OpenWrt v22.03.2 Changelog

This changelog lists all commits done in OpenWrt since the v22.03.1 tag, grouped by subsystem. The changes are chronologically ordered from top to bottom and cover the Git repository history until the tagging of the 22.03.2 release.

See also the release notes that provide a more accessible overview of the main changes in 22.03.2.

Build System / Buildroot (2 changes)

2050bc4 ramips: add support for ZyXEL NWA50AX / NWA55AXE (+678,-2)
a7fb589 image: always rebuild kernel loaders (+1,-1)

Kernel (8 changes)

a2ce325 kernel: split up mtk_bmt driver code (+857,-806)
0c21f06 kernel: mtk_bmt: allow get_mapping_block to return an error (+25,-8)
a78fd5b kernel: mtk_bmt: fix block copying on remap with bmt v2 (+6,-6)
737ee93 kernel: mtk_bmt: on error, do not attempt to remap out-of-range blocks (+24,-15)
bb5d415 kernel: add support for mediatek NMBM flash mapping support (+2.4K,-4)
42c8610 kernel: mtk_bmt: add debugfs file to attempt repair of remapped sectors (+26,-1)
329b154 kernel: mtk_bmt: skip bitflip check if threshold isn't set (+1,-1)
fb31038 kernel: mtdsplit: support UBI after FIT images (+7,-2)

Packages / Common (4 changes)

bc8e24c busybox: nslookup: ensure unique transaction IDs for the DNS queries (+42)
2050bc4 ramips: add support for ZyXEL NWA50AX / NWA55AXE (+678,-2)
30de1b5 ucode: update to latest Git HEAD (+3,-3)
c1f7b3b lib: remove fixed capture group limit in match() and regex replace() (+57,-55)
0ba9c3e fs: add optional third permission argument to fs.open() (+59,-4)
5cdddd3 lib: add limit support to split() and replace() (+86,-9)
8e240fa ubus: allow object method call handlers to return a numeric status code (+10,-1)
01c412c ubus: add toplevel constants for ubus status codes (+29)
cc4eb79 ubus: support obtaining numeric error code (+17,-9)
e23b58a lib: uc_system(): retry waitpid() on EINTR (+4,-1)
a58fe47 ubus: hold reference to underlying connection until deferred is concluded (+7,-6)
f4b4ded uloop: task: gracefully handle absent output callback (+14,-9)
d64d5d6 vm: maintain export symbol tables per program (+163,-17)
a45f2a3 lexer: improve regex literal handling (+183,-87)
7bbba78 compiler: optimize function return opcode generation (+79,-33)
76d396d main: implement print mode (+26,-7)
00965fa lib: implement slice() function (+199,-44)
4ae7072 fs: use `getline()` for line wise read operations (+5,-18)
9a599fe firewall4: update to latest Git HEAD (+3,-3)
ce050a8 fw4: fall back to device if l3_device is not available in ifstatus (+2,-2)
145e159 fw4: recognize `option log` and `option counter` in `config nat` sections (+3)
b0a6bff tests: fix testcases (+12,-12)
592ba45 main.uc: remove uneeded/wrong set reload restrictions (-3)
43d8ef5 fw4: fix formatting of default log prefix (+243,-2)
3db4741 ruleset: properly handle zone names starting with a digit (+2,-2)
756f1e2 ruleset: fix emitting set_mark/set_xmark rules with masks (+188,-4)
c7201a3 main.uc: reintroduce set reload restriction (+6,-1)
4fbf6d7 ruleset.uc: log forwarded traffic not matched by zone policies (+3)

Packages / OpenWrt system userland (1 change)

fa4ec03 rpcd: update to latest Git HEAD (+3,-3)
0d02243 ucode: initialize module search path early (+4,-1)
e80d0b2 ucode: pass-through `ubus_rpc_session` argument (+6,-1)
8c852b6 ucode: write ucode runtime exceptions to stderr (+18)

Target / mpc85xx (2 changes)

f7a43e4 mpc85xx: add SPI kernel loader for TP-Link TL-WDR4900 v1 (+1.4K)
5db6914 mpc85xx: p1010: make TP-Link WDR4900 v1 build again (+17,-3)

Target / ramips (7 changes)

07ea71c ramips: move mt7621_nand driver to files (+1.4K,-1.4K)
1918404 ramips: mt7621_nand: reduce log verbosity (+1,-1)
cc83264 ramips: mt7621_nand: initialize ECC_FDMADDR (+4)
33457eb ramips: enable support for mtk_bmt in the nand flash driver (+5)
b6487c3 ramips: skip bbt scan on mt7621 (+1,-1)
2050bc4 ramips: add support for ZyXEL NWA50AX / NWA55AXE (+678,-2)
c1fcca5 ramips: fix ZyXEL NWA55AXE model name (+1,-1)

Wireless / Common (2 changes)

a077c6d mac80211: merge upstream fixes (+179)
f1de43d mac80211: backport security fixes (+2.1K,-1)

Addressed bugs

#10639

Description: firewall4 may omit all of the jumps to the *_wan chains
Link: https://github.com/openwrt/openwrt/issues/10639
Commits:
9a599fe firewall4: update to latest Git HEAD (+3,-3)
ce050a8 fw4: fall back to device if l3_device is not available in ifstatus (+2,-2)
145e159 fw4: recognize `option log` and `option counter` in `config nat` sections (+3)
b0a6bff tests: fix testcases (+12,-12)
592ba45 main.uc: remove uneeded/wrong set reload restrictions (-3)
43d8ef5 fw4: fix formatting of default log prefix (+243,-2)
3db4741 ruleset: properly handle zone names starting with a digit (+2,-2)
756f1e2 ruleset: fix emitting set_mark/set_xmark rules with masks (+188,-4)
c7201a3 main.uc: reintroduce set reload restriction (+6,-1)
4fbf6d7 ruleset.uc: log forwarded traffic not matched by zone policies (+3)

#10965

Description: firewall4: error in generation of "apply firewall mark" rule
Link: https://github.com/openwrt/openwrt/issues/10965
Commits:
9a599fe firewall4: update to latest Git HEAD (+3,-3)
ce050a8 fw4: fall back to device if l3_device is not available in ifstatus (+2,-2)
145e159 fw4: recognize `option log` and `option counter` in `config nat` sections (+3)
b0a6bff tests: fix testcases (+12,-12)
592ba45 main.uc: remove uneeded/wrong set reload restrictions (-3)
43d8ef5 fw4: fix formatting of default log prefix (+243,-2)
3db4741 ruleset: properly handle zone names starting with a digit (+2,-2)
756f1e2 ruleset: fix emitting set_mark/set_xmark rules with masks (+188,-4)
c7201a3 main.uc: reintroduce set reload restriction (+6,-1)
4fbf6d7 ruleset.uc: log forwarded traffic not matched by zone policies (+3)

Security fixes

CVE-2022-41674

Description: An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41674
Commits:
f1de43d mac80211: backport security fixes (+2.1K,-1)

CVE-2022-42719

Description: A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42719
Commits:
f1de43d mac80211: backport security fixes (+2.1K,-1)

CVE-2022-42720

Description: Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42720
Commits:
f1de43d mac80211: backport security fixes (+2.1K,-1)

CVE-2022-42721

Description: A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42721
Commits:
f1de43d mac80211: backport security fixes (+2.1K,-1)

CVE-2022-42722

Description: In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42722
Commits:
f1de43d mac80211: backport security fixes (+2.1K,-1)

This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.More information about cookies
  • Last modified: 2023/04/27 23:20
  • by hauke