OpenWrt v22.03.6 Changelog
This changelog lists all commits done in OpenWrt since the v22.03.5 tag, grouped by subsystem. The changes are chronologically ordered from top to bottom and cover the Git repository history until the tagging of the 22.03.6 release.
See also the release notes that provide a more accessible overview of the main changes in 22.03.6.
Build System / Buildroot (31 changes)
dcdd8e9
kernel: bump 5.10 to 5.10.177 (+29,-28)
5cc1bd5
kernel: bump 5.10 to 5.10.178 (+50,-119)
2677220
kernel: bump 5.10 to 5.10.179 (+9,-9)
80a99d9
build: escape whitespaces in VERSION_DIST for Netgear images (+2,-2)
6bca11f
kernel: bump 5.10 to 5.10.180 (+59,-105)
171b515
kernel: bump 5.10 to 5.10.181 (+32,-32)
ac5e37f
kernel: bump 5.10 to 5.10.182 (+2,-2)
920f2d9
kernel: bump 5.10 to 5.10.183 (+27,-26)
287303b
kernel: bump 5.10 to 5.10.184 (+68,-69)
0344144
kernel: bump 5.10 to 5.10.185 (+27,-59)
fbc23f6
kernel: bump 5.10 to 5.10.186 (+17,-17)
cc54e19
build: fix generation of large .vdi images (+8,-2)
77f7f69
kernel: bump 5.10 to 5.10.187 (+2,-2)
f6b6d4b
kernel: bump 5.10 to 5.10.188 (+65,-186)
59dce3b
kernel: bump 5.10 to 5.10.189 (+37,-35)
419218a
kernel: bump 5.10 to 5.10.190 (+14,-14)
866badc
kernel: bump 5.10 to 5.10.191 (+31,-31)
49639b2
kernel: bump 5.10 to 5.10.192 (+12,-44)
188c49b
kernel: bump 5.10 to 5.10.194 (+10,-10)
3598545
kernel: bump 5.10 to 5.10.196 (+186,-437)
057bf8f
kernel: bump 5.10 to 5.10.197 (+9,-9)
38ee41a
image: Fix the CONFIG_EXTERNAL_CPIO logic (+1,-1)
f3a78af
kernel: bump 5.10 to 5.10.198 (+22,-22)
8525157
kernel: bump 5.10 to 5.10.199 (+48,-48)
bb2b55f
build: export GIT_CEILING_DIRECTORIES for package builds (+2)
86124a1
scripts/getver.sh: prevent asking for negative rev-parse (+1,-1)
9bac24e
scan.mk: do not silence output of dump phase (+2,-1)
3555a29
treewide: fix shell errors during dump stage (+9)
7dabd7a
scripts/dump-target-info.pl: add new function to DUMP devices (+79,-1)
3e511a7
kernel: bump 5.10 to 5.10.200 (+25,-25)
f85a79b
kernel: bump 5.10 to 5.10.201 (+8,-55)
Build System / Host Utilities (5 changes)
9d71dc9
tools: assign PKG_CPE_ID (+6)
e453767
tools/zlib: switch to configure script (+14,-15)
35fd776
tools/expat: build with autotools again (+15,-16)
d8aa8ae
tools/cmake: Build without some included libs (+46,-3)
e4a70c9
tools: fix firmware-utils depends (+1,-1)
Build System / Image Builder (1 change)
1c79f93
ib: split out processing user provided packages (+3,-1)
Build System / SDK (1 change)
8a1ba96
sdk: rename README + update Makefile (+1,-1)
Build System / Toolchain (6 changes)
4d66384
fortify-headers: fix inconsistent time_t version of ppoll (+12,-1)
30fca54
fortify-headers: fix build error when _REDIR_TIME64 is not defined (+2,-2)
6a2d19c
toolchain: assign PKG_CPE_ID (+6)
32e32d5
toolchain: musl: add PKG_CPE_ID (+1)
4ad0f92
toolchain: Update glibc 2.34 to recent HEAD (+2,-2)
de2162d
toolchain: gcc: backport v11.3.0 fix for false positive VLA params warnings (+192)
Kernel (24 changes)
dcdd8e9
kernel: bump 5.10 to 5.10.177 (+29,-28)
5cc1bd5
kernel: bump 5.10 to 5.10.178 (+50,-119)
2677220
kernel: bump 5.10 to 5.10.179 (+9,-9)
6bca11f
kernel: bump 5.10 to 5.10.180 (+59,-105)
171b515
kernel: bump 5.10 to 5.10.181 (+32,-32)
e908856
kernel: mtd: bcm-wfi: add cferam name support (+14,-2)
920f2d9
kernel: bump 5.10 to 5.10.183 (+27,-26)
287303b
kernel: bump 5.10 to 5.10.184 (+68,-69)
2034387
netfilter: fix typo in nf-socket and nf-tproxy kconfig (+2,-2)
0344144
kernel: bump 5.10 to 5.10.185 (+27,-59)
fbc23f6
kernel: bump 5.10 to 5.10.186 (+17,-17)
04b4d79
kernel: bgmac: fix regressed support for BCM53573 SoCs (+45)
f6b6d4b
kernel: bump 5.10 to 5.10.188 (+65,-186)
59dce3b
kernel: bump 5.10 to 5.10.189 (+37,-35)
419218a
kernel: bump 5.10 to 5.10.190 (+14,-14)
866badc
kernel: bump 5.10 to 5.10.191 (+31,-31)
49639b2
kernel: bump 5.10 to 5.10.192 (+12,-44)
188c49b
kernel: bump 5.10 to 5.10.194 (+10,-10)
