OpenWrt v22.03.3 Changelog

This changelog lists all commits done in OpenWrt since the v22.03.2 tag, grouped by subsystem. The changes are chronologically ordered from top to bottom and cover the Git repository history until the tagging of the 22.03.3 release.

See also the release notes that provide a more accessible overview of the main changes in 22.03.3.

fb11c63 kernel: bump 5.10 to 5.10.147 (+38,-110)
980aad0 kernel: bump 5.10 to 5.10.148 (+2,-2)
5c0c01d kernel: bump 5.10 to 5.10.149 (+2,-2)
0667688 kernel: bump 5.10 to 5.10.150 (+134,-282)
0abcea1 kernel: bump 5.10 to 5.10.151 (+5,-5)
0ff3adf kernel: bump 5.10 to 5.10.152 (+17,-15)
bbad2ee kernel: bump 5.10 to 5.10.153 (+37,-38)
c837fc9 kernel: bump 5.10 to 5.10.154 (+9,-9)
b738819 kernel: bump 5.10 to 5.10.155 (+9,-9)
078bdc1 kernel: bump 5.10 to 5.10.156 (+26,-26)
d419136 build: make find_md5 reproducible with AUTOREMOVE (+4,-3)
439e19d scripts/ext-tools: introduce new script to install prebuilt tools (+98)
ac7b1c8 build: handle directory with whitespace in AUTOREMOVE clean (+4,-4)
3a58bda kernel: bump 5.10 to 5.10.157 (+58,-52)
e5cec69 kernel: bump 5.10 to 5.10.158 (+19,-19)
d909fb1 kernel: bump 5.10 to 5.10.159 (+11,-41)
7ccb4c6 kernel: add missing symbol for bcm27xx (+5)
ce88187 kernel: add missing dependency to KERNEL_RPI_AXIPERF (+1,-1)
709351b kernel: Make KERNEL_MAKEOPTS recursively expanded (+1,-1)
fcff234 image-commands.mk: Be consistent in command invocation (+1,-1)
9aa95bb rules: fix broken commitcount on alpine system (+1,-1)
da79da3 image: fix device profile specific COMPILE targets (+1)
f30414c kernel: bump 5.10 to 5.10.160 (+2,-2)
377d805 trusted-firmware-a.mk: use correct CPE ID (+1,-1)
275c51b Revert "image-commands.mk: Be consistent in command invocation" (+1,-1)
b1722a0 kernel: bump 5.10 to 5.10.161 (+6,-6)

7fa6351 tools/expat: update to 2.5.0 (+3,-3)
8040f74 tools/patch: apply patch for EACCES on xattr copy (+34,-1)
1a0f2c3 e2fsprogs: Fix CVE-2022-1304 (+102,-2)
3de4572 tools/ccache: fix build with musl and gcc 12 (+33,-1)

e51f3a2 toolchain: Update glibc 2.34 to recent HEAD (+3,-3)
b23cab2 toolchain: gcc: import patch fixing asm machine directive for powerpc (+54)

