OpenWrt v19.07.5 Changelog
This changelog lists all commits done in OpenWrt since the v19.07.4 tag, grouped by subsystem. The changes are chronologically ordered from top to bottom and cover the Git repository history until the tagging of the 19.07.5 release.
See also the release notes that provide a more accessible overview of the main changes in 19.07.5.
Build System / Buildroot (7 changes)
8910229
scripts: getver.sh: fix version based on stable branch (+1,-1)
39c5635
scripts: download.pl: retry download using filename (+6,-2)
77734ce
cmake.mk: set C/CXX compiler for host builds as well (+2)
5abe989
cmake.mk,rules.mk: fix host builds using CMake and ccache (+17,-2)
605adb1
download: handle possibly invalid local tarballs (+22)
a47caac
download.pl: properly cleanup intermediate .hash file (+1,-1)
d830403
toolchain: kernel-headers: kernel Git tree mirror hash (+6)
Build System / Feeds (1 change)
2a3dbde
feeds: add freifunk feed (+1)
Build System / Host Utilities (1 change)
5090152
tools: always create $STAGING_DIR/usr/{include,lib} (+1,-1)
Build System / Toolchain (3 changes)
733a482
musl: handle wcsnrtombs destination buffer overflow (CVE-2020-28928) (+66,-1)
8c2bb1d
toolchain: kernel-headers: fix check target for kernel Git tree (+9,-2)
d830403
toolchain: kernel-headers: kernel Git tree mirror hash (+6)
Kernel (9 changes)
d82e6a2
kernel: Update to version 4.14.199 (+203,-203)
9c718b5
kernel: bump 4.14 to 4.14.200 (+48,-48)
7dd8229
kernel: bump 4.14 to 4.14.201 (+21,-21)
14903d9
kernel: bump 4.14 to 4.14.202 (+3,-3)
ac52973
kernel: bump 4.14 to 4.14.206 (+54,-49)
c9c7b4b
kernel: add netfilter-actual-sk patch (+234)
b4698d8
kernel: mtd: parser: cmdline: Fix parsing of part-names with colons (+63)
c72b7a4
kernel: bump 4.14 to 4.14.209 (+39,-59)
f1525e7
kernel: backport GD25Q256 support from 4.15 (+134,-52)
Packages / Boot Loaders (2 changes)
3af9c5f
uboot-envtools: mvebu: fix config for mainline u-boot (+8,-1)
f61e053
uboot-envtools: mvebu: update uci defaults for Turris Omnia (+6,-2)
Packages / Common (4 changes)
86b4402
comgt: fix hotplug event handling (+5,-5)
8076fb5
openssl: bump to 1.1.1h (+5,-5)
6703abb
tcpdump: patch CVE-2020-8037 (+48,-1)
c420f77
wireguard-tools: fix category/description in menuconfig (+11,-2)
Packages / Firmware (2 changes)
95d60bf
firmware: amd64-microcode: update to 20191218 (+2,-2)
03a0297
firmware: intel-microcode: update to 20200616 (+2,-2)
Packages / OpenWrt network userland (1 change)
dda5e3d
firewall: options: fix parsing of boolean attributes (+39,-1)
Packages / OpenWrt system userland (2 changes)
78c4c04
uci: Backport security fixes (+156,-1)
a448ad7
uhttpd: update to 19.07 Git HEAD (+3,-3)
⇒ 3abcc89
client: fix spurious keepalive connection timeouts (+5,-1)
Target / ar71xx (3 changes)
d82e6a2
kernel: Update to version 4.14.199 (+203,-203)
9c718b5
kernel: bump 4.14 to 4.14.200 (+48,-48)
193adc9
ar71xx,ath79: refresh 910-unaligned_access_hacks.patch (+2,-2)
Target / ath79 (9 changes)
d82e6a2
kernel: Update to version 4.14.199 (+203,-203)
f4286d7
ath79: fix rssi-low LED for My Net Range Extender (+1,-1)
b21bea7
ath79: ar8216: make switch register access atomic (+59)
9c718b5
kernel: bump 4.14 to 4.14.200 (+48,-48)