3598545
kernel: bump 5.10 to 5.10.196 (+186,-437)
057bf8f
kernel: bump 5.10 to 5.10.197 (+9,-9)
f3a78af
kernel: bump 5.10 to 5.10.198 (+22,-22)
8525157
kernel: bump 5.10 to 5.10.199 (+48,-48)
3e511a7
kernel: bump 5.10 to 5.10.200 (+25,-25)
f85a79b
kernel: bump 5.10 to 5.10.201 (+8,-55)
Packages / Boot Loaders (4 changes)
656e411
ramips: add support for Keenetic Lite III rev. A (+165,-1)
6870041
uboot-bcm4908: update to the latest generic (+3,-3)
⇒ 4435700
Remove redundant YYLOC global declaration (-1)
0a1dc00
treewide: Add extra CPE identifier (+4)
e7b3414
ramips: add support for SNR-CPE-W4N-MT router (+149)
Packages / Common (21 changes)
ce32068
ca-certificates: Update to version 20230311 (+9,-13)
afb4422
openssl: bump to 1.1.1u (+3,-265)
4a9eb94
bpf-headers: fix compilation with LLVM_IAS=1 (+1,-1)
17f6001
restool: update source.codeaurora.org repository link (+1,-1)
70e3f4e
openssl: passing cflags to configure (+2,-1)
681baab
wolfssl: update to 5.6.3 (+30,-5)
503aa7f
dropbear: add ed25519 for failsafe key (+3,-2)
c29390b
lua: fix integer overflow in LNUM patch (+16,-16)
df994cc
mbedtls: Update to version 2.28.3 (+2,-24)
b62dace
mbedtls: Update to version 2.28.4 (+2,-2)
de29f15
openssl: bump to 1.1.1v (+3,-3)
aeb1221
urngd: update to the latest master (+3,-3)
⇒ 7aefb47
jitterentropy-rngd: update to the v1.2.0 (+1,-1)
3a7143f
packages: assign PKG_CPE_ID for all missing packages (+13)
0a1dc00
treewide: Add extra CPE identifier (+4)
f6fa7b5
openssl: update to version 1.1.1w (+2,-2)
64907f3
hostapd: fix broke noscan option for mesh (+3,-3)
fcdecb5
hostapd: permit also channel 7 for 2.5GHz to be set to HT40PLUS (+1,-1)
3af93be
bsdiff: Add patches for CVEs (+433,-13)
72d940d
mbedtls: Update to version 2.28.5 (+2,-2)
0c7c87a
urngd: update to version 2023-11-01 (+3,-3)
⇒ 44365eb
Deactivate _FORTIFY_SOURCE in jitterentropy-base.c (+5,-2)
545807d
wolfssl: update to 5.6.4 (+3,-28)
Packages / Firmware (25 changes)
e500494
wireless-regdb: update to 2023.05.03 (+2,-2)
8da1ba2
linux-firmware: Update to version 20220509 (+2,-2)
f3ccdf7
linux-firmware: take linux-firmware.git's qca99x0 boardfile (+1,-12)
9c54ac6
linux-firmware: Update to version 20220610 (+2,-2)
d136562
linux-firmware: update to 20220815 (+2,-2)
91de737
linux-firmware: update to 20220913 (+2,-2)
ad3d63b
linux-firmware: update to 20221012 (+2,-2)
d59e095
linux-firmware: update to 20221109 (+2,-2)
5fc704c
linux-firmware: update to 20221214 (+2,-2)
b3ddc09
linux-firmware: disable stripping (+4,-1)
320c919
linux-firmware: update to 20230117 (+3,-3)
d2cc4ad
linux-firmware: update to 20230310 (+2,-2)
9466152
linux-firmware: update to 20230515 (+2,-2)
728afd1
linux-firmware: move firmware file for mt7601u (+3,-3)
b5a5751
ipq40xx: R619AC: replace space with - separator in variant string (+2,-2)
3235300
ipq-wifi: drop custom board-2.bins (+22,-98)
2c96dd6
firmware: intel-microcode: update to 20221108 (+2,-2)
f4e4f55
firmware: intel-microcode: update to 20230512 (+3,-3)
ca669b7
ls-dpl: update source.codeaurora.org repository link (+1,-1)
80a6b0a
ipq-wifi: fix upstream board-2.bin ZTE M289F snafu (+7,-4)
68c6608
linux-firmware: update to 20230625 (+2,-2)
08a7820
linux-firmware: update to 20230804 (+2,-2)
8c7b03a
firmware: intel-microcode: update to 20230808 (+2,-2)
3a7143f
packages: assign PKG_CPE_ID for all missing packages (+13)
b87913e
wireless-regdb: update to 2023.09.01 (+2,-2)
Packages / OpenWrt system userland (2 changes)
c1181a5
uhttpd: update to latest Git HEAD (+3,-3)
⇒ 6341357
ucode: respect all arguments passed to send() (+14,-12)
⇒ 47561aa
mimetypes: add audio/video support for apple airplay (+3)
1dbbd0f
uhttpd: update to latest git HEAD (+3,-3)
⇒ 34a8a74
uhttpd/file: fix string out of buffer range on uh_defer_script (+2,-2)
Target / apm821xx (3 changes)
5cc1bd5
kernel: bump 5.10 to 5.10.178 (+50,-119)
f6b6d4b
kernel: bump 5.10 to 5.10.188 (+65,-186)
8525157
kernel: bump 5.10 to 5.10.199 (+48,-48)