fb11c63 kernel: bump 5.10 to 5.10.147 (+38,-110)
c1c8562 kernel: mtd: fix unbalanced of_node_put() in dynamic partitions code (+101)
08969f6 kernel: add kmod-nvme package (+23)
18c7738 kernel: mtd: backport extended dynamic partitions support (+154,-5)
b4bc9eb kernel: mtd: backport SafeLoader parser (+239,-5)
0667688 kernel: bump 5.10 to 5.10.150 (+134,-282)
0abcea1 kernel: bump 5.10 to 5.10.151 (+5,-5)
0ff3adf kernel: bump 5.10 to 5.10.152 (+17,-15)
c61ed09 kernel: netsupport: kmod-sched: Reorder packages (+53,-49)
31fd96b kernel: netsupport: Add kmod-sched-drr (+16)
7ee55d8 kernel: netsupport: Extract sched-prio and sched-red (+33,-3)
3ca4524 kernel: netsupport: Add kmod-sched-act-sample (+20)
23ccc71 kernel: netsupport: Extract act_police (+13,-2)
051c24c kernel: extract kmod-sched-act-ipt from kmod-sched (+18,-3)
e95b359 kernel: netsupport: Add FQ-PIE as an optional sched kmod and extract PIE (+33,-2)
bbad2ee kernel: bump 5.10 to 5.10.153 (+37,-38)
c837fc9 kernel: bump 5.10 to 5.10.154 (+9,-9)
54dc60e generic: fix unset symbol (+1)
af20d9d kernel: split out mtd hack for CONFIG_FIT_PARTITION + rootfs (+20,-4)
932378a kernel: backport support for "linux,rootfs" in DT (+95,-51)
58a73b1 kernel: improve description of NTFS kernel packages (+3,-2)
353e468 kernel: support "linux,rootfs" DT property for splitting rootfs (+6,-5)
61e1f65 kernel: modules: package Marvell gigE PHY driver (+34)
b738819 kernel: bump 5.10 to 5.10.155 (+9,-9)
078bdc1 kernel: bump 5.10 to 5.10.156 (+26,-26)
a907c20 kernel: add kmod-hwmon-sht3x support (+15)
5167bcf kernel: update U-Boot nvmem driver to v6.2 release version (+168)
2a1bf86 kernel: kmod-rtc-pt7c4338: Remove package (-16)
a3dee42 kernel: kmod-w1-slave-ds2760: Remove package (-17)
1f9bf1e kernel: kmod-isdn4linux: Remove package (-32)
69ed96f kernel: netconsole: add network console logging support (+16)
282dd27 kernel: ca8210: Fix crash by zero initializing data (+30)
6b2c445 kernel: remove CONFIG_MMC_BLOCK_BOUNCE (-2)
4408f7d kernel: add kmod-btsdio package (+18)
78fc12d kernel: fix typo for tegra crypto-sha1 module (+1,-1)
6e396ef kernel: remove handling of xfrm[4|6]_mode_* modules (+2,-15)
15bc6b2 kernel: further cleanup of xfrm[4|6]_mode* (-10)
bc64ca1 kernel: kmod-net-rtl8192su: Remove package (-25)
ee2341c kernel: add symbol in generic config for 5.10.157 (+1)
3a58bda kernel: bump 5.10 to 5.10.157 (+58,-52)
e5cec69 kernel: bump 5.10 to 5.10.158 (+19,-19)
d909fb1 kernel: bump 5.10 to 5.10.159 (+11,-41)
b18a0d0 generic: add support for EON EN25QX128A spi nor flash (+42)
b1722a0 kernel: bump 5.10 to 5.10.161 (+6,-6)
6be9e3e kernel: remove hack patch, move kirkwood specific kmods to target modules.mk (+30,-55)
1fd2f9f kernel: Add missing kernel configuration options (+3,-4)

85a7588 ath79: support Ruckus ZoneFlex 7372 (+358)
6cffcb2 ath79: support Ruckus ZoneFlex 7321 (+64)
5736069 arm-trusted-firmware-sunxi: add package CPE ID (+1)
e313cd8 uboot-layerscape: adjust LS1012A-IOT config and env (+46,-1)
7a77aac uboot-envtools: Fix format of autogenerated sectors (+2)
8122aa9 ath79: add support for Linksys EA4500 v3 (+240,-1)
51a763a arm-trusted-firmware-sunxi: drop CPE ID (-1)
fec4fb3 sunxi: remove frequency for NanoPi R1 (+1,-2)

