force feed update despite modified files
37cf921 build: fix symlinked .config handling
dbaaeae image.mk: Generate cpiogz with root-owned files
a44d7bf build: fix possible issue with kmod package having multiple AutoLoad's
4053c4f include/toplevel: set env GIT_ASKPASS=/bin/true
65eec8b build: ensure that flock is available for make download
2da512e LEDE v17.01.2: adjust config defaults

Build System / Feeds (1 change)

2da512e LEDE v17.01.2: adjust config defaults

Build System / Host Utilities (2 changes)

dfe2cea firmware-utils: tplink-safeloader: add support for Archer C5 V2
f709597 automake: import upstream fix for perl 5.26

Build System / Image Builder (1 change)

379155d imagebuilder: fix bundling of DTS sources

Build System / Toolchain (1 change)

dfecce6 toolchain/gdb: update to version 7.12.1

Kernel (7 changes)

1ab4126 kernel: use skb_cow_head() to deal with cloned skbs
3bfe7ee generic: keep module aliases inside .modinfo
215c1d0 kernel: update kernel 4.4 to 4.4.69
9c2bd3d backlight-pwm: fix module description
2f92622 kernel: fix autoloading arch-specific modules
e02b12c kernel: update kernel 4.4 to 4.4.70
4fbd072 kernel: update kernel 4.4 to 4.4.71

Packages / Common (29 changes)

449880e busybox: Move libresolv detection to LEDE Makefile
5feb4f0 busybox: fix build of nslookup_lede applet without IPv6 (#728)
72fcdb6 openssl: Use mkhash for STAMP_CONFIGURED
a2ee9b7 busybox: nslookup_lede: fix compatibility with v1.25
fe0b171 busybox: nslookup_lede: mimic output format of old Busybox applet
ae0e167 busybox: revert accidential version bump
d8cfeba dnsmasq: support dhcp_option config as a list
bc58099 openvpn: move list of params and bools to a separate file
98491a9 openvpn: add extra respawn parameters
d40e2ef OpenVPN: Update to 2.4.1
53e751e openvpn: add myself as maintainer
aba1b3c openvpn: update to v2.4.2
da4992f om-watchdog: cleanup Makefile
38367c5 om-watchdog: cosmetic code style fixes
9423cf3 om-watchdog: add support for Teltonika RUT5xx (ramips)
1165c0a umdns: update to the version 2017-05-22
64f78f1 Rename mdns_hostname variable to the umdns_host_label
ff09d9a Rename service_name function to the service_instance_name
920c62a Store instance name in the struct service
26ce7dc Allow filtering with instance name in service_reply
49fdb9f Support PTR queries for a specific service
0e8b948 Support specifying instance name in JSON file
51db1f5 samba: fix CVE-2017-7494
dd19a41 dropbear: bump to 2017.75
d179aa8 util-linux: fix build with uclibc
d1a0fc3 binutils: fix build with host gcc < 4.9
e194e1b hostapd: add legacy_rates option to disable 802.11b data rates.
4bd3b8f mac80211, hostapd: always explicitly set beacon interval
22478bf samba: bump PKG_RELEASE
78edfff dnsmasq: don't point --resolv-file to default location unconditionally
ebf46d2 dnsmasq: use logical interface name for dhcp relay config
9e20cc5 dnsmasq: make tftp root if not existing
cdfc678 dnsmasq: bump to 2.77
e78a641 umdns: remove superfluous include in init script
8a42d4d mwlwifi: update to version 10.3.4.0 / 2017-06-06
5fac04c Upgrade 88W8964 firmware to 9.1.2.5.
7b96b8a Modification of the code to load firmware 9.1.2.5.
f834af0 Re-architecture mwlwifi.
618bbc0 Change driver version to 10.3.4.0-20170216.
ce31432 Added draft version for new data path.
25b90b1 Added debugfs "ratetable" to get rate table.
ca699af Connected rx antenna setting for 88W8964.
87b163f Fixed problem: restart mwlwifi to let AP work.
374afe9 Added functions to check/dump arp/icmp packet.
7b07491 Corrected receive sequence number for slow data.
6457434 Added code to bypass duplicate check of mac80211.
80e1a1a Added code to bypass ampdu reorder of mac80211.
a7cb7ca Added code to ack (re)assoc resp immediately.
217ad84 Won't reset sequence number of Tx BA stream.
ef239c5 Fixed problem: iperf Tx can't work.
12185a6 Fixed problem: "wifi up" will destroy data path.
⇒ + 31 more…