Target / at91 (5 changes)
5cc1bd5
kernel: bump 5.10 to 5.10.178 (+50,-119)
6bca11f
kernel: bump 5.10 to 5.10.180 (+59,-105)
920f2d9
kernel: bump 5.10 to 5.10.183 (+27,-26)
f6b6d4b
kernel: bump 5.10 to 5.10.188 (+65,-186)
3598545
kernel: bump 5.10 to 5.10.196 (+186,-437)
Target / ath25 (1 change)
59dce3b
kernel: bump 5.10 to 5.10.189 (+37,-35)
Target / ath79 (14 changes)
920f2d9
kernel: bump 5.10 to 5.10.183 (+27,-26)
287303b
kernel: bump 5.10 to 5.10.184 (+68,-69)
0344144
kernel: bump 5.10 to 5.10.185 (+27,-59)
fbc23f6
kernel: bump 5.10 to 5.10.186 (+17,-17)
f6b6d4b
kernel: bump 5.10 to 5.10.188 (+65,-186)
59dce3b
kernel: bump 5.10 to 5.10.189 (+37,-35)
419218a
kernel: bump 5.10 to 5.10.190 (+14,-14)
92a0dd2
ath79: fix packetloss on some WLR-7100 (+2)
3598545
kernel: bump 5.10 to 5.10.196 (+186,-437)
9e8c959
ath79: wpj563: enable 2nd USB controller (+8)
8bc8db9
ath79: increase the rfkill debounce interval for TP-Link Archer C7 v2 (+2,-1)
f3a78af
kernel: bump 5.10 to 5.10.198 (+22,-22)
7901fec
ath79: image: allow changing kernel option in mkubntimage (+1,-1)
3e511a7
kernel: bump 5.10 to 5.10.200 (+25,-25)
Target / bcm27xx (16 changes)
dcdd8e9
kernel: bump 5.10 to 5.10.177 (+29,-28)
5cc1bd5
kernel: bump 5.10 to 5.10.178 (+50,-119)
6bca11f
kernel: bump 5.10 to 5.10.180 (+59,-105)
171b515
kernel: bump 5.10 to 5.10.181 (+32,-32)
920f2d9
kernel: bump 5.10 to 5.10.183 (+27,-26)
287303b
kernel: bump 5.10 to 5.10.184 (+68,-69)
0344144
kernel: bump 5.10 to 5.10.185 (+27,-59)
fbc23f6
kernel: bump 5.10 to 5.10.186 (+17,-17)
f6b6d4b
kernel: bump 5.10 to 5.10.188 (+65,-186)
49639b2
kernel: bump 5.10 to 5.10.192 (+12,-44)
188c49b
kernel: bump 5.10 to 5.10.194 (+10,-10)
3598545
kernel: bump 5.10 to 5.10.196 (+186,-437)
057bf8f
kernel: bump 5.10 to 5.10.197 (+9,-9)
8525157
kernel: bump 5.10 to 5.10.199 (+48,-48)
3e511a7
kernel: bump 5.10 to 5.10.200 (+25,-25)
f85a79b
kernel: bump 5.10 to 5.10.201 (+8,-55)
Target / bcm47xx (4 changes)
e17f9fd
bcm47xx: revert bgmac back to the old limited max frame size (+33)
cf256cf
bcm47xx: fix bgmac MTU patch filename ()
f6b6d4b
kernel: bump 5.10 to 5.10.188 (+65,-186)
188c49b
kernel: bump 5.10 to 5.10.194 (+10,-10)
Target / bcm4908 (3 changes)
419218a
kernel: bump 5.10 to 5.10.190 (+14,-14)
057bf8f
kernel: bump 5.10 to 5.10.197 (+9,-9)
8525157
kernel: bump 5.10 to 5.10.199 (+48,-48)
Target / bcm53xx (16 changes)
5cc1bd5
kernel: bump 5.10 to 5.10.178 (+50,-119)
e3d0c70
bcm53xx: backport DT changes from v6.5 (+4.6K,-11)
a7867e0
bcm53xx: backport DT changes queued for v6.6 (+474,-1)
c39a3f1
bcm53xx: add BCM53573 Ethernet fix sent upstream for v6.6 (+28)
1ec274a
bcm53xx: backport more DT changes queued for v6.6 (+290,-28)
f6b6d4b
kernel: bump 5.10 to 5.10.188 (+65,-186)
3598545
kernel: bump 5.10 to 5.10.196 (+186,-437)
2adf034
bcm53xx: backport DT changes for ASUS RT-AC3100 queued for v6.6 (+432,-1)
0e23d24
bcm53xx: add support for ASUS RT-AC3100 (+8)
20a046e
bcm53xx: build a single device per profile (+1)
ff9a115
bcm53xx: simplify patch adding switch ports (+15,-128)
297484a
bcm53xx: backport DT changes queued for v6.7 (+686,-1)
829fc38
bcm53xx: disable unused switch ports in downstream patch (+135,-15)
c292104
bcm53xx: backport 1 more late DT patch accepted for v6.7 (+63,-44)
8525157
kernel: bump 5.10 to 5.10.199 (+48,-48)
f71ab69
bcm53xx: refresh kernel config (+1)
Target / bcm63xx (3 changes)
4b44bfe
bcm63xx: fix NETGEAR DGND3700v2 boot loop (+1)
fbc23f6
kernel: bump 5.10 to 5.10.186 (+17,-17)
59dce3b
kernel: bump 5.10 to 5.10.189 (+37,-35)
Target / bmips (3 changes)
dcdd8e9
kernel: bump 5.10 to 5.10.177 (+29,-28)
1a5e7d3
bmips: fix NETGEAR DGND3700v2 boot loop (+1)
59dce3b
kernel: bump 5.10 to 5.10.189 (+37,-35)
Target / ipq40xx (5 changes)
b5a5751
ipq40xx: R619AC: replace space with - separator in variant string (+2,-2)
3235300
ipq-wifi: drop custom board-2.bins (+22,-98)
287303b