f1d7f1c firewall4: update to latest Git HEAD (+3,-3)
⇒ 7ae5e14 fw4: gracefully handle `null` return values from `fd.read("line")` (+2,-2)
f59dcb9 ucode: update to latest Git HEAD (+3,-3)
⇒ 21ace5e lexer: fixes for regex literal parsing (+56,-7)
⇒ 00af065 fs: expose `getdelim()` functionality through `fd.read()` (+11,-2)
714345d libnftnl: add package CPE ID (+1)
69e6486 ncurses: add package CPE ID (+1)
b37ff14 wireless-tools: add package CPE ID (+1)
fe5cd3c util-linux: Update to version 2.37.4 (+2,-2)
13bd217 busybox: awk: fix use after free (CVE-2022-30065) (+42)
77522d4 dnsmasq: Backport DHCPv6 server fix (CVE-2022-0934) (+179)
b3b3428 openssl: bump to 1.1.1s (+2.5K,-188)
faf9d20 strace: update to 5.17 (+2,-2)
0b80a7d strace: update to 5.18 (+2,-2)
8650f77 strace: add nls.mk (+2,-1)
d84cf62 strace: update to 5.19 (+3,-3)
1d095c1 strace: replace PKG_CPE_ID (+1,-1)
88c43b5 hostapd: remove invalid dtim_period option processing (+1,-2)
de6c3cc mbedtls: import patch to fix illegal instruction on mpc85xx (+30)
eda395a wolfssl: update to v5.5.3 (+3,-53)
eb639e5 ucode: update to latest Git HEAD (+3,-3)
⇒ 88dcca7 add cmake to install requires for debian (+1,-1)
⇒ fdc9b6a compiler: fix `??=`, `||=` and `&&=` logical assignment semantics (+146,-65)
⇒ 6c5ee53 compiler: ensure that arrow functions with block bodies return no value (+29,-10)
⇒ d2cc003 uci: auto-load package in `ctx.foreach()` and `ctx.get_first()` (+4,-6)
⇒ 1867c8b uloop: terminate parent uloop in task child processes (+2)
⇒ 394e901 lib: uc_json(): accept trailing whitespace when parsing strings (+14,-6)
⇒ eef83d3 tests: relax sleep() test (+5,-2)
⇒ 8366102 math: add isnan() function (+9)
⇒ 3903b18 fs: add `realpath()` function (+22)
⇒ eac2add compiler: fix bytecode for logical assignments of properties (+134,-76)
⇒ 4c654df types: adjust double printing format (+1,-1)
⇒ 46d93c9 tests: fixup testcases (+7,-7)
1a0f2c3 e2fsprogs: Fix CVE-2022-1304 (+102,-2)
3f7ce4b comgt-ncm: add support for quectel modem EC200T-EU (+22)
298d2d0 Revert "mbedtls: import patch to fix illegal instruction on mpc85xx" (-30)
39dcfcd wolfssl: fix build with /dev/crypto (+33)
6c3e160 kernel: backport ksmbd security fix ZDI-22-1690 (+53)
158a335 mbedtls: update to version 2.28.2 (+6,-6)
77e2a24 wolfssl: update to 5.5.4-stable (+3,-36)
2f1b73b treewide: Trigger reinstall of all wolfssl dependencies (+4,-4)
8446d22 gdb: Do not link against xxhash (+1)

3e15a54 ipq40xx: Add ZTE MF289F (+469,-8)
bc64ca1 kernel: kmod-net-rtl8192su: Remove package (-25)

83c7034 base-files: support "metric" in board.json (+2,-1)
4bda308 base-files: stage2: add 'tail' to sysupgrade environment (+1,-1)

