OpenWrt v18.06.7 Changelog

This changelog lists all commits done in OpenWrt since the v18.06.6 tag, grouped by subsystem. The changes are chronologically ordered from top to bottom and cover the Git repository history until the tagging of the 18.06.7 release.

0591348 tools/expat: Update to version 2.2.9 (+2,-2)

891bba8 kernel: bump 4.9 to 4.9.209 (+5,-5)
7c42a9b kernel: bump 4.14 to 4.14.164 (+104,-104)
a634830 kernel: bump 4.9 to 4.9.210 (+5,-5)
8441794 kernel: bump 4.14 to 4.14.165 (+3,-3)
5c7225c kernel: bump 4.14 to 4.14.166 (+2,-2)
c15a039 kernel: bump 4.9 to 4.9.211 (+11,-11)
153a044 kernel: bump 4.14 to 4.14.167 (+3,-3)

ab9d1bf ethtool: fix PKG_CONFIG_DEPENDS (+1,-1)
f51d1c3 mbedtls: update to 2.16.4 (+31,-31)
ebafb74 lantiq: ltq-ptm: vr9: fix skb handling in ptm_hard_start_xmit() (+4,-1)
ca47026 opkg: update to latest Git HEAD (+3,-3)
⇒ 80d161e opkg: Fix -Wformat-overflow warning (+1,-2)
⇒ c09fe20 libopkg: fix skipping of leading whitespace when parsing checksums (+2,-2)

cc0a54e libubox: backport security patches (+1.1K,-1)

891bba8 kernel: bump 4.9 to 4.9.209 (+5,-5)
a634830 kernel: bump 4.9 to 4.9.210 (+5,-5)
c15a039 kernel: bump 4.9 to 4.9.211 (+11,-11)

c15a039 kernel: bump 4.9 to 4.9.211 (+11,-11)

99ab40c brcm47xx: fix switch port order for Netgear WNR3500 V2 (+2,-1)
04474c7 brcm47xx: fix switch port order for Netgear WN2500RP V1 (+5)

a634830 kernel: bump 4.9 to 4.9.210 (+5,-5)

02f9582 kirkwood: fix HDD LED labels for Zyxel NSA325 in 01_leds (+2,-2)

891bba8 kernel: bump 4.9 to 4.9.209 (+5,-5)
c15a039 kernel: bump 4.9 to 4.9.211 (+11,-11)

3a3ca32 ramips: fix HiWiFi HC5962 switch configuration (+4,-1)

7c42a9b kernel: bump 4.14 to 4.14.164 (+104,-104)

Description: In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20843
Commits:
0591348 tools/expat: Update to version 2.2.9 (+2,-2)

Description: In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
Commits:
0591348 tools/expat: Update to version 2.2.9 (+2,-2)

Description: The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18222
Commits:
f51d1c3 mbedtls: update to 2.16.4 (+31,-31)

Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7982
Commits:
ca47026 opkg: update to latest Git HEAD (+3,-3)
⇒ 80d161e opkg: Fix -Wformat-overflow warning (+1,-2)
⇒ c09fe20 libopkg: fix skipping of leading whitespace when parsing checksums (+2,-2)