c25e327
ath79: fix LED labels for PowerCloud CAP324 (+6,-3)
ad3c2b9
ath79: use correct firmware name for UniFi AP (+2,-4)
589c3cf
ath79: remove wmac mtd-mac-address for UniFi AC family (+1,-1)
ac52973
kernel: bump 4.14 to 4.14.206 (+54,-49)
193adc9
ar71xx,ath79: refresh 910-unaligned_access_hacks.patch (+2,-2)
Target / bcm53xx (1 change)
f1525e7
kernel: backport GD25Q256 support from 4.15 (+134,-52)
Target / brcm2708 (4 changes)
d82e6a2
kernel: Update to version 4.14.199 (+203,-203)
9c718b5
kernel: bump 4.14 to 4.14.200 (+48,-48)
7dd8229
kernel: bump 4.14 to 4.14.201 (+21,-21)
ac52973
kernel: bump 4.14 to 4.14.206 (+54,-49)
Target / brcm47xx (2 changes)
d82e6a2
kernel: Update to version 4.14.199 (+203,-203)
c72b7a4
kernel: bump 4.14 to 4.14.209 (+39,-59)
Target / brcm63xx (1 change)
d82e6a2
kernel: Update to version 4.14.199 (+203,-203)
Target / cns3xxx (1 change)
ac52973
kernel: bump 4.14 to 4.14.206 (+54,-49)
Target / ipq40xx (3 changes)
7dd8229
kernel: bump 4.14 to 4.14.201 (+21,-21)
0ce0d68
ipq40xx: disable double-tagging for PSGMII devices (-128)
f1525e7
kernel: backport GD25Q256 support from 4.15 (+134,-52)
Target / ipq806x (2 changes)
ac52973
kernel: bump 4.14 to 4.14.206 (+54,-49)
f1525e7
kernel: backport GD25Q256 support from 4.15 (+134,-52)
Target / lantiq (1 change)
d82e6a2
kernel: Update to version 4.14.199 (+203,-203)
Target / layerscape (7 changes)
d82e6a2
kernel: Update to version 4.14.199 (+203,-203)
9c718b5
kernel: bump 4.14 to 4.14.200 (+48,-48)
7dd8229
kernel: bump 4.14 to 4.14.201 (+21,-21)
ac52973
kernel: bump 4.14 to 4.14.206 (+54,-49)
2a8279c
layerscape: Fix check after kernel update (+7,-2)
c72b7a4
kernel: bump 4.14 to 4.14.209 (+39,-59)
f1525e7
kernel: backport GD25Q256 support from 4.15 (+134,-52)
Target / mediatek (2 changes)
Target / mpc85xx (1 change)
ac52973
kernel: bump 4.14 to 4.14.206 (+54,-49)
Target / mvebu (5 changes)
7fbee0c
mvebu: Add bootscript for espressobin to support mainline firmware (+38)
ac52973
kernel: bump 4.14 to 4.14.206 (+54,-49)
ca1ee39
mvebu: Add turris-omnia.bootscript (+19,-1)
f10332c
mvebu: base-files: Update Turris Omnia U-Boot environment (-9)
ebe8cc2
mvebu: fixup Turris Omnia U-Boot environment (+44)
Target / octeon (1 change)
ac52973
kernel: bump 4.14 to 4.14.206 (+54,-49)
Target / oxnas (4 changes)
d82e6a2
kernel: Update to version 4.14.199 (+203,-203)
9c718b5
kernel: bump 4.14 to 4.14.200 (+48,-48)
aee081e
oxnas: fix qc_prep return in sata driver after kernel 4.14.200 (+3,-1)
ac52973
kernel: bump 4.14 to 4.14.206 (+54,-49)
Target / pistachio (1 change)
f1525e7
kernel: backport GD25Q256 support from 4.15 (+134,-52)
Target / ramips (4 changes)
34a9652
Revert "ramips: ethernet: fix to interrupt handling" (+6,-5)
9c718b5
kernel: bump 4.14 to 4.14.200 (+48,-48)
84ae238
ramips: fix logic level for DIR-645 buttons (+2,-2)
f1525e7
kernel: backport GD25Q256 support from 4.15 (+134,-52)
Target / rb532 (1 change)
ac52973
kernel: bump 4.14 to 4.14.206 (+54,-49)
Target / uml (1 change)
7dd8229
kernel: bump 4.14 to 4.14.201 (+21,-21)
Wireless / Common (1 change)
6696fdd
mac80211: do not allow bigger VHT MPDUs than the hardware supports (+34)
Addressed bugs
#2216