63fde46 ustream-ssl: update to Git version 2022-12-07 (+4,-4)
⇒ aa8c48e cmake: add a possibility to set library version (+4)
⇒ 584f1f6 ustream-openssl: wolfSSL: provide detailed information in debug builds (+10)
⇒ 2ce1d48 ci: fix building with i.MX6 SDK (+2,-2)
⇒ 9217ab4 ustream-openssl: Disable renegotiation in TLSv1.2 and earlier (+6)
b1204ce umbim: Allow roaming and partner connections (+25,-6)
9b7a3e1 iwinfo: update to the latest version (+3,-3)
⇒ 46f04f3 devices: add MediaTek MT7986 WiSoC (+7)
⇒ b3e08c8 ops: make support for wireless extensions optional (+14,-1)
⇒ 1f695d9 nl80211: allow phy names that don't start with 'phy' (-6)
⇒ b7f9f06 nl80211: fix phy/netdev index lookup (+13,-11)
⇒ 4a43b0d nl80211: look up the phy name instead of assuming name == phy<idx> (+31,-3)
f34c4a9 iwinfo: update to the latest version (+3,-3)
⇒ 0496c72 nl80211: fix issues with renamed wiphy and multiple phy per device (+11,-6)
31baecb iwinfo: update to the latest version (+3,-3)
⇒ 00aab87 Correctly identify key management algorithms starting with "FT-" (+5,-1)
f43ceb6 iwinfo: update to latest Git HEAD (+3,-3)
⇒ 50380db enable useful compiler warnings via -Wall (+1,-1)
⇒ ccaabb4 fix -Wformat-truncation warnings (+7,-7)
⇒ 462b679 fix -Wduplicate-decl-specifier warnings (+27,-19)
⇒ 5469898 fix -Wunused-variable warnings (-5)
⇒ ebd5f84 fix -Wmaybe-uninitialized warning (+2)
⇒ 3112726 fix -Wpointer-sign warning (+1,-1)
⇒ 4aa6c5a fix -Wreturn-type warning (+1,-1)
⇒ d638163 fix -Wdangling-else warnings (+4)
⇒ dd4e1ff nl80211: fix wpa supplicant ctrl socket permissions (+16)
⇒ a5a75fd nl80211: remove ancient wpa_supplicant ctrl socket path (+3,-10)
⇒ 14f864e nl80211: add ability to describe USB devices (+7,-3)
⇒ c27ce71 devices: add usb device MediaTek MT7921AU (+4)
⇒ a77d915 nl80211: don't guess if a name is an ifname (+13,-3)
⇒ 3f619a5 nl80211: fix frequency/channel conversion for the 6G band (+41,-9)
⇒ 91b2ada nl80211: update the kernel header nl80211.h (+2.7K,-71)
⇒ 4ba5713 nl80211: properly get available bands for the hwmode (+21,-35)
⇒ + 17 more...
2f1b73b treewide: Trigger reinstall of all wolfssl dependencies (+4,-4)
558aa1f odhcpd: fix null pointer dereference for INFORM messages (+3,-3)
⇒ 4a673e1 fix null pointer dereference for INFORM messages (+1,-1)

a4af427 procd: service: pass all arguments to service (+3,-3)
8e43a44 rpcd: update to latest Git HEAD (+7,-5)
⇒ 6c5e900 iwinfo: constify string map arg for rpc_iwinfo_call_int() (+1,-1)
⇒ c46ad61 iwinfo: reuse infos provided by libiwinfo (+84,-175)
⇒ b3f530b iwinfo: clean up rpc_iwinfo_call_hw_ht_mode() (+11,-12)
⇒ 7de4820 iwinfo: add "hwmodes_text" to the info output (+4)
cdce4a0 uhttpd: update to latest Git HEAD (+3,-3)
⇒ 2397755 client: fix incorrectly emitting HTTP 413 for certain content lengths (+2,-1)

0667688 kernel: bump 5.10 to 5.10.150 (+134,-282)
bbad2ee kernel: bump 5.10 to 5.10.153 (+37,-38)
c837fc9 kernel: bump 5.10 to 5.10.154 (+9,-9)
b1722a0 kernel: bump 5.10 to 5.10.161 (+6,-6)

