OpenWrt v19.07.5 Changelog

This changelog lists all commits done in OpenWrt since the v19.07.4 tag, grouped by subsystem. The changes are chronologically ordered from top to bottom and cover the Git repository history until the tagging of the 19.07.5 release.

See also the release notes that provide a more accessible overview of the main changes in 19.07.5.

8910229 scripts: getver.sh: fix version based on stable branch (+1,-1)
39c5635 scripts: download.pl: retry download using filename (+6,-2)
77734ce cmake.mk: set C/CXX compiler for host builds as well (+2)
5abe989 cmake.mk,rules.mk: fix host builds using CMake and ccache (+17,-2)
605adb1 download: handle possibly invalid local tarballs (+22)
a47caac download.pl: properly cleanup intermediate .hash file (+1,-1)
d830403 toolchain: kernel-headers: kernel Git tree mirror hash (+6)

2a3dbde feeds: add freifunk feed (+1)

5090152 tools: always create $STAGING_DIR/usr/{include,lib} (+1,-1)

733a482 musl: handle wcsnrtombs destination buffer overflow (CVE-2020-28928) (+66,-1)
8c2bb1d toolchain: kernel-headers: fix check target for kernel Git tree (+9,-2)
d830403 toolchain: kernel-headers: kernel Git tree mirror hash (+6)

d82e6a2 kernel: Update to version 4.14.199 (+203,-203)
9c718b5 kernel: bump 4.14 to 4.14.200 (+48,-48)
7dd8229 kernel: bump 4.14 to 4.14.201 (+21,-21)
14903d9 kernel: bump 4.14 to 4.14.202 (+3,-3)
ac52973 kernel: bump 4.14 to 4.14.206 (+54,-49)
c9c7b4b kernel: add netfilter-actual-sk patch (+234)
b4698d8 kernel: mtd: parser: cmdline: Fix parsing of part-names with colons (+63)
c72b7a4 kernel: bump 4.14 to 4.14.209 (+39,-59)
f1525e7 kernel: backport GD25Q256 support from 4.15 (+134,-52)

3af9c5f uboot-envtools: mvebu: fix config for mainline u-boot (+8,-1)
f61e053 uboot-envtools: mvebu: update uci defaults for Turris Omnia (+6,-2)

86b4402 comgt: fix hotplug event handling (+5,-5)
8076fb5 openssl: bump to 1.1.1h (+5,-5)
6703abb tcpdump: patch CVE-2020-8037 (+48,-1)
c420f77 wireguard-tools: fix category/description in menuconfig (+11,-2)

95d60bf firmware: amd64-microcode: update to 20191218 (+2,-2)
03a0297 firmware: intel-microcode: update to 20200616 (+2,-2)

dda5e3d firewall: options: fix parsing of boolean attributes (+39,-1)

78c4c04 uci: Backport security fixes (+156,-1)
a448ad7 uhttpd: update to 19.07 Git HEAD (+3,-3)
⇒ 3abcc89 client: fix spurious keepalive connection timeouts (+5,-1)

d82e6a2 kernel: Update to version 4.14.199 (+203,-203)
9c718b5 kernel: bump 4.14 to 4.14.200 (+48,-48)
193adc9 ar71xx,ath79: refresh 910-unaligned_access_hacks.patch (+2,-2)

d82e6a2 kernel: Update to version 4.14.199 (+203,-203)
f4286d7 ath79: fix rssi-low LED for My Net Range Extender (+1,-1)
b21bea7 ath79: ar8216: make switch register access atomic (+59)
9c718b5 kernel: bump 4.14 to 4.14.200 (+48,-48)
c25e327 ath79: fix LED labels for PowerCloud CAP324 (+6,-3)
ad3c2b9 ath79: use correct firmware name for UniFi AP (+2,-4)
589c3cf ath79: remove wmac mtd-mac-address for UniFi AC family (+1,-1)
ac52973 kernel: bump 4.14 to 4.14.206 (+54,-49)
193adc9 ar71xx,ath79: refresh 910-unaligned_access_hacks.patch (+2,-2)

f1525e7 kernel: backport GD25Q256 support from 4.15 (+134,-52)

d82e6a2 kernel: Update to version 4.14.199 (+203,-203)
9c718b5 kernel: bump 4.14 to 4.14.200 (+48,-48)
7dd8229 kernel: bump 4.14 to 4.14.201 (+21,-21)
ac52973 kernel: bump 4.14 to 4.14.206 (+54,-49)

d82e6a2 kernel: Update to version 4.14.199 (+203,-203)
c72b7a4 kernel: bump 4.14 to 4.14.209 (+39,-59)

d82e6a2 kernel: Update to version 4.14.199 (+203,-203)

ac52973 kernel: bump 4.14 to 4.14.206 (+54,-49)