kernel: bump 5.10 to 5.10.184 (+68,-69)
80a6b0a
ipq-wifi: fix upstream board-2.bin ZTE M289F snafu (+7,-4)
1fa6b26
ipq40xx: switch to performance governor by default (+2,-2)
Target / ipq806x (5 changes)
5cc1bd5
kernel: bump 5.10 to 5.10.178 (+50,-119)
3235300
ipq-wifi: drop custom board-2.bins (+22,-98)
6bca11f
kernel: bump 5.10 to 5.10.180 (+59,-105)
f6b6d4b
kernel: bump 5.10 to 5.10.188 (+65,-186)
59dce3b
kernel: bump 5.10 to 5.10.189 (+37,-35)
Target / lantiq (2 changes)
Target / layerscape (2 changes)
0344144
kernel: bump 5.10 to 5.10.185 (+27,-59)
3555a29
treewide: fix shell errors during dump stage (+9)
Target / mediatek (5 changes)
6bca11f
kernel: bump 5.10 to 5.10.180 (+59,-105)
f6b6d4b
kernel: bump 5.10 to 5.10.188 (+65,-186)
3598545
kernel: bump 5.10 to 5.10.196 (+186,-437)
f3a78af
kernel: bump 5.10 to 5.10.198 (+22,-22)
3555a29
treewide: fix shell errors during dump stage (+9)
Target / mvebu (2 changes)
Target / octeon (3 changes)
3c895dd
octeon: ubnt-edgerouter-e300: fix LED settings (+2,-2)
4959dcd
octeon: ubnt-edgerouter-e300: fix missing MTD partition (+22,-16)
0567428
octeon: ubnt-edgerouter-4/6p: devicetree cleanup (+10,-30)
Target / octeontx (2 changes)
Target / oxnas (2 changes)
Target / pistachio (1 change)
3598545
kernel: bump 5.10 to 5.10.196 (+186,-437)
Target / ramips (9 changes)
749cc6f
ramips: Cudy X6 fixes / improvements (+19,-16)
5f583d3
ramips: mt7621: add support for Cudy X6 v2 (+145,-51)
dcdd8e9
kernel: bump 5.10 to 5.10.177 (+29,-28)
80fbad1
ramips: correct page read return value of the mt7621 nand driver (+9,-5)
656e411
ramips: add support for Keenetic Lite III rev. A (+165,-1)
0344144
kernel: bump 5.10 to 5.10.185 (+27,-59)
59dce3b
kernel: bump 5.10 to 5.10.189 (+37,-35)
3598545
kernel: bump 5.10 to 5.10.196 (+186,-437)
e7b3414
ramips: add support for SNR-CPE-W4N-MT router (+149)
Target / realtek (5 changes)
5cc1bd5
kernel: bump 5.10 to 5.10.178 (+50,-119)
2677220
kernel: bump 5.10 to 5.10.179 (+9,-9)
0344144
kernel: bump 5.10 to 5.10.185 (+27,-59)
59dce3b
kernel: bump 5.10 to 5.10.189 (+37,-35)
419218a
kernel: bump 5.10 to 5.10.190 (+14,-14)
Target / rockchip (1 change)
49639b2
kernel: bump 5.10 to 5.10.192 (+12,-44)
Target / uml (2 changes)
Target / x86 (3 changes)
59dce3b
kernel: bump 5.10 to 5.10.189 (+37,-35)
3fe2875
x86: geode: fix hwrng register accesses (+47)
f85a79b
kernel: bump 5.10 to 5.10.201 (+8,-55)
Wireless / Common (1 change)
6e77f51
mac80211: fix not set noscan option for wpa_supplicant (+2,-2)
Wireless / MT76 (2 changes)
76b1e56
mt76: update to the latest version from the 22.03 branch (+3,-328)
⇒ 94eb0bc
wifi: mt76: testmode: use random payload for tx packets (+6,-2)
⇒ f8ece81
wifi: mt76: add rx_check callback for usb devices (+28)
⇒ 67fbdb7
wifi: mt76: mt7921e: fix race issue between reset and suspend/resume (+14,-4)
⇒ a9b09dd
wifi: mt76: mt7921s: fix race issue between reset and suspend/resume (+9,-4)
⇒ ee3eb0d
wifi: mt76: mt7921u: fix race issue between reset and suspend/resume (+24,-4)
⇒ 9706cce
wifi: mt76: mt7921u: remove unnecessary MT76_STATE_SUSPEND (-4)
⇒ 74a29eb
wifi: mt76: mt7921: move mt7921_rx_check and mt7921_queue_rx_skb in mac.c (+119,-157)
⇒ f49e06c
wifi: mt76: sdio: fix the deadlock caused by sdio->stat_work (+2,-2)
⇒ 3226561
wifi: mt76: sdio: poll sta stat when device transmits data (+1,-1)
⇒ dee0a3c
wifi: mt76: mt7915: fix an uninitialized variable bug (+1,-1)
⇒ 9dd7be2
wifi: mt76: mt7921: fix use after free in mt7921_acpi_read() (+4,-1)
⇒ 0ad02c9
wifi: mt76: sdio: add rx_check callback for sdio devices (+17,-7)
⇒ fe85e5c
wifi: mt76: sdio: fix transmitting packet hangs (+1,-1)
⇒ 206c7eb
wifi: mt76: mt7615: add mt7615_mutex_acquire/release in mt7615_sta_set_decap_... (+4)
⇒ bf79f5d
wifi: mt76: mt7915: fix possible unaligned access in mt7915_mac_add_twt_setup (+6,-4)
⇒ c4132ab
wifi: mt76: connac: fix possible unaligned access in mt76_connac_mcu_add_nest... (+4,-2)
⇒ + 48 more...