fb11c63 kernel: bump 5.10 to 5.10.147 (+38,-110)
85a7588 ath79: support Ruckus ZoneFlex 7372 (+358)
6cffcb2 ath79: support Ruckus ZoneFlex 7321 (+64)
7a3d595 ath79: fix reference clock for RouterBoard 912UAG (+1,-1)
18c7738 kernel: mtd: backport extended dynamic partitions support (+154,-5)
b4bc9eb kernel: mtd: backport SafeLoader parser (+239,-5)
1133a8f ath79: add support to TrendNet TEW-673GRU (+204,-4)
8122aa9 ath79: add support for Linksys EA4500 v3 (+240,-1)
d25e1a3 ath79: fix MAC address assignment for TP-Link ar7241 devices (+3,-4)
bbad2ee kernel: bump 5.10 to 5.10.153 (+37,-38)
932378a kernel: backport support for "linux,rootfs" in DT (+95,-51)
078bdc1 kernel: bump 5.10 to 5.10.156 (+26,-26)
844de50 ath79: disable image building for Ubiquiti EdgeSwitch 8XP (+1)
0b22e87 ath79: D-Link DIR-825 B1 add factory.bin recipe (+6,-4)
106fedd ath79: fix MAC address assigment for TP-Link TL-WR740N/TL-WR741ND v4 (+2,-3)
68add5f ath79: mikrotik: use OpenWrt loader for initram image (+3,-1)
be2da47 ath79: expand rootfs for DIR-825-B1 with unused space (+21,-6)
aef33ab ath79: fix Teltonika RUT230 v1 MAC assignment (+2,-2)
3a58bda kernel: bump 5.10 to 5.10.157 (+58,-52)
47ac52a ath79: image: don't depend on other COMPILE targets (+1,-1)

fb11c63 kernel: bump 5.10 to 5.10.147 (+38,-110)
0667688 kernel: bump 5.10 to 5.10.150 (+134,-282)
0abcea1 kernel: bump 5.10 to 5.10.151 (+5,-5)
0ff3adf kernel: bump 5.10 to 5.10.152 (+17,-15)
bbad2ee kernel: bump 5.10 to 5.10.153 (+37,-38)
c837fc9 kernel: bump 5.10 to 5.10.154 (+9,-9)
3564c22 bcm27xx: disable duplicate sdhost driver (+9,-16)
64da7c8 bcm27xx: fix CI build after config refresh (+8)
078bdc1 kernel: bump 5.10 to 5.10.156 (+26,-26)
e5cec69 kernel: bump 5.10 to 5.10.158 (+19,-19)
d909fb1 kernel: bump 5.10 to 5.10.159 (+11,-41)
b1722a0 kernel: bump 5.10 to 5.10.161 (+6,-6)
1fd2f9f kernel: Add missing kernel configuration options (+3,-4)

91e4a74 bcm4908: optimize Ethernet driver by using build_skb() (+152)
6c5313d bcm4908: backport bcm4908_enet fix for NULL dereference (+103,-4)
84b3eaf bcm4908: backport upstream BQL support for bcm4908_enet (+45)
c45f441 bcm4908: use upstream patches for Asus GT-AC5300 LEDs (+12,-3)
44fad4b bcm4908: fix Asus GT-AX6000 image (+66,-3)
bf1c4f1 bcm4908: update DTS files with the latest changes (+298,-8)
1285938 bcm4908: Refresh kernel patches (+2.4K,-24)

fb11c63 kernel: bump 5.10 to 5.10.147 (+38,-110)
40465ad bcm53xx: enable Broadcom 4366b1 firmware for Asus RT-AC88U (+1,-1)
b4bc9eb kernel: mtd: backport SafeLoader parser (+239,-5)
0667688 kernel: bump 5.10 to 5.10.150 (+134,-282)
bbad2ee kernel: bump 5.10 to 5.10.153 (+37,-38)
b66037f bcm53xx: update DTS files with the latest changes (+2.1K,-7)