Packages / Firmware (1 change)

0e31ce7 ath10k-firmware: do not select the qca988x by default

Packages / LEDE base files (5 changes)

0c8f726 base-files: implement ucidef_set_hostname(), ucidef_set_ntpserver()
524ed50 base-files: always set proto passed to _ucidef_set_interface()
df4363b base-files: network.sh: properly report local IPv6 addresses
e5db08e base-files: network.sh: fix a number of IPv6 logic flaws
2da512e LEDE v17.01.2: adjust config defaults

Packages / LEDE network userland (3 changes)

c266641 odhcpd: update to version 2017-04-21
adc8f62 dhcpv6-ia: create assignment for unknown IA in rebind messages
4e579c4 dhcpv6-ia: simplify logic to write statefile and dhcpv6 logging
570069d ubus: rework dumping IPv6 and IPv4 leases
503e496 odhcpd: update to version 2017-04-28 (FS#595)
c0e9dbf ubus: don't segfault when there're no leases
a54afb5 dhcpv6-ia: Fix segfault when writing DHCPv4 leases in state file
7dff5b4 ndp: fix wrong interface name in syslog message
2b3355f ndp: fix adding proxy neighbor entries
9268ca6 ndp: don't trigger IPv6 ping when neighbor entry is invalid
757353c firewall: resync with master

Packages / LEDE system userland (6 changes)

2bc8d5e ubox: bump to version 2017-03-10
acc48b5 kmodloader: Fix typo in error message
db070f1 ubox: Fix some memory leaks
8488bb5 ubox: Initialize conditionally uninitialized variabled
eacc426 kmodloader: remove redundant glob wildcard char
46a4b5f kmodloader: log to kmsg when loading directories of modules
a62c946 kmodloader: modprobe: skip possible command line arguments
9371411 kmodloader: fix out-of-bound access when parsing .modinfo
6e3c6dc kmodloader: add module alias awareness
14839f0 kmodloader: make insert_module() idempotent
f8d3d16 ubox: Add an option for more accurate timestamps in log
ac2d43e kmodloader: support '-q' quiet option
fce9382 cmake: Check for getrandom system call
8973576 kmodloader: fix not being able to find some modules
c553354 cmake: fix typo
3dc78a4 kmodloader: don't store aliases info in struct module
21a4bd0 kmodloader: modprobe: return 0 for loaded modules
⇒ + 1 more…
e200c66 rpcd: Explicitly link with lcrypt
0bef8f8 fstools: backport regression fix for volume_identify
7c1e588 usbmode: Update to latest HEAD
8a47c4b add TargetClass support
2769852 cmake: Find libubox/blobmsg_json.h
61fdf7e cmake: Search for libjson-c
22f041e Extend StandardEject sequence to include LUN 1
4baf0ea usbmode: update to latest version
453da8e convert-modeswitch.pl: fix message indices
fe5e343 usbmode: update usb-modeswitch-data to 20170205

Target / apm821xx (1 change)

e02b12c kernel: update kernel 4.4 to 4.4.70

Target / ar71xx (8 changes)

3dbc417 ar71xx: add TP-LINK TL-WR841N/ND v12 image
1d1935b ar71xx: fix minor syntax error in /lib/upgrade/platform.sh
58ec566 ar71xx: select ATH79_NVRAM only by boards actually use it
8011215 ar71xx: enable nand-utils in the mikrotik subtarget to ensure it makes it to ...
215c1d0 kernel: update kernel 4.4 to 4.4.69
a412350 ar71xx: fix GE interface support in Wallys DR344
21a7e40 ar71xx: set GE interface as wan by default in Wallys DR344
b1257d8 ar71xx: fix Wallys DR344 GPIO-connected LEDs and button