8da4e8f
mt76: update to the latest version from the 22.03 branch (+3,-3)
⇒ bdf8ea7
mt76: mt7921: don't assume adequate headroom for SDIO headers (+4)
Miscellaneous (1 change)
695a22a
build: generate index.json (+4)
Addressed bugs
FS#3325 (#8184)
Description: MT7628an: lose radio whilst downloading jarge data
Link: https://github.com/openwrt/openwrt/issues/8184
Commits:
76b1e56
mt76: update to the latest version from the 22.03 branch (+3,-328)
⇒ 94eb0bc
wifi: mt76: testmode: use random payload for tx packets (+6,-2)
⇒ f8ece81
wifi: mt76: add rx_check callback for usb devices (+28)
⇒ 67fbdb7
wifi: mt76: mt7921e: fix race issue between reset and suspend/resume (+14,-4)
⇒ a9b09dd
wifi: mt76: mt7921s: fix race issue between reset and suspend/resume (+9,-4)
⇒ ee3eb0d
wifi: mt76: mt7921u: fix race issue between reset and suspend/resume (+24,-4)
⇒ 9706cce
wifi: mt76: mt7921u: remove unnecessary MT76_STATE_SUSPEND (-4)
⇒ 74a29eb
wifi: mt76: mt7921: move mt7921_rx_check and mt7921_queue_rx_skb in mac.c (+119,-157)
⇒ f49e06c
wifi: mt76: sdio: fix the deadlock caused by sdio->stat_work (+2,-2)
⇒ 3226561
wifi: mt76: sdio: poll sta stat when device transmits data (+1,-1)
⇒ dee0a3c
wifi: mt76: mt7915: fix an uninitialized variable bug (+1,-1)
⇒ 9dd7be2
wifi: mt76: mt7921: fix use after free in mt7921_acpi_read() (+4,-1)
⇒ 0ad02c9
wifi: mt76: sdio: add rx_check callback for sdio devices (+17,-7)
⇒ fe85e5c
wifi: mt76: sdio: fix transmitting packet hangs (+1,-1)
⇒ 206c7eb
wifi: mt76: mt7615: add mt7615_mutex_acquire/release in mt7615_sta_set_decap_... (+4)
⇒ bf79f5d
wifi: mt76: mt7915: fix possible unaligned access in mt7915_mac_add_twt_setup (+6,-4)
⇒ c4132ab
wifi: mt76: connac: fix possible unaligned access in mt76_connac_mcu_add_nest... (+4,-2)
⇒ + 48 more...
FS#3338 (#8314)
Description: TL-WR841N v13 (ramips) unstable Ethernet and WiFi in 19.07.4
Link: https://github.com/openwrt/openwrt/issues/8314
Commits:
76b1e56
mt76: update to the latest version from the 22.03 branch (+3,-328)
⇒ 94eb0bc
wifi: mt76: testmode: use random payload for tx packets (+6,-2)
⇒ f8ece81
wifi: mt76: add rx_check callback for usb devices (+28)
⇒ 67fbdb7
wifi: mt76: mt7921e: fix race issue between reset and suspend/resume (+14,-4)
⇒ a9b09dd
wifi: mt76: mt7921s: fix race issue between reset and suspend/resume (+9,-4)
⇒ ee3eb0d
wifi: mt76: mt7921u: fix race issue between reset and suspend/resume (+24,-4)
⇒ 9706cce
wifi: mt76: mt7921u: remove unnecessary MT76_STATE_SUSPEND (-4)
⇒ 74a29eb
wifi: mt76: mt7921: move mt7921_rx_check and mt7921_queue_rx_skb in mac.c (+119,-157)
⇒ f49e06c
wifi: mt76: sdio: fix the deadlock caused by sdio->stat_work (+2,-2)
⇒ 3226561
wifi: mt76: sdio: poll sta stat when device transmits data (+1,-1)
⇒ dee0a3c
wifi: mt76: mt7915: fix an uninitialized variable bug (+1,-1)
⇒ 9dd7be2
wifi: mt76: mt7921: fix use after free in mt7921_acpi_read() (+4,-1)
⇒ 0ad02c9
wifi: mt76: sdio: add rx_check callback for sdio devices (+17,-7)
⇒ fe85e5c
wifi: mt76: sdio: fix transmitting packet hangs (+1,-1)
⇒ 206c7eb
wifi: mt76: mt7615: add mt7615_mutex_acquire/release in mt7615_sta_set_decap_... (+4)
⇒ bf79f5d
wifi: mt76: mt7915: fix possible unaligned access in mt7915_mac_add_twt_setup (+6,-4)
⇒ c4132ab
wifi: mt76: connac: fix possible unaligned access in mt76_connac_mcu_add_nest... (+4,-2)
⇒ + 48 more...
