OpenWrt v19.07.4 Changelog

This changelog lists all commits done in OpenWrt since the v19.07.3 tag, grouped by subsystem. The changes are chronologically ordered from top to bottom and cover the Git repository history until the tagging of the 19.07.4 release.

See also the release notes that provide a more accessible overview of the main changes in 19.07.4.

8a0362c build: create JSON files containing image info (+65,-1)
b7bac07 build: image: fix build breakage of some images (+1)
3572711 build: refactor JSON info files to `profiles.json` (+124,-54)
938839a scripts: JSON merge don't crash if no JSON found (-2)
e3618eb build: store default/device packages in JSON (+20,-2)
270711b build,json: store arch_packages in profiles.json (+5,-2)
78f57fb build,json: fix build failure in case no data is found (+16,-18)
9c0ad7f build: fix compatibility with python 3.6 (+4,-3)
b9a89bf build,json: fix compatibility with Python 3.5 (+1,-1)
dedf089 hostapd: add wpad-basic-wolfssl variant (+17,-1)
7db0985 scripts: Add Buildbot dump-target-info.pl script (+91)
350883b Revert "scripts/download: add sources CDN as first mirror" (-1)

059db41 squashfs: Fix compile with GCC 10 (+25)
fba22d8 tplink-safeloader: expand support list for TP-Link CPE210 v3 (+8,-1)
a225164 make-ext4fs: update to HEAD of 2017-05-29 - eebda1 (+3,-3)
bb9cf91 make_ext4fs: Remove off64_t in favor of standard off_t (+38,-62)
eebda1d make_ext4: Add strict prototypes. (+18,-18)
7d6e504 make_ext4fs: Update to version 2020-01-05 (+3,-14)
ec17045 make_ext4fs: fix build on musl systems (+1,-1)
5c201be Add LDFLAGS when building libsparse.a (+1,-1)
4af7873 tools/cmake: fix typo in parallel make patch (+2,-1)
fce5101 tplink-safeloader: update soft_ver for TP-Link Archer C6 v2 (EU) (+1,-1)
33973a9 tools/tplink-safeloader: use soft_ver 1.9.1 for archer c6 v2 (+1,-1)

3572711 build: refactor JSON info files to `profiles.json` (+124,-54)
3dbd74d imagebuilder: Remove json_info_files/ before build (+1)

83b714a musl: fix locking synchronization bug (+69)

7de43d6 generic: platform/mikrotik: disambiguate SPDX-License-Identifier (+3,-3)
a32b0ec generic: fix flow table hw offload (+18,-15)
f4985a2 kernel: Update kernel 4.14 to version 4.14.187 (+105,-183)
148d59c kernel: update kernel 4.14 to version 4.14.193 (+61,-139)
d8ecaef generic: platform/mikrotik: fix incorrect test (+1,-1)
a2a75c2 kernel: Update kernel 4.14 to version 4.14.195 (+104,-104)

e52f7cf uboot-envtools: ar71xx: add ZyXEL NBG6616 uboot env support (+1)