0667688 kernel: bump 5.10 to 5.10.150 (+134,-282)
3e15a54 ipq40xx: Add ZTE MF289F (+469,-8)
71178a8 ipq40xx: Fix wrong GPIO for internal status LED on ZTE MF289F (+1,-1)
26b5899 ipq40xx: fix ZTE MF289F port mapping (+5,-1)
8c1f8f9 ipq40xx: ZTE MF286D: fix DEVICE_PACKAGES (+1,-1)
2b51542 ipq40xx: luma_wrtq-acn329: swap ethernet MAC addresses (+5)
af4f635 ipq40xx: sysupgrade: allow flashing Linksys factory firmware (+18)

fb11c63 kernel: bump 5.10 to 5.10.147 (+38,-110)
b4bc9eb kernel: mtd: backport SafeLoader parser (+239,-5)
0ff3adf kernel: bump 5.10 to 5.10.152 (+17,-15)
e5cec69 kernel: bump 5.10 to 5.10.158 (+19,-19)

6be9e3e kernel: remove hack patch, move kirkwood specific kmods to target modules.mk (+30,-55)

bbad2ee kernel: bump 5.10 to 5.10.153 (+37,-38)
dca7326 lantiq: xrx200: backport upstream network fixes (+93)
a4e8ff5 lantiq: enable interrupts on second VPEs (+86)
af0c128 lantiq: add 6.1 tag to upstream patch (+3,-2)
3b066a6 lantiq: vr9: include usb driver for fritz 7430 (+2,-1)

ce1de42 layerscape: Fix SPI-NOR issues with vendor patches (+130)

0667688 kernel: bump 5.10 to 5.10.150 (+134,-282)
bbad2ee kernel: bump 5.10 to 5.10.153 (+37,-38)
c837fc9 kernel: bump 5.10 to 5.10.154 (+9,-9)
078bdc1 kernel: bump 5.10 to 5.10.156 (+26,-26)
3a58bda kernel: bump 5.10 to 5.10.157 (+58,-52)

0667688 kernel: bump 5.10 to 5.10.150 (+134,-282)

a0bae2f mvebu: cortexa9: disable devices using broken mv88e6176 switch (+4)
9b6dcf3 mvebu: disable also wrt32x due to broken switch (-1)

e946d9a octeon: fix imagebuilder generation by introducing generic target (+5,-5)

fb11c63 kernel: bump 5.10 to 5.10.147 (+38,-110)
0667688 kernel: bump 5.10 to 5.10.150 (+134,-282)

fb11c63 kernel: bump 5.10 to 5.10.147 (+38,-110)
18c7738 kernel: mtd: backport extended dynamic partitions support (+154,-5)
932378a kernel: backport support for "linux,rootfs" in DT (+95,-51)

5725b77 qoriq: fix typo in FEATURES (+1,-1)

36a808b mt7621: netgear_ex6150: fix reboot loop by using LZMA loader (+1)
8fefd5c mt7621: hiwifi_hc5962: fix reboot loop by using LZMA loader (+1)
b0ab21d ramips: mt7621: enable lzma-loader for Asus RT-N56U-B1 (+1)
ef5b1ff ramips: rt3883: enable lzma-loader for Belkin F9K1109v1 (+1,-1)
b5cb5f3 ramips: fix WAN mac address allocation for Unielec 01 and 06 models (+15,-6)
b4bc9eb kernel: mtd: backport SafeLoader parser (+239,-5)
fe58ee9 ramips: Correct Unielec 01 and 06 dts wan macaddr byte location (+6,-6)
4628e7a ramips: backport TP-Link RE200 v3/v4 LED fix (+54,-11)
292d3f0 ramips: define lzma-loader recipe for SEAMA devices (+9,-1)
fafc944 ramips: rt3883: use seama-lzma-loader for D-Link DIR-645 (+1,-3)
ca124d2 ramips: mt7621: use seama-lzma-loader for D-Link DIR-860L B1 (+1,-4)
9155d40 ramips: gl-mt1300: downclock SPI to 50MHz (+1,-2)
d2ae761 ramips: improve compatibility for Youku YK-L2 and YK-L1 series (+10,-2)
bbad2ee kernel: bump 5.10 to 5.10.153 (+37,-38)
8fbf036 ramips: mt7621: enable lzma-loader for netis WF2881 (+2,-1)
1af58a2 ramips: mt7621: enable lzma-loader for ZyXEL WAP6805 (+2,-1)
6cd1035 ramips: add support for Wavlink WS-WN572HP3 4G (+202)
3a58bda kernel: bump 5.10 to 5.10.157 (+58,-52)