Description: ath79 - eth0 Spasmodic Link Speed After Driver Changes? - 841NDv9
Link: https://bugs.openwrt.org/index.php?do=details&task_id=2216
Commits:
b21bea7
ath79: ar8216: make switch register access atomic (+59)
#3226
Description: GL-AR300M: Frequent WAN (eth1) link down / link up
Link: https://bugs.openwrt.org/index.php?do=details&task_id=3226
Commits:
b21bea7
ath79: ar8216: make switch register access atomic (+59)
#3284
Description: firewall3 parses boolean options as false
Link: https://bugs.openwrt.org/index.php?do=details&task_id=3284
Commits:
dda5e3d
firewall: options: fix parsing of boolean attributes (+39,-1)
#3332
Description: packet loss on miwifi-mini @ 19.07.4
Link: https://bugs.openwrt.org/index.php?do=details&task_id=3332
Commits:
34a9652
Revert "ramips: ethernet: fix to interrupt handling" (+6,-5)
#3351
Description: 3g usb modems completely broken on 19.07, patch available on master branch
Link: https://bugs.openwrt.org/index.php?do=details&task_id=3351
Commits:
86b4402
comgt: fix hotplug event handling (+5,-5)
#3443
Description: uhttpd keep alive issues with httpd POST data in 19.07.4
Link: https://bugs.openwrt.org/index.php?do=details&task_id=3443
Commits:
a448ad7
uhttpd: update to 19.07 Git HEAD (+3,-3)
⇒ 3abcc89
client: fix spurious keepalive connection timeouts (+5,-1)
Security fixes
CVE-2019-0117
Description: Insufficient access control in protected memory subsystem for Intel(R) SGX for 6th, 7th, 8th, 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5, v6 Families; Intel(R) Xeon(R) E-2100 & E-2200 Processor Families with Intel(R) Processor Graphics may allow a privileged user to potentially enable information disclosure via local access.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0117
Commits:
03a0297
firmware: intel-microcode: update to 20200616 (+2,-2)
CVE-2019-11135
Description: TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11135
Commits:
03a0297
firmware: intel-microcode: update to 20200616 (+2,-2)
CVE-2019-11139
Description: Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11139
Commits:
03a0297
firmware: intel-microcode: update to 20200616 (+2,-2)
CVE-2020-0543
Description: Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0543
Commits:
03a0297
firmware: intel-microcode: update to 20200616 (+2,-2)
CVE-2020-0548
Description: Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0548
Commits:
03a0297
firmware: intel-microcode: update to 20200616 (+2,-2)
CVE-2020-0549
Description: Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0549
Commits:
03a0297
firmware: intel-microcode: update to 20200616 (+2,-2)
CVE-2020-8037
Description: The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8037
Commits:
6703abb
tcpdump: patch CVE-2020-8037 (+48,-1)
CVE-2020-14386
Description: A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14386
Commits:
7dd8229
kernel: bump 4.14 to 4.14.201 (+21,-21)
CVE-2020-25656
Description: A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25656
Commits:
ac52973
kernel: bump 4.14 to 4.14.206 (+54,-49)
CVE-2020-28928
Description: In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928
Commits:
733a482
musl: handle wcsnrtombs destination buffer overflow (CVE-2020-28928) (+66,-1)