ab7e975 ucert: update to latest git HEAD (+3,-3)
5f206bc ci: enable unit testing (+1)
dddb2aa ci: fix unit test failures by enabling full ucert build (+1)
fdff108 stdout/stderr improvements (+5,-5)
afc86f3 Fix return code of write_file() (+2,-2)
854d93e Introduce read_file() helper, improve error reporting (+57,-40)
a9be4fb usign-exec: simplify usign execv calls (+3,-21)
38dcb1a usign-exec: fix exec error handling (+27,-25)
112488b usign-exec: do not close stdin and stderr before exec (+3,-5)
5a738e5 usign-exec: change usign_f_* fingerprint argument to char[17] (+7,-7)
7ec4bb7 usign-exec: remove redundant return statements (+17,-26)
077feb5 usign-exec: close writing end of pipe early in parent process (+2,-1)
19f9e19 usign-exec: return code fixes (+5,-4)
fe06b4b usign-exec: improve usign -F output handling (+15,-9)
96c42c5 Fix length checks in cert_load() (+19,-15)
00b921d Do not print line number in debug messages (+6,-6)
d8d1956 hostapd: backport wolfssl bignum fixes (+107,-1)
31de4a4 broadcom-wl: don't inherit lock descriptor in nas process (+5,-2)
1f5cbd6 ca-certificates: update to version 20200601 (+4,-4)
a2c556a libnetfilter-queue: fix package title and description (+3,-3)
820f465 wireguard: bump to 1.0.20200611 (+2,-2)
d46650d nghttp2: bump to 1.41.0 (+2,-2)
e894e1b vxlan: fix udp checksum control (+2)
2ca5a38 vxlan: bump and change to PKG_RELEASE (+1,-1)
8fbe450 curl: patch CVE-2020-8169 (+39,-1)
86727bd hostapd: improve TITLE for packages (+33,-25)
2788db3 hostapd: reorganize config selection hierarchy for WPA3 (+18,-16)
dedf089 hostapd: add wpad-basic-wolfssl variant (+17,-1)
e754e0a busybox: delete redundant patch (+1,-14)
19b8696 mbedtls: update to 2.16.7 (+27,-27)
0d35fcb mbedtls: update to 2.16.8 (+25,-25)
ad38a2a wolfssl: update to 4.4.0-stable (+2,-2)
dc61110 wolfssl: use -fomit-frame-pointer to fix asm error (+2,-2)
403039c wolfssl: Update to version 4.5.0 (+31,-4)
f5afa59 hostapd: Fix compile errors after wolfssl update (+10)

e4b47e1 ath10k-firmware: update Candela Tech firmware images (+20,-20)
4b8a5bd ath10k-firmware: update ath10k-ct firmware (+24,-24)
a43a39f ath10k-firmware: update ath10k-ct firmware images (+24,-24)
ddc2af4 ath10k-firmware: move CT firmwares to new package (+524,-446)
b720771 ath10k-ct-firmware: update firmware images (+25,-25)
ce6496d ath10k-ct-firmware: update firmware images (+21,-21)

8adbe26 base-files: remove urandom-seed definition (-9)

c963e42 qos-scripts: fix interface resolving (+14,-8)
0c910d8 uclient: Update to version 2020-06-17 (+3,-3)
fef6d3d uclient: Add string error function (+22)
af585db uclient-fetch: support specifying advertised TLS ciphers (+12)
c660986 uclient-fetch: add option to read POST data from file (+29,-2)
b547542 Revert "uclient: Update to version 2020-06-17" (+3,-3)
6520659 uclient: update to 19.07 Git HEAD (+3,-3)
99aebe3 uclient: Add string error function (+22)
51e16eb uclient-fetch: add option to read POST data from file (+29,-2)
afaa978 firewall: backport patch for mss clamping in both directions (+34,-1)

942262f usign: update to latest Git HEAD (+3,-3)
f34a383 main: fix some resource leaks (+10,-2)
97b522a usign: update to latest git HEAD (+3,-3)
f1f6502 Always pad fingerprints to 16 characters (+3,-3)
a4e8eca libubox: update to the latest master (+3,-3)
7c4ef0d tests: list: add test case for list_empty iterator (+54,-18)
1db3e7d libubox: runqueue fix comment in header (+2,-2)
89fb613 libubox: runqueue: fix use-after-free bug (+87,-31)
eeddf22 tests: runqueue: try to fix race on GitLab CI (+1,-1)
5e75160 blobmsg: fix attrs iteration in the blobmsg_check_array_len() (+6,-4)
9b48375 libubox: update to the latest version (+3,-3)
86818ea blob: make blob_parse_untrusted more permissive (+47,-1)
cf2e8eb tests: add fuzzer seed file for crash in blob_len (+6)
c2fc622 blobmsg: fix length in blobmsg_check_array (+1,-1)
639c29d blobmsg: simplify and fix name length checks in blobmsg_check_name (+4,-9)
66195ae blobmsg: fix missing length checks (+20,-46)
adf5d75 rpcd: update to latest Git HEAD (+4,-4)
efe51f4 iwinfo: add current hw and ht mode to info call (+44)
3df62bc session: deny access if password login is disabled (+1,-1)
078bb57 uci: reset uci_ptr flags when merging options during section add (+1)
92bd395 Revert "rpcd: update to latest Git HEAD" (+4,-4)
f99b1d1 rpcd: update to latest openwrt-19.07 Git HEAD (+4,-4)
970ce1a session: deny access if password login is disabled (+1,-1)
67c8a3f uci: reset uci_ptr flags when merging options during section add (+1)