FS#3740 (#8757)
Description: MT7688 wireless signal disappears under heavy load
Link: https://github.com/openwrt/openwrt/issues/8757
Commits:
76b1e56
mt76: update to the latest version from the 22.03 branch (+3,-328)
⇒ 94eb0bc
wifi: mt76: testmode: use random payload for tx packets (+6,-2)
⇒ f8ece81
wifi: mt76: add rx_check callback for usb devices (+28)
⇒ 67fbdb7
wifi: mt76: mt7921e: fix race issue between reset and suspend/resume (+14,-4)
⇒ a9b09dd
wifi: mt76: mt7921s: fix race issue between reset and suspend/resume (+9,-4)
⇒ ee3eb0d
wifi: mt76: mt7921u: fix race issue between reset and suspend/resume (+24,-4)
⇒ 9706cce
wifi: mt76: mt7921u: remove unnecessary MT76_STATE_SUSPEND (-4)
⇒ 74a29eb
wifi: mt76: mt7921: move mt7921_rx_check and mt7921_queue_rx_skb in mac.c (+119,-157)
⇒ f49e06c
wifi: mt76: sdio: fix the deadlock caused by sdio->stat_work (+2,-2)
⇒ 3226561
wifi: mt76: sdio: poll sta stat when device transmits data (+1,-1)
⇒ dee0a3c
wifi: mt76: mt7915: fix an uninitialized variable bug (+1,-1)
⇒ 9dd7be2
wifi: mt76: mt7921: fix use after free in mt7921_acpi_read() (+4,-1)
⇒ 0ad02c9
wifi: mt76: sdio: add rx_check callback for sdio devices (+17,-7)
⇒ fe85e5c
wifi: mt76: sdio: fix transmitting packet hangs (+1,-1)
⇒ 206c7eb
wifi: mt76: mt7615: add mt7615_mutex_acquire/release in mt7615_sta_set_decap_... (+4)
⇒ bf79f5d
wifi: mt76: mt7915: fix possible unaligned access in mt7915_mac_add_twt_setup (+6,-4)
⇒ c4132ab
wifi: mt76: connac: fix possible unaligned access in mt76_connac_mcu_add_nest... (+4,-2)
⇒ + 48 more...
FS#4238 (#9219)
Description: TL-WR841N v13 (SoC MT7628AN) wifi disappears after some usage
Link: https://github.com/openwrt/openwrt/issues/9219
Commits:
76b1e56
mt76: update to the latest version from the 22.03 branch (+3,-328)
⇒ 94eb0bc
wifi: mt76: testmode: use random payload for tx packets (+6,-2)
⇒ f8ece81
wifi: mt76: add rx_check callback for usb devices (+28)
⇒ 67fbdb7
wifi: mt76: mt7921e: fix race issue between reset and suspend/resume (+14,-4)
⇒ a9b09dd
wifi: mt76: mt7921s: fix race issue between reset and suspend/resume (+9,-4)
⇒ ee3eb0d
wifi: mt76: mt7921u: fix race issue between reset and suspend/resume (+24,-4)
⇒ 9706cce
wifi: mt76: mt7921u: remove unnecessary MT76_STATE_SUSPEND (-4)
⇒ 74a29eb
wifi: mt76: mt7921: move mt7921_rx_check and mt7921_queue_rx_skb in mac.c (+119,-157)
⇒ f49e06c
wifi: mt76: sdio: fix the deadlock caused by sdio->stat_work (+2,-2)
⇒ 3226561
wifi: mt76: sdio: poll sta stat when device transmits data (+1,-1)
⇒ dee0a3c
wifi: mt76: mt7915: fix an uninitialized variable bug (+1,-1)
⇒ 9dd7be2
wifi: mt76: mt7921: fix use after free in mt7921_acpi_read() (+4,-1)
⇒ 0ad02c9
wifi: mt76: sdio: add rx_check callback for sdio devices (+17,-7)
⇒ fe85e5c
wifi: mt76: sdio: fix transmitting packet hangs (+1,-1)
⇒ 206c7eb
wifi: mt76: mt7615: add mt7615_mutex_acquire/release in mt7615_sta_set_decap_... (+4)
⇒ bf79f5d
wifi: mt76: mt7915: fix possible unaligned access in mt7915_mac_add_twt_setup (+6,-4)
⇒ c4132ab
wifi: mt76: connac: fix possible unaligned access in mt76_connac_mcu_add_nest... (+4,-2)
⇒ + 48 more...