Target / bcm53xx (5 changes)

ad145e0 bcm53xx: prepare for building Archer C5 V2 image
3ff31f8 bcm53xx: parepare for building more Linksys images
9437fbb bcm53xx: backport BCM5301X patches
d1e0cc8 bcm53xx: backport DT patches for serial, thermal and MDIO
74100f3 bcm53xx: add support for TP-LINK Archer C5 V2

Target / brcm2708 (2 changes)

215c1d0 kernel: update kernel 4.4 to 4.4.69
e02b12c kernel: update kernel 4.4 to 4.4.70

Target / brcm63xx (3 changes)

bf534e4 brcm63xx: Add Observa VH4032N support
d90ff22 brcm63xx: fix invalid Asmax AR 1004g DTS reference
215c1d0 kernel: update kernel 4.4 to 4.4.69

Target / cns3xxx (1 change)

105d5b6 cns3xxx: use proper macro's for ID handling

Target / ipq806x (4 changes)

bc0de27 ipq806x: fix EA8500 switch configuration
215c1d0 kernel: update kernel 4.4 to 4.4.69
784ceba treewide: select ath10k firmware explicit
20198f7 ipq806x: fix Netgear X4 R7500 ath10k firmware selection

Target / lantiq (6 changes)

d49920e lantiq: fix avm fritz box mac addresses
215c1d0 kernel: update kernel 4.4 to 4.4.69
254bf79 lantiq: xrx200: use vlan for ethernet wan port
4186d73 lantiq: use the P2812HNUF* wan port as wan
36ccbbd lantiq: select kmod-mt7603 instead of kmod-mt76 for WBMR-300HPD
bf6216e lantiq: fix broadcasts and vlans in two iface mode

Target / mediatek (1 change)

215c1d0 kernel: update kernel 4.4 to 4.4.69

Target / oxnas (1 change)

215c1d0 kernel: update kernel 4.4 to 4.4.69

Target / ramips (24 changes)

9117ef8 ramips: update DEVICE_PACKAGES for Ubiquiti EdgeRouter X
dbd2212 ramips: WN3000RPv3: do not setup switch
26f07f6 ramips: fixed sms led polarity into dwr-512 DT
0f3c2d0 ramips: Clean duplicated status property for Omega2 WMAC in dtsi
846457f ramips: fix mac address of miwifi-mini
1aee42c ramips: add support for Netgear WN3000RPv3
85bca2d ramips: correct keenetic-series switch index
9494825 ramips: ZyXEL Keenetic Omni align factory images
a12655a ramips: ZyXEL Keenetic series update wan mac
0405851 ramips: fix EX2700 wireless mac
a666236 ramips: add ip17xx support to WLI-TX4-AG300N
5b2624d ramips: ZyXEL Keenetic Viva: export gpio usb power
fd693bc ramips: ZyXEL Keenetic Viva: align factory images
28d6265 ramips: ZyXEL Keenetic Omni/Omni2: export gpio usb power
6aa0a85 ramips: remove DT pcie nodes for GL-MT300A/N
f1f0b92 ramips: cleanup SPI flash device tree properties usage
88cc06a ramips: remove Planex CS-QR10 sound device tree node
7e2ad9c ramips: fix Sercomm NA930 compatible string
49ce6d0 ramips: add support for Sanlinking D240
8b9f7bd ramips: WN3000RPv3: do not setup switch
79cd141 ramips: enable ramdisk for mt7621
8619683 ramips: add factory firmware for Tp-Link C20i/C50
7f3ec01 ramips: fixup-mac-address: add missing include
4bd98e9 ramips: add om-watchdog to rut5xx DEVICE_PACKAGES

Target / sunxi (1 change)