f4985a2 kernel: Update kernel 4.14 to version 4.14.187 (+105,-183)
148d59c kernel: update kernel 4.14 to version 4.14.193 (+61,-139)
a2a75c2 kernel: Update kernel 4.14 to version 4.14.195 (+104,-104)

2bd1cf9 ar71xx: fix splitting firmware partition for TL-WR902AC v1 (+2)
9cafcbe ar71xx: correct button type for TL-MR3020 mode slider (+2,-2)
21454a7 ar71xx: fix reset key for TP-Link TL-WR802N V1/V2 (+2,-2)
f4985a2 kernel: Update kernel 4.14 to version 4.14.187 (+105,-183)
9cad700 kernel: fix nand_release() usage. (+12,-13)
673e794 ar71xx: Fix mikrotik NAND compile problem (+1,-1)
2d14da2 ar71xx: Fix mikrotik NAND compile problem (+1,-1)
f3c0eab Revert "ar71xx: fix Arduino Yun enabling of level shifters outputs" (+2,-2)
f17174e ar71xx: fix sysupgrade for Arduino Yun (+1,-1)
f6acabc ar71xx: enable ethernet LED of Arduino Yun (+1,-2)
de1693e ar71xx: restore support for boot console with arbitrary baud rates (+54)
8ad674e ar71xx: change u-boot-env to read-write for ZyXEL NBG6616 (+1,-1)
148d59c kernel: update kernel 4.14 to version 4.14.193 (+61,-139)
b3b7665 ar71xx: fix ZyXEL NBG6616 wifi switch (+2,-2)
a2a75c2 kernel: Update kernel 4.14 to version 4.14.195 (+104,-104)

73e0ea1 armvirt,x86: fix build breakage of crypto ccp module (+2)

24cfd96 ath79: add support for TP9343-based TP-Link TL-WR94x devices (+290)
d4092ea ath79: migrate TP-Link TL-MR3420v2 to ath79 (+226,-20)
7187826 ath79: reorganize DTSI for ar7240 TP-Link devices (+57,-46)
36d4140 ath79: add support for TP-Link TL-WA830RE v1 (+39)
8c6c488 ath79: add support for TP-Link TL-WR940N v6 (+52)
a6f70f2 ath79: add support for TP-Link TL-WA701ND/730RE/801ND/901ND v1 (+85,-1)
6a89098 ath79: add support for TP-Link TL-WA901ND v4 and v5 (+168,-69)
e36bdd5 ath79: fix LEDs for GL.inet GL-AR150 (+10,-12)
6488d2f ath79: update WA/XC devices UBNT_VERSION to 8.5.3 (+2,-2)
e752fc1 ath79: add support for TP-Link TL-WR802N V1 and V2 (+144,-2)
f7f15f8 ath79: wndr3700 series: fix wifi range & throughput (+40)
153392e ath79: add support for TP-Link TL-WA801ND v3/v4 (+166)
b40e6bc ath79: drop and consolidate redundant chosen/bootargs (+12,-190)
8293c8e ath79: do not build TP-Link tiny images by default (+2)
f4985a2 kernel: Update kernel 4.14 to version 4.14.187 (+105,-183)
a2c9fc9 ath79: correctly define WiFi switch for TL-WR841ND v8 (+1)
1b3aca9 ath79: restore support for boot console with arbitrary baud rates (+54)
148d59c kernel: update kernel 4.14 to version 4.14.193 (+61,-139)
fba9a88 ath79: add LAN LEDs control bits for AR724x GPIO function pinmux (+9,-1)
5d3e5d6 ath79: WNR612v2: improve device support (+18,-10)
be09fdb ath79: ar724x: make sure builtin-switch is enabled in DT (+8,-12)
3df63fb ath79: fix syntax error in ar7240_tplink_tl-wa.dtsi (+1,-1)
008db6b ath79: enable gpio on ar933x by default (-46)
8b0278a ath79: add support for TP-Link TL-WR710N v2.1 (+152,-118)