#12587
Description: Unable to build package/libs/libusb
Link: https://github.com/openwrt/openwrt/issues/12587
Commits:
30fca54
fortify-headers: fix build error when _REDIR_TIME64 is not defined (+2,-2)
#12866
Description: openssl fails to compile for mips64_octeonplus
Link: https://github.com/openwrt/openwrt/issues/12866
Commits:
70e3f4e
openssl: passing cflags to configure (+2,-1)
#12886
Description: [23.05-rc1] ipq40xx: zte_mf289f: ath10k_ahb: could not probe fw (-110)
Link: https://github.com/openwrt/openwrt/issues/12886
Commits:
80a6b0a
ipq-wifi: fix upstream board-2.bin ZTE M289F snafu (+7,-4)
#13056
Description: Error building VDI image on latest Arch Linux
Link: https://github.com/openwrt/openwrt/issues/13056
Commits:
cc54e19
build: fix generation of large .vdi images (+8,-2)
#13260
Description: kernel size not a multiple of block size on Ubiquiti Routerstation image
Link: https://github.com/openwrt/openwrt/issues/13260
Commits:
7901fec
ath79: image: allow changing kernel option in mkubntimage (+1,-1)
#13283
Description: SSID from Wi-Fi list disappears during download
Link: https://github.com/openwrt/openwrt/issues/13283
Commits:
76b1e56
mt76: update to the latest version from the 22.03 branch (+3,-328)
⇒ 94eb0bc
wifi: mt76: testmode: use random payload for tx packets (+6,-2)
⇒ f8ece81
wifi: mt76: add rx_check callback for usb devices (+28)
⇒ 67fbdb7
wifi: mt76: mt7921e: fix race issue between reset and suspend/resume (+14,-4)
⇒ a9b09dd
wifi: mt76: mt7921s: fix race issue between reset and suspend/resume (+9,-4)
⇒ ee3eb0d
wifi: mt76: mt7921u: fix race issue between reset and suspend/resume (+24,-4)
⇒ 9706cce
wifi: mt76: mt7921u: remove unnecessary MT76_STATE_SUSPEND (-4)
⇒ 74a29eb
wifi: mt76: mt7921: move mt7921_rx_check and mt7921_queue_rx_skb in mac.c (+119,-157)
⇒ f49e06c
wifi: mt76: sdio: fix the deadlock caused by sdio->stat_work (+2,-2)
⇒ 3226561
wifi: mt76: sdio: poll sta stat when device transmits data (+1,-1)
⇒ dee0a3c
wifi: mt76: mt7915: fix an uninitialized variable bug (+1,-1)
⇒ 9dd7be2
wifi: mt76: mt7921: fix use after free in mt7921_acpi_read() (+4,-1)
⇒ 0ad02c9
wifi: mt76: sdio: add rx_check callback for sdio devices (+17,-7)
⇒ fe85e5c
wifi: mt76: sdio: fix transmitting packet hangs (+1,-1)
⇒ 206c7eb
wifi: mt76: mt7615: add mt7615_mutex_acquire/release in mt7615_sta_set_decap_... (+4)
⇒ bf79f5d
wifi: mt76: mt7915: fix possible unaligned access in mt7915_mac_add_twt_setup (+6,-4)
⇒ c4132ab
wifi: mt76: connac: fix possible unaligned access in mt76_connac_mcu_add_nest... (+4,-2)
⇒ + 48 more...
#13572
Description: bcm53xx: build fails with default config
Link: https://github.com/openwrt/openwrt/issues/13572
Commits:
20a046e
bcm53xx: build a single device per profile (+1)
#13649
Description: IPQ4019 ethernet
Link: https://github.com/openwrt/openwrt/issues/13649
Commits:
1fa6b26
ipq40xx: switch to performance governor by default (+2,-2)
#13776
Description: CONFIG_EXTERNAL_CPIO is ignored if CONFIG_TARGET_ROOTFS_INITRAMFS_SEPARATE
Link: https://github.com/openwrt/openwrt/issues/13776
Commits:
38ee41a
image: Fix the CONFIG_EXTERNAL_CPIO logic (+1,-1)
Security fixes
CVE-20-2014
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-20-2014
Commits:
3af93be
bsdiff: Add patches for CVEs (+433,-13)
CVE-33-2020
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-33-2020
Commits:
3af93be
bsdiff: Add patches for CVEs (+433,-13)
CVE-2014-9862
Description: Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9862
Commits:
3af93be
bsdiff: Add patches for CVEs (+433,-13)
CVE-2020-14315
Description: A memory corruption vulnerability is present in bspatch as shipped in Colin Percival’s bsdiff tools version 4.3. Insufficient checks when handling external inputs allows an attacker to bypass the sanity checks in place and write out of a dynamically allocated buffer boundaries.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14315
Commits:
3af93be
bsdiff: Add patches for CVEs (+433,-13)
CVE-2022-21216
Description: Insufficient granularity of access control in out-of-band management in some Intel(R) Atom and Intel Xeon Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21216
Commits:
f4e4f55
firmware: intel-microcode: update to 20230512 (+3,-3)
CVE-2022-33196
Description: Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33196
Commits:
f4e4f55
firmware: intel-microcode: update to 20230512 (+3,-3)
CVE-2022-33972
Description: Incorrect calculation in microcode keying mechanism for some 3rd Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable information disclosure via local access.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33972
Commits:
f4e4f55
firmware: intel-microcode: update to 20230512 (+3,-3)
CVE-2022-38090
Description: Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local access.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38090
Commits:
f4e4f55
firmware: intel-microcode: update to 20230512 (+3,-3)
CVE-2022-40982
Description: Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40982
Commits:
8c7b03a
firmware: intel-microcode: update to 20230808 (+2,-2)
CVE-2022-41804
Description: Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41804
Commits:
8c7b03a
firmware: intel-microcode: update to 20230808 (+2,-2)
CVE-2023-0464
Description: A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464
Commits:
afb4422
openssl: bump to 1.1.1u (+3,-265)
CVE-2023-0465
Description: Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465
Commits:
afb4422
openssl: bump to 1.1.1u (+3,-265)
CVE-2023-0466
Description: The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification. As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466