7dd8229 kernel: bump 4.14 to 4.14.201 (+21,-21)
0ce0d68 ipq40xx: disable double-tagging for PSGMII devices (-128)
f1525e7 kernel: backport GD25Q256 support from 4.15 (+134,-52)

ac52973 kernel: bump 4.14 to 4.14.206 (+54,-49)
f1525e7 kernel: backport GD25Q256 support from 4.15 (+134,-52)

d82e6a2 kernel: Update to version 4.14.199 (+203,-203)

d82e6a2 kernel: Update to version 4.14.199 (+203,-203)
9c718b5 kernel: bump 4.14 to 4.14.200 (+48,-48)
7dd8229 kernel: bump 4.14 to 4.14.201 (+21,-21)
ac52973 kernel: bump 4.14 to 4.14.206 (+54,-49)
2a8279c layerscape: Fix check after kernel update (+7,-2)
c72b7a4 kernel: bump 4.14 to 4.14.209 (+39,-59)
f1525e7 kernel: backport GD25Q256 support from 4.15 (+134,-52)

9c718b5 kernel: bump 4.14 to 4.14.200 (+48,-48)
ac52973 kernel: bump 4.14 to 4.14.206 (+54,-49)

ac52973 kernel: bump 4.14 to 4.14.206 (+54,-49)

7fbee0c mvebu: Add bootscript for espressobin to support mainline firmware (+38)
ac52973 kernel: bump 4.14 to 4.14.206 (+54,-49)
ca1ee39 mvebu: Add turris-omnia.bootscript (+19,-1)
f10332c mvebu: base-files: Update Turris Omnia U-Boot environment (-9)
ebe8cc2 mvebu: fixup Turris Omnia U-Boot environment (+44)

ac52973 kernel: bump 4.14 to 4.14.206 (+54,-49)

d82e6a2 kernel: Update to version 4.14.199 (+203,-203)
9c718b5 kernel: bump 4.14 to 4.14.200 (+48,-48)
aee081e oxnas: fix qc_prep return in sata driver after kernel 4.14.200 (+3,-1)
ac52973 kernel: bump 4.14 to 4.14.206 (+54,-49)

f1525e7 kernel: backport GD25Q256 support from 4.15 (+134,-52)

34a9652 Revert "ramips: ethernet: fix to interrupt handling" (+6,-5)
9c718b5 kernel: bump 4.14 to 4.14.200 (+48,-48)
84ae238 ramips: fix logic level for DIR-645 buttons (+2,-2)
f1525e7 kernel: backport GD25Q256 support from 4.15 (+134,-52)

ac52973 kernel: bump 4.14 to 4.14.206 (+54,-49)

7dd8229 kernel: bump 4.14 to 4.14.201 (+21,-21)

6696fdd mac80211: do not allow bigger VHT MPDUs than the hardware supports (+34)

Description: ath79 - eth0 Spasmodic Link Speed After Driver Changes? - 841NDv9
Link: https://bugs.openwrt.org/index.php?do=details&task_id=2216
Commits:
b21bea7 ath79: ar8216: make switch register access atomic (+59)

Description: GL-AR300M: Frequent WAN (eth1) link down / link up
Link: https://bugs.openwrt.org/index.php?do=details&task_id=3226
Commits:
b21bea7 ath79: ar8216: make switch register access atomic (+59)

Description: firewall3 parses boolean options as false
Link: https://bugs.openwrt.org/index.php?do=details&task_id=3284
Commits:
dda5e3d firewall: options: fix parsing of boolean attributes (+39,-1)

Description: packet loss on miwifi-mini @ 19.07.4
Link: https://bugs.openwrt.org/index.php?do=details&task_id=3332
Commits:
34a9652 Revert "ramips: ethernet: fix to interrupt handling" (+6,-5)

Description: 3g usb modems completely broken on 19.07, patch available on master branch
Link: https://bugs.openwrt.org/index.php?do=details&task_id=3351
Commits:
86b4402 comgt: fix hotplug event handling (+5,-5)

Description: uhttpd keep alive issues with httpd POST data in 19.07.4
Link: https://bugs.openwrt.org/index.php?do=details&task_id=3443
Commits:
a448ad7 uhttpd: update to 19.07 Git HEAD (+3,-3)
⇒ 3abcc89 client: fix spurious keepalive connection timeouts (+5,-1)

Description: Insufficient access control in protected memory subsystem for Intel(R) SGX for 6th, 7th, 8th, 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5, v6 Families; Intel(R) Xeon(R) E-2100 & E-2200 Processor Families with Intel(R) Processor Graphics may allow a privileged user to potentially enable information disclosure via local access.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0117
Commits:
03a0297 firmware: intel-microcode: update to 20200616 (+2,-2)

Description: TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11135
Commits:
03a0297 firmware: intel-microcode: update to 20200616 (+2,-2)

Description: Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11139
Commits:
03a0297 firmware: intel-microcode: update to 20200616 (+2,-2)

Description: Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0543
Commits:
03a0297 firmware: intel-microcode: update to 20200616 (+2,-2)

Description: Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0548
Commits:
03a0297 firmware: intel-microcode: update to 20200616 (+2,-2)

Description: Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0549
Commits:
03a0297 firmware: intel-microcode: update to 20200616 (+2,-2)

Description: The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8037
Commits:
6703abb tcpdump: patch CVE-2020-8037 (+48,-1)

Description: A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14386
Commits:
7dd8229 kernel: bump 4.14 to 4.14.201 (+21,-21)

Description: A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25656
Commits:
ac52973 kernel: bump 4.14 to 4.14.206 (+54,-49)

Description: In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928
Commits:
733a482 musl: handle wcsnrtombs destination buffer overflow (CVE-2020-28928) (+66,-1)