f4985a2 kernel: Update kernel 4.14 to version 4.14.187 (+105,-183)
9cad700 kernel: fix nand_release() usage. (+12,-13)
148d59c kernel: update kernel 4.14 to version 4.14.193 (+61,-139)
a2a75c2 kernel: Update kernel 4.14 to version 4.14.195 (+104,-104)

bc0c2db brcm47xx: disable Netgear WNR2000 v2 by default (+1)
7022f1e bcm47xx: fix switch setup for Linksys WRT610N v2 (+1)

6c96ecf bcm63xx: refresh kernel config (+3,-1)
a2a3ac9 bcm63xx: bcm6362: fix pinctrl bug (+11)
b2c9f82 bcm63xx: redboot: fix warning (+1,-1)
65f2fae bcm63xx: periph_intc: fix warning (+20)
1d40c8a bcm63xx: ext_intc: fix warning (+28)
d1ce736 bcm63xx: periph_intc: report effective affinity (+20)
af667c7 bcm63xx: mask interrupts on init (+12)
18cf238 bcm63xx: a226m-fwb: fix linux partition offset (+4,-4)
9c58f5d bcm63xx: DGND3700v1: fix port order (+4,-4)

f4985a2 kernel: Update kernel 4.14 to version 4.14.187 (+105,-183)
a2a75c2 kernel: Update kernel 4.14 to version 4.14.195 (+104,-104)

b515edb ipq40xx: essedma: Disable TCP segmentation offload for IPv6 (+46)
f4985a2 kernel: Update kernel 4.14 to version 4.14.187 (+105,-183)
8c19171 ipq40xx: fix ethernet vlan double tagging (+193)
148d59c kernel: update kernel 4.14 to version 4.14.193 (+61,-139)
a2a75c2 kernel: Update kernel 4.14 to version 4.14.195 (+104,-104)

fb79e5d ipq806x: EA8500 fix boot partition detection (-2)

8ea6be1 kirkwood: support for button in Pogoplug V4 (+1,-1)

f4985a2 kernel: Update kernel 4.14 to version 4.14.187 (+105,-183)
de75d6e lantiq: dts: Move the &usb_vbus nodes out of &gpio (+48,-48)
284cd7d lantiq/xrx200: make WLAN button responsive on Fritzbox 3370 (+1,-1)
4a9d632 lantiq/xrx200: fix WLAN button actions for Fritzbox 3370 (+1,-1)
a785aed lantiq/xrx200: make WLAN button responsive on Fritzbox 7360 & 7362 (+1,-1)

f4985a2 kernel: Update kernel 4.14 to version 4.14.187 (+105,-183)
148d59c kernel: update kernel 4.14 to version 4.14.193 (+61,-139)
a2a75c2 kernel: Update kernel 4.14 to version 4.14.195 (+104,-104)