03ab5a6 realtek: update GPIO bindings for DGS-1210-10P (+26,-4)

0ff3adf kernel: bump 5.10 to 5.10.152 (+17,-15)
d909fb1 kernel: bump 5.10 to 5.10.159 (+11,-41)

be7b97d sunxi: fix typo in device packages for MarsBoard A10 (+2,-2)

181390f uml: fix 5.10 build (+32)

078bdc1 kernel: bump 5.10 to 5.10.156 (+26,-26)

00d7702 mac80211: Update to version 5.15.74-1 (+32,-2.3K)
bfeffb8 mac80211: fix decap offload for stations on AP_VLAN interfaces (+37)
a26f7e6 mac80211: fix issues with receiving small STP packets (+124)
615dbec mac80211: fix mesh airtime link metric estimation (+36)
087a2a4 mac80211: Update to version 5.15.81 (+48,-351)
43d71ad mac80211: Do not build brcmsmac on bcm47xx_legacy (+1,-1)

00d7702 mac80211: Update to version 5.15.74-1 (+32,-2.3K)
302ef21 mt76: add firmware package for mt7916 (+16)
a704216 mt76: move the mt7921 firmware to its own package (+9,-3)

c775781 CI: include automatic Pull Request Labeler (+115)
008e9a3 build: harden GitHub workflow permissions (+13)
c43b5e7 CI: labeler: target major version of labeler action (+1,-1)
e7497d1 CI: Add release/22.03 label to all pull requests (+3)
8b95e14 Revert "CI: Add release/22.03 label to all pull requests" (-3)
e516c31 CI: add support to tag pr targeting stable branch (+14)
7d63c39 CI: labeler: fix wrong label for pr targeting stable branch (+3,-3)
119c657 CI: usability improvements for tools (+13,-3)
0e46907 CI: add Kernel compile tests (+143)
586be47 CI: run inside the buildbot docker container (+24,-46)
0f71cf7 CI: kernel: Trigger workflow for more directories (+2)
f7affcd CI: kernel: Use downloads.cdn.openwrt.org (+2,-2)
0987df4 CI: kernel: Show used OpenWrt configuration (+5)
c3ed9f3 CI: kernel: Checkout feeds from github (+24)
1f13c8c CI: kernel: Build all kernel modules (+3)
2f9b356 CI: kernel: Cache external toolchain (+13,-2)
7ff1477 CI: package kmods in kernel workflow (+5)
f2fb3ff ci: move scripts into separate directory (+1,-1)
a69b9a8 ci: show build failures directly in job log output (+20,-5)
047e68a CI: use buildbot container for building (+50,-67)
fccf42c CI: create Docker container containing compiled tools (+67)
daeb367 CI: use tools:latest container to speedup kernel workflow (+12,-3)
c2df98c CI: Add workaround for github uppercase usernames (+16,-2)
8bbaa48 CI: tools: compile tools with ccache support for tools container (+2,-1)
431875b CI: kernel: use ccache to speedup workflow (+17)
b3e8d58 Revert "build: harden GitHub workflow permissions" (-13)
303b784 build: harden GitHub workflow permissions (+17)
8c4e39e CI: kernel: generate ccache cache on kernel push (+6)
6941420 CI: bump actions/checkout action to v3 (+10,-10)
d070707 CI: bump actions/download,upload-artifact action to v3 (+7,-7)
b93a593 CI: kernel: check if patch are refreshed for each target (+71)
de29c8b ci: kernel: trigger build check on changes in kernel.mk as well (+2,-2)
99524d4 CI: kernel: fix deprecation of set-output (+3,-3)
db347be CI: packages: Add github CI job to build all packages (+151)
8ac2cf6 CI: packages.yml: Fix usage of pre-build tools (+2)
b7e2e14 CI: Simplify if conditions (+2,-2)
e74479d CI: Extract the OpenWrt building to own sub workflow (+331,-341)
31fb360 CI: Allow building with internal toolchain (+20,-1)
5fc4182 CI: Build all boards and testing kernel (+29)
f3cb0cf CI: tools: support per branch tools container (+26,-1)
05c3ee6 CI: build: add support for per branch tools container (+56,-2)
47519a5 CI: build: add support for external toolchains from stable branch (+27,-2)
9db78a7 CI: build: add support to fallback to sdk for external toolchain (+33,-8)
63a2ea5 CI: fix matching for openwrt release branch for container selection (+12,-8)
ec9ca32 CI: build: fix matching for openwrt release branch for toolchain parsing (+8,-6)
309a6f2 CI: trigger check also on build and check-kernel-patches workflow change (+6)
8be50c3 CI: build: fix use of sdk as toolchain (+28)
385f787 CI: build: skip sdk adapt to external toolchain on cache hit (+1,-1)
1c174fe CI: kernel: don't checkout and install feeds (-1)