Commits:
afb4422
openssl: bump to 1.1.1u (+3,-265)
CVE-2023-2650
Description: Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to very long delays when processing those messages, which may lead to a Denial of Service. An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit. OBJ_obj2txt() may be used to translate an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL type ASN1_OBJECT) to its canonical numeric text form, which are the sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by periods. When one of the sub-identifiers in the OBJECT IDENTIFIER is very large (these are sizes that are seen as absurdly large, taking up tens or hundreds of KiBs), the translation to a decimal number in text may take a very long time. The time complexity is O(n^2) with 'n' being the size of the sub-identifiers in bytes (*). With OpenSSL 3.0, support to fetch cryptographic algorithms using names / identifiers in string form was introduced. This includes using OBJECT IDENTIFIERs in canonical numeric text form as identifiers for fetching algorithms. Such OBJECT IDENTIFIERs may be received through the ASN.1 structure AlgorithmIdentifier, which is commonly used in multiple protocols to specify what cryptographic algorithm should be used to sign or verify, encrypt or decrypt, or digest passed data. Applications that call OBJ_obj2txt() directly with untrusted data are affected, with any version of OpenSSL. If the use is for the mere purpose of display, the severity is considered low. In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 certificates, including simple things like verifying its signature. The impact on TLS is relatively low, because all versions of OpenSSL have a 100KiB limit on the peer's certificate chain. Additionally, this only impacts clients, or servers that have explicitly enabled client authentication. In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, such as X.509 certificates. This is assumed to not happen in such a way that it would cause a Denial of Service, so these versions are considered not affected by this issue in such a way that it would be cause for concern, and the severity is therefore considered low.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650
Commits:
afb4422
openssl: bump to 1.1.1u (+3,-265)
CVE-2023-3446
Description: Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus ('p' parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the '-check' option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3446
Commits:
de29f15
openssl: bump to 1.1.1v (+3,-3)
CVE-2023-3817
Description: Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A correct q value, if present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if q is larger than p. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the "-check" option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3817
Commits:
de29f15
openssl: bump to 1.1.1v (+3,-3)
CVE-2023-4806
Description: A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4806
Commits:
4ad0f92
toolchain: Update glibc 2.34 to recent HEAD (+2,-2)
CVE-2023-4807
Description: Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X86_64 processors supporting the AVX512-IFMA instructions. Impact summary: If in an application that uses the OpenSSL library an attacker can influence whether the POLY1305 MAC algorithm is used, the application state might be corrupted with various application dependent consequences. The POLY1305 MAC (message authentication code) implementation in OpenSSL does not save the contents of non-volatile XMM registers on Windows 64 platform when calculating the MAC of data larger than 64 bytes. Before returning to the caller all the XMM registers are set to zero rather than restoring their previous content. The vulnerable code is used only on newer x86_64 processors supporting the AVX512-IFMA instructions. The consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker could get complete control of the application process. However given the contents of the registers are just zeroized so the attacker cannot put arbitrary values inside, the most likely consequence, if any, would be an incorrect result of some application dependent calculations or a crash leading to a denial of service. The POLY1305 MAC algorithm is most frequently used as part of the CHACHA20-POLY1305 AEAD (authenticated encryption with associated data) algorithm. The most common usage of this AEAD cipher is with TLS protocol versions 1.2 and 1.3 and a malicious client can influence whether this AEAD cipher is used by the server. This implies that server applications using OpenSSL can be potentially impacted. However we are currently not aware of any concrete application that would be affected by this issue therefore we consider this a Low severity security issue. As a workaround the AVX512-IFMA instructions support can be disabled at runtime by setting the environment variable OPENSSL_ia32cap: OPENSSL_ia32cap=:~0x200000 The FIPS provider is not affected by this issue.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4807
Commits:
f6fa7b5
openssl: update to version 1.1.1w (+2,-2)
CVE-2023-4911
Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4911
Commits:
4ad0f92
toolchain: Update glibc 2.34 to recent HEAD (+2,-2)
CVE-2023-5156
Description: A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5156
Commits:
4ad0f92
toolchain: Update glibc 2.34 to recent HEAD (+2,-2)
CVE-2023-23908
Description: Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access.
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23908
Commits:
8c7b03a
firmware: intel-microcode: update to 20230808 (+2,-2)