670eeb7 mediatek: fix IPv4-only corner case and commit in 99-net-ps (+4,-1)
f4985a2 kernel: Update kernel 4.14 to version 4.14.187 (+105,-183)
2147c33 mediatek: mt7623: add explicit console= to U7623 kernel (+1,-1)
bf58bfb mediatek: mt7623: fix sysupgrade from vendor OpenWrt on UniElec U7623 (+19,-6)
148d59c kernel: update kernel 4.14 to version 4.14.193 (+61,-139)
a2a75c2 kernel: Update kernel 4.14 to version 4.14.195 (+104,-104)

6b04221 mvebu: fix default EU regdomain for Linksys WRT AC devices (+1,-1)
f4985a2 kernel: Update kernel 4.14 to version 4.14.187 (+105,-183)
9d2dea8 mvebu: fix LAN/WAN port assignment on ClearFog Base/Pro (+6,-6)

fa72f26 oxnas: build with 8021Q VLAN support (-1)
f4985a2 kernel: Update kernel 4.14 to version 4.14.187 (+105,-183)
5a1e4a7 oxnas: reduce size of ATA DMA descriptor space (+1,-1)

f4985a2 kernel: Update kernel 4.14 to version 4.14.187 (+105,-183)

8415457 ramips: drop non-existant ralink,port-map for Ravpower WD03 (-1)
498f1f4 ramips: gsw_mt7621: disable PORT 5 MAC RX/TX flow control by default (+3,-9)
ebefdf6 ramips: increase SPI frequency for ELECOM WRC-GST devices (+1,-1)
f4985a2 kernel: Update kernel 4.14 to version 4.14.187 (+105,-183)
9cad700 kernel: fix nand_release() usage. (+12,-13)
06c6a3d ramips: remove patches for USB-dwc2 (-29)
2f756b3 ramips: add kmod-usb-dwc2 to ZyXEL Keenetic image (+2,-1)
a81c459 ramips: disable unused phy ports of WizFi630S (+1)
4212b6a ramips: remove doublet entry in WizFi630S dts file (-4)
d1985a1 ramips: enable flashing WizFi630S via OEM firmware (+1)
d40ce8b ramips: correct WizFi630S pin mappings (+8,-27)
148d59c kernel: update kernel 4.14 to version 4.14.193 (+61,-139)
5af8da3 ramips: fix Xiaomi MiWiFi Mini switch definition (+6,-6)
7ac4540 ramips: ethernet: fix to interrupt handling (+5,-6)

9cad700 kernel: fix nand_release() usage. (+12,-13)

f4985a2 kernel: Update kernel 4.14 to version 4.14.187 (+105,-183)
73e0ea1 armvirt,x86: fix build breakage of crypto ccp module (+2)
cdd9f19 x86: Add CONFIG_EFI_CUSTOM_SSDT_OVERLAYS (+1)

73fecd3 mac80211: fix use of local variable (+1,-1)
d6b158b mac80211: Update to 4.19.137-1 (+64,-64)
72878e3 mac80211: Fix build on mpc85xx target (+34,-1)
2d7ea69 mac80211: Fix potential endless loop (+31)

#1634

Description: dwc2 on arv7518pw doesn't work (cannot be initialized)
Link: https://bugs.openwrt.org/index.php?do=details&task_id=1634
Commits:
de75d6e lantiq: dts: Move the &usb_vbus nodes out of &gpio (+48,-48)

#1869

Description: WRT610N V2 is not detected by the initial network configuration script
Link: https://bugs.openwrt.org/index.php?do=details&task_id=1869
Commits:
7022f1e bcm47xx: fix switch setup for Linksys WRT610N v2 (+1)

#2632

Description: Incomplete HNAPT FoE entries, HW flow offloading not working
Link: https://bugs.openwrt.org/index.php?do=details&task_id=2632
Commits:
a32b0ec generic: fix flow table hw offload (+18,-15)

#2733

Description: Ath79 firmware accident enter to failsafe mode when reboot/reflash router.
Link: https://bugs.openwrt.org/index.php?do=details&task_id=2733
Commits:
a2c9fc9 ath79: correctly define WiFi switch for TL-WR841ND v8 (+1)