Description: xiaomi-4a-gigabit-edition has a new flash which is EN25QX128@44Mhz cause a endless reboot
Link: https://github.com/openwrt/openwrt/issues/9442
Commits:
b18a0d0 generic: add support for EON EN25QX128A spi nor flash (+42)

Description: [22.03] layerscape: Not booting with LS1021A-IOT
Link: https://github.com/openwrt/openwrt/issues/9894
Commits:
e313cd8 uboot-layerscape: adjust LS1012A-IOT config and env (+46,-1)

Description: [22.03-rc3] Not booting with Mikrotik hAP ac lite - RB952Ui-5ac2nD - target ath79
Link: https://github.com/openwrt/openwrt/issues/9954
Commits:
68add5f ath79: mikrotik: use OpenWrt loader for initram image (+3,-1)

Description: GL-iNet gl-mt1300 (Beryl) flash corruption
Link: https://github.com/openwrt/openwrt/issues/10461
Commits:
9155d40 ramips: gl-mt1300: downclock SPI to 50MHz (+1,-2)

Description: [22.03.0] 22.03.0 bricks Netgear EX6150v1 ramips MT7621
Link: https://github.com/openwrt/openwrt/issues/10645
Commits:
36a808b mt7621: netgear_ex6150: fix reboot loop by using LZMA loader (+1)

Description: wolfssl: wolfssl 5.5.1 compilation fails on WOLFSSL_HAS_DEVCRYPTO_*
Link: https://github.com/openwrt/openwrt/issues/10944
Commits:
39dcfcd wolfssl: fix build with /dev/crypto (+33)

Description: ramips Belkin F9K1109 fails to boot due to large kernel
Link: https://github.com/openwrt/openwrt/issues/10968
Commits:
ef5b1ff ramips: rt3883: enable lzma-loader for Belkin F9K1109v1 (+1,-1)

Description: rules.mk: grep --max-count usage in commitcount isn't portable
Link: https://github.com/openwrt/openwrt/issues/11200
Commits:
9aa95bb rules: fix broken commitcount on alpine system (+1,-1)

Description: A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0934
Commits:
77522d4 dnsmasq: Backport DHCPv6 server fix (CVE-2022-0934) (+179)

Description: An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304
Commits:
1a0f2c3 e2fsprogs: Fix CVE-2022-1304 (+102,-2)

Description: A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30065
Commits:
13bd217 busybox: awk: fix use after free (CVE-2022-30065) (+42)

Description: libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674
Commits:
7fa6351 tools/expat: update to 2.5.0 (+3,-3)

Description: In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43680
Commits:
7fa6351 tools/expat: update to 2.5.0 (+3,-3)

Description: An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim performing a single private-key operation, if the window size (MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46392
Commits:
158a335 mbedtls: update to version 2.28.2 (+6,-6)

Description: An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46393
Commits:
158a335 mbedtls: update to version 2.28.2 (+6,-6)