Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Next revisionBoth sides next revision
releases:18.06:notes-18.06.9 [2020/07/06 10:35] – Update with latest changes zorunreleases:18.06:notes-18.06.9 [2020/11/11 11:37] – [Security fixes] zorun
Line 1: Line 1:
-====== OpenWrt 18.06.9 - Service Release - XX July 2020 ======+====== OpenWrt 18.06.9 - Final Service Release - Work-in-progress ======
  
 <code> <code>
Line 11: Line 11:
  -----------------------------------------------------  -----------------------------------------------------
 </code> </code>
 +
 +{{page>meta:infobox:attention_wiprelease&noheader&nofooter&noeditbtn}}
  
 The OpenWrt Project is a Linux operating system targeting embedded devices.  It is a complete replacement for the vendor-supplied firmware of a wide range of wireless routers and non-network devices. See the [[https://openwrt.org/toh/start|Table of Hardware]] for supported devices. For more information about OpenWrt project organization, see the [[https://openwrt.org/about|About OpenWrt pages]]. The OpenWrt Project is a Linux operating system targeting embedded devices.  It is a complete replacement for the vendor-supplied firmware of a wide range of wireless routers and non-network devices. See the [[https://openwrt.org/toh/start|Table of Hardware]] for supported devices. For more information about OpenWrt project organization, see the [[https://openwrt.org/about|About OpenWrt pages]].
  
 Get OpenWrt Firmware at: https://downloads.openwrt.org/releases/ Get OpenWrt Firmware at: https://downloads.openwrt.org/releases/
 +
 +===== End of support for OpenWrt 18.06  ===== 
 +
 +This release is the final one for OpenWrt 18.06. You should consider upgrading to a newer version (OpenWrt 19.07 or later)
 +
 +===== Receiving important changes and announcements ===== 
 +
 +We have a new mailing list for release announcements and other important changes: consider subscribing!
 +
 +See [[:contact#important_changes_and_announcements]] for details.
 +
  
 ===== Highlights in OpenWrt 18.06.9 =====  ===== Highlights in OpenWrt 18.06.9 ===== 
Line 27: Line 40:
   * [[advisory:2020-05-06-1|Security Advisory 2020-05-06-1 - umdns out-of-bounds reads of heap data and possible buffer overflow (CVE-2020-11750)]]   * [[advisory:2020-05-06-1|Security Advisory 2020-05-06-1 - umdns out-of-bounds reads of heap data and possible buffer overflow (CVE-2020-11750)]]
   * [[changelog-18.06.9#CVE-2020-12762|libjson-c: fix out of bounds write vulnerability (CVE-2020-12762)]]   * [[changelog-18.06.9#CVE-2020-12762|libjson-c: fix out of bounds write vulnerability (CVE-2020-12762)]]
 +  * mac80211: backport some fixes for the [[wp>Kr00k|Kr00k vulnerability in WPA]]. It is not clear which wireless driver/firmware combinations could be vulnerable in OpenWrt.  These backported patches harden mac80211 just in case.
 +  * uci: backport hardening fixes
   * [[changelog-18.06.9#security_fixes|Other security fixes]]   * [[changelog-18.06.9#security_fixes|Other security fixes]]
  
 **Note:** security fixes for packages can also be applied by upgrading only the affected packages on running devices, without the need for a full firmware upgrade.  This can be done with ''opkg update; opkg upgrade the_package_name'' or through the LuCI web interface. **Note:** security fixes for packages can also be applied by upgrading only the affected packages on running devices, without the need for a full firmware upgrade.  This can be done with ''opkg update; opkg upgrade the_package_name'' or through the LuCI web interface.
  
-Nevertheless, we encourage all users to upgrade their devices to OpenWrt 19.07.whenever possible.+Nevertheless, we encourage all users to upgrade their devices to OpenWrt 18.06.9 or a newer major release whenever possible.
  
 ==== Bug fixes ==== ==== Bug fixes ====
Line 38: Line 53:
   * **musl:** fix locking synchronization bug   * **musl:** fix locking synchronization bug
   * **kernel:** backport out-of-memory fix for non-Ethernet devices   * **kernel:** backport out-of-memory fix for non-Ethernet devices
 +  * **firewall:** fix TCP MSS clamping that was only applied on one direction ([[flyspray>3231|FS#3231]])
  
 ==== Device support ==== ==== Device support ====
Line 43: Line 59:
   * **brcm63xx:** fix BCM6348/BCM6358 hangs while booting ([[flyspray>2202|FS#2202]])   * **brcm63xx:** fix BCM6348/BCM6358 hangs while booting ([[flyspray>2202|FS#2202]])
   * **ipq40xx:** fix essedma MAC hang by disabling TCP segmentation offload for IPv6   * **ipq40xx:** fix essedma MAC hang by disabling TCP segmentation offload for IPv6
-  * **Various fixes** for ZyXEL Keenetic, TP-Link Archer C60 v1/v2, GL.iNet GL-AR750S, Embedded Wireless Dorin, Pirelli A226M-FWB+  * **ramips:** fix USB detection on [[toh:start?dataflt%5BSubtarget*~%5D=rt305x&dataflt%5BTarget_target*~%5D=ramips|all rt305x devices]] 
 +  * **Various fixes** for ZyXEL Keenetic, ZyXEL NBG6616, TP-Link Archer C60 v1/v2, GL.iNet GL-AR750S, Embedded Wireless Dorin, Pirelli A226M-FWB, Arduino Yun
  
 ==== Core components update ==== ==== Core components update ====
  
-  * **Linux kernel** updated from 4.9.214 to **4.9.229** and from 4.14.171 to **4.14.187** +  * **Linux kernel** updated from 4.9.214 to **4.9.243** and from 4.14.171 to **4.14.206** 
-  * **mbedtls** updated from 2.16.4 to **2.16.6**+  * **mbedtls** updated from 2.16.4 to **2.16.8**
   * **wireguard** updated from 0.0.20190601 to **1.0.20200611**   * **wireguard** updated from 0.0.20190601 to **1.0.20200611**
  
  • Last modified: 2020/12/09 22:10
  • by zorun