#2738

Description: [ramips] dwc2 no longer sees device with 0032-USB-dwc2-add-device_reset.patch
Link: https://bugs.openwrt.org/index.php?do=details&task_id=2738
Commits:
06c6a3d ramips: remove patches for USB-dwc2 (-29)

#2762

Description: libubox: blob_parse_untrusted() / blob_parse() incompatible with its use by ucert
Link: https://bugs.openwrt.org/index.php?do=details&task_id=2762
Commits:
86818ea blob: make blob_parse_untrusted more permissive (+47,-1)

#2887

Description: ath79 port for TP-Link TL-WA830RE v1 doesn't detect LAN connectivity
Link: https://bugs.openwrt.org/index.php?do=details&task_id=2887
Commits:
be09fdb ath79: ar724x: make sure builtin-switch is enabled in DT (+8,-12)

#2964

Description: ZyXEL Keenetic - USB port is not working in v18.06.2 and later
Link: https://bugs.openwrt.org/index.php?do=details&task_id=2964
Commits:
06c6a3d ramips: remove patches for USB-dwc2 (-29)

#3016

Description: libubox: read of freed memory in runqueue_task_kill()
Link: https://bugs.openwrt.org/index.php?do=details&task_id=3016
Commits:
89fb613 libubox: runqueue: fix use-after-free bug (+87,-31)

#3088

Description: Decreased WiFi range switching from ar71xx to ath79 on WNDR3700
Link: https://bugs.openwrt.org/index.php?do=details&task_id=3088
Commits:
f7f15f8 ath79: wndr3700 series: fix wifi range & throughput (+40)

#3104

Description: tools/squashfs does not compile on gcc 10
Link: https://bugs.openwrt.org/index.php?do=details&task_id=3104
Commits:
059db41 squashfs: Fix compile with GCC 10 (+25)

#3118

Description: Failed sysupgrades on TL-WR902ACv1 all 19.07.x stable releases - suspected sysupgrade image issue
Link: https://bugs.openwrt.org/index.php?do=details&task_id=3118
Commits:
2bd1cf9 ar71xx: fix splitting firmware partition for TL-WR902AC v1 (+2)

#3119

Description: Can not build 19.07
Link: https://bugs.openwrt.org/index.php?do=details&task_id=3119
Commits:
059db41 squashfs: Fix compile with GCC 10 (+25)

CVE-2020-8169

Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169
Commits:
8fbe450 curl: patch CVE-2020-8169 (+39,-1)

CVE-2020-10757

Description: A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10757
Commits:
f4985a2 kernel: Update kernel 4.14 to version 4.14.187 (+105,-183)

CVE-2020-11080

Description: In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again. The attack causes the CPU to spike at 100%. nghttp2 v1.41.0 fixes this vulnerability. There is a workaround to this vulnerability. Implement nghttp2_on_frame_recv_callback callback, and if received frame is SETTINGS frame and the number of settings entries are large (e.g., > 32), then drop the connection.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11080
Commits:
d46650d nghttp2: bump to 1.41.0 (+2,-2)

CVE-2020-12457

Description: An issue was discovered in wolfSSL before 4.5.0. It mishandles the change_cipher_spec (CCS) message processing logic for TLS 1.3. If an attacker sends ChangeCipherSpec messages in a crafted way involving more than one in a row, the server becomes stuck in the ProcessReply() loop, i.e., a denial of service.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12457
Commits:
403039c wolfssl: Update to version 4.5.0 (+31,-4)

CVE-2020-15309

Description: An issue was discovered in wolfSSL before 4.5.0, when single precision is not employed. Local attackers can conduct a cache-timing attack against public key operations. These attackers may already have obtained sensitive information if the affected system has been used for private key operations (e.g., signing with a private key).

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15309
Commits:
403039c wolfssl: Update to version 4.5.0 (+31,-4)

This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.More information about cookies
  • Last modified: 2020/09/07 18:56
  • by hauke