215c1d0 kernel: update kernel 4.4 to 4.4.69

Target / x86 (3 changes)

af1d1eb x86: enable 4G high memory support for generic (32bit) subtarget
b78bcdf x86: disable X2APIC support for legacy subtargets
443d705 Add missing APU1 reference to x86 board.d

Wireless / Common (10 changes)

a972879 ath: do not apply broken power limits with ATH_USER_REGD
5ac51ad ath9k: fix power limits on init
ceefe61 mac80211: add rt2x00 debug symbols to PKG_CONFIG_DEPENDS
4314646 rt2x00: mt7620: yet another beauty session
ab7087e rt2x00: mt7620: make fixes requested upstream
5b91d2b mac80211: rt2x00: import upstream changes and rebase our patches
820a396 mac80211: rt2x00: fix MT7620 LNA gain and VCO-after-ALC
64fa4ea mac80211: rt2800: fix mt7620 vco calibration registers
eb11207 mac80211: rt2800: fix mt7620 E2 channel registers
4bd3b8f mac80211, hostapd: always explicitly set beacon interval

Addressed bugs

#285

Description: Kernel panic on ebox-3300 (Vortex86DX CPU)
Link: https://bugs.lede-project.org/index.php?do=details&task_id=285
Commits:
b78bcdf x86: disable X2APIC support for legacy subtargets

#359

Description: kirkwood: kernel does not recognize rootfs in ubi
Link: https://bugs.lede-project.org/index.php?do=details&task_id=359
Commits:
a666236 ramips: add ip17xx support to WLI-TX4-AG300N

#548

Description: firewall3: Timezone problems, UTC used always despite UTC Time not checked
Link: https://bugs.lede-project.org/index.php?do=details&task_id=548
Commits:
757353c firewall: resync with master

#572

Description: OpenSSL STAMP_CONFIGURED can lead to filename too long
Link: https://bugs.lede-project.org/index.php?do=details&task_id=572
Commits:
72fcdb6 openssl: Use mkhash for STAMP_CONFIGURED

#595

Description: odhcpd in relay mode floods network with NS packets
Link: https://bugs.lede-project.org/index.php?do=details&task_id=595
Commits:
503e496 odhcpd: update to version 2017-04-28 (FS#595)
c0e9dbf ubus: don't segfault when there're no leases
a54afb5 dhcpv6-ia: Fix segfault when writing DHCPv4 leases in state file
7dff5b4 ndp: fix wrong interface name in syslog message
2b3355f ndp: fix adding proxy neighbor entries
9268ca6 ndp: don't trigger IPv6 ping when neighbor entry is invalid

#619

Description: mac80211: AP+11s VIFs broken
Link: https://bugs.lede-project.org/index.php?do=details&task_id=619
Commits:
4bd3b8f mac80211, hostapd: always explicitly set beacon interval

#640

Description: Undocumented / unnamed firewall rules installed by default
Link: https://bugs.lede-project.org/index.php?do=details&task_id=640
Commits:
757353c firewall: resync with master

#658

Description: umdns init error during build
Link: https://bugs.lede-project.org/index.php?do=details&task_id=658
Commits:
e78a641 umdns: remove superfluous include in init script

#684

Description: bug in kmod-can
Link: https://bugs.lede-project.org/index.php?do=details&task_id=684
Commits:
2bc8d5e ubox: bump to version 2017-03-10
acc48b5 kmodloader: Fix typo in error message
db070f1 ubox: Fix some memory leaks
8488bb5 ubox: Initialize conditionally uninitialized variabled
eacc426 kmodloader: remove redundant glob wildcard char
46a4b5f kmodloader: log to kmsg when loading directories of modules
a62c946 kmodloader: modprobe: skip possible command line arguments
9371411 kmodloader: fix out-of-bound access when parsing .modinfo
6e3c6dc kmodloader: add module alias awareness
14839f0 kmodloader: make insert_module() idempotent
f8d3d16 ubox: Add an option for more accurate timestamps in log
ac2d43e kmodloader: support '-q' quiet option
fce9382 cmake: Check for getrandom system call
8973576 kmodloader: fix not being able to find some modules
c553354 cmake: fix typo
3dc78a4 kmodloader: don't store aliases info in struct module
21a4bd0 kmodloader: modprobe: return 0 for loaded modules
⇒ + 1 more…

#728

Description: BusyBox/nslookup_lede compile error when build without IPV6 support
Link: https://bugs.lede-project.org/index.php?do=details&task_id=728
Commits:
5feb4f0 busybox: fix build of nslookup_lede applet without IPv6 (#728)

#745

Description: kmod-crypto-sha256 unknown symbols
Link: https://bugs.lede-project.org/index.php?do=details&task_id=745
Commits:
2f92622 kernel: fix autoloading arch-specific modules

#754

Description: BenNanoNote hostname setting broken?
Link: https://bugs.lede-project.org/index.php?do=details&task_id=754
Commits:
0c8f726 base-files: implement ucidef_set_hostname(), ucidef_set_ntpserver()

#758

Description: factory image for ubnt er-x missing
Link: https://bugs.lede-project.org/index.php?do=details&task_id=758
Commits:
79cd141 ramips: enable ramdisk for mt7621

#766

Description: Intermittent SIGSEGV crash of dnsmasq-full
Link: https://bugs.lede-project.org/index.php?do=details&task_id=766
Commits:
cdfc678 dnsmasq: bump to 2.77

#774

Description: fixup-mac-address script is broken
Link: https://bugs.lede-project.org/index.php?do=details&task_id=774
Commits:
7f3ec01 ramips: fixup-mac-address: add missing include

#806

Description: Does not equal iptables rule not working
Link: https://bugs.lede-project.org/index.php?do=details&task_id=806
Commits:
757353c firewall: resync with master

#811

Description: r4214 - iptables (?) not read properly /etc/config/firewall
Link: https://bugs.lede-project.org/index.php?do=details&task_id=811
Commits:
757353c firewall: resync with master

#829

Description: network.sh incorrectly hardcodes IPv6 address suffix
Link: https://bugs.lede-project.org/index.php?do=details&task_id=829
Commits:
df4363b base-files: network.sh: properly report local IPv6 addresses

Security fixes

CVE-2017-7478

Description: OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7478
Commits:
aba1b3c openvpn: update to v2.4.2

CVE-2017-7479

Description: OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7479
Commits:
aba1b3c openvpn: update to v2.4.2

CVE-2017-7494

Description: Samba since version 3.5.0 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7494
Commits:
51db1f5 samba: fix CVE-2017-7494

CVE-2017-8890

Description: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8890
Commits:
4fbd072 kernel: update kernel 4.4 to 4.4.71

CVE-2017-9074

Description: The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9074
Commits:
4fbd072 kernel: update kernel 4.4 to 4.4.71

CVE-2017-9075

Description: The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9075
Commits:
4fbd072 kernel: update kernel 4.4 to 4.4.71

CVE-2017-9076

Description: The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9076
Commits:
4fbd072 kernel: update kernel 4.4 to 4.4.71

CVE-2017-9077

Description: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9077
Commits:
4fbd072 kernel: update kernel 4.4 to 4.4.71

CVE-2017-9078

Description: The server in Dropbear before 2017.75 might allow post-authentication root remote code execution because of a double free in cleanup of TCP listeners when the -a option is enabled.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9078
Commits:
dd19a41 dropbear: bump to 2017.75

CVE-2017-9079

Description: Dropbear before 2017.75 might allow local users to read certain files as root, if the file has the authorized_keys file format with a command= option. This occurs because ~/.ssh/authorized_keys is read with root privileges and symlinks are followed.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9079
Commits:
dd19a41 dropbear: bump to 2017.75

CVE-2017-9242

Description: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9242
Commits:
4fbd072 kernel: update kernel 4.4 to 4.4.71

This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.More information about cookies
releases/17.01/changelog-17.01.2.txt · Last modified: 2017/06/10 11:28 by lynxis