OpenWrt v23.05.2 Changelog
This changelog lists all commits done in OpenWrt since the v23.05.0 tag, grouped by subsystem. The changes are chronologically ordered from top to bottom and cover the Git repository history until the tagging of the 23.05.2 release.
See also the release notes that provide a more accessible overview of the main changes in 23.05.2.
Build System / Buildroot (15 changes)
ee3600a
image: Fix the CONFIG_EXTERNAL_CPIO logic (+1,-1)
9eec4eb
prereq: make existing binary check work for sdk as well (-1)
c4c9f61
prereq: merge common cases in SetupHostCommand (+3,-9)
269896f
kernel: bump 5.15 to 5.15.135 (+10,-10)
06efc80
kernel: bump 5.15 to 5.15.136 (+10,-97)
64ab02a
kernel: bump 5.15 to 5.15.137 (+34,-34)
21552a9
package-dumpinfo: add CPE information to package index (+1)
fdeb7d6
package-metadata: add CPE information to JSON package manifests (+2)
4ef8899
package-dumpinfo,metadata: add ABI version information to package index (+2)
21e5db9
build: add CycloneDX SBOM JSON support (+240,-8)
250ab7b
build: fix pkg-config detection when inside of a nix-shell (+1,-1)
cfadbc0
image: fix image generation within ImageBuilder (+2)
101988c
scripts/getver.sh: prevent asking for negative rev-parse (+1,-1)
4637ba7
scan.mk: do not silence output of dump phase (+2,-1)
51bb178
treewide: fix shell errors during dump stage (+15)
Kernel (11 changes)
aaa1286
kernel: fix jffs2 compilation with GCC_PLUGIN_RANDSTRUCT enabled (+1,-1)
269896f
kernel: bump 5.15 to 5.15.135 (+10,-10)
64ab02a
kernel: bump 5.15 to 5.15.137 (+34,-34)
07e9c27
build: hide kmod-zram config unless enabled (+11,-9)
958817b
kernel: serial: 8250_mtk: track busclk state to avoid bus error (+61)
b649b0b
kernel: nvmem: fix "fixed-layout" & support "mac-base" (+133)
0669716
kernel: backport v6.6 nvmem changes (+790,-1)
2073601
kernel: backport nvmem v6.6 fixes and v6.7 changes (+606,-1)
0dec0e0
kernel: fix mtd/NVMEM regression affecting U-Boot env NVMEM driver (+52,-4)
a00fc40
kernel: add support MeigLink SLM828 modem (+86,-4)
03e26f8
kernel: support reading hex MAC address from NVMEM (+35,-4)
Packages / Boot Loaders (9 changes)
620721f
uboot-mediatek: Sync phy-mode for Xiaomi Redmi Router AX6000 (+2,-2)
3f6e28e
arm-trusted-firmware-mediatek: fix copy&paste error in Makefile (+2,-2)
25bb84e
uboot-mediatek: add build for mt7981 rfb (+808)
1157b8c
uboot-mediatek: fix determine the size of an uImage.FIT using 'imsz' or 'imszb'. (+5,-7)
8ed934f
uboot-mediatek: fix global pll clock override on mtk_spim (+47)
b209f45
arm-trusted-firmware-mediatek: add emmc/spim-nand ddr4 build for mt7981 (+18)
429715a
uboot-mediatek: add support for CMCC RAX3000M (+723)
d3c1935
mediatek: add CMCC RAX3000M support (+425,-2)
ce62536
uboot-envtools: add environment config for MeiG SLT866 (+1)
Packages / Common (29 changes)
72f7f18
mbedtls: Update to version 2.28.5 (+5,-5)
6a1b92b
bcm53xx: Linksys EA9200 nvram and 02_network fixes (+2)
cdf7c3a
openssl: update to 3.0.12 (+3,-3)
5368066
umdns: update to the latest version (+3,-3)
⇒ 479c7f8
cache: make record/hostname lookup case-insensitive (+8,-2)
⇒ 26c97a5
ubus: add a browse flag for suppressing cached ip addresses (+7,-1)
⇒ c286c51
Fix AVL tree traversal in cache_record_find and cache_host_is_known (+4,-10)
⇒ 4035fe4
interface: use a global socket instead of per-interface ones (+291,-264)
⇒ c63d465
cache: dump hostname target from srv records (+2)
⇒ b42b221
use hostname from SRV record to look up IP addresses (+12,-6)
⇒ d45c443
ubus: add array flag support for the hosts method (+16,-2)
b5817d1
libselinux: opt-out of lto usage (+2)
1d5d149
libsepol: opt-out of lto usage (+2)
f1ea45f
lua: opt-out of lto usage (+2)
2616431
iptables: opt-out of lto usage (+1,-1)
eaf44c5
hostapd: do not trim trailing whitespace, except for newline (+2,-2)
16fcad4
hostapd: fix OWE association with mbedtls (+92,-1)
e465592
urngd: update to version 2023-11-01 (+3,-3)
⇒ 44365eb
Deactivate _FORTIFY_SOURCE in jitterentropy-base.c (+5,-2)
b549880
ucode: update to latest Git HEAD (+66,-145)
⇒ b9d8f06
ci: switch to official openwrt/gh-action-sdk (+328,-21)
⇒ 9df9160
lexer: don't count EOF token as newline (+2,-2)
⇒ 24f1a56
source: fix source offset accounting (+23,-19)
⇒ 70f9348
docs: add initial JSDoc infrastructure (+137)
⇒ fe086da
math: add JSDoc documentation (+281)
⇒ b0f2f90
fs: add JSDoc documentation (+979)
⇒ 5309294
lib: add JSDoc documentation (+1.7K)
⇒ c85bc74
Create CNAME (+1)
⇒ f9260f7
github: drop superfluous CNAME file (-1)
⇒ cba0c3c
fs: complete function documentation coverage (+224,-3)
⇒ f0cc841
fs: use `fseeko()` and `ftello()` (+5,-5)
⇒ f1190ef
docs: various improvements (+799,-1.7K)
⇒ 9d5e420
docs: add information about memory management and operator precedence (+148)
⇒ 33bc7bf
docs: fix markup quirks (+4,-4)
⇒ 5efb7a0
docs: further rework (+829,-705)
⇒ 4bee0ef
docs: disable GitHub Jekyll post processing (+1)
⇒ + 30 more...
51b1d59
ucode: fix build on macos (+11,-1)
f34ccb1
ucode: update to latest Git HEAD (+3,-3)
⇒ ea046bd
build: enable source fortification by default (+2,-2)
⇒ a69b5c8
vm: fix unused result warning (+1,-1)
⇒ cdc0203
nl80211: fix maybe uninitialized variable (+3,-3)
⇒ 448c763
lib: enforce consistent `index()` behavior with empty needle argument (+4,-1)
⇒ cfb24ea
build: avoid redefining _FORTIFY_SOURCE (+6,-1)
40203cd
firewall4: update to the latest version (+3,-3)
⇒ 23a434d
tests: fix expected test output (+1)
⇒ 840ccde
fw4: avoid emitting invalid rule jump targets (+1,-1)
⇒ 20da993
fw4: fix another instance of invalid rule jump targets (+3,-3)
⇒ 598d9fb
fw4: remove special cases around hw flow offloading (+9,-17)
65a10c8
hostapd: fix broken WPS on broadcom-wl and ath11k (+62)
7c43ced
libnl: add support for cli (+18,-1)
3223f31
mbedtls: Activate secp521r1 curve by default (+2,-2)
bbfb920
wifi: fix applying mesh parameters when wpa_supplicant is in use (+71,-26)
6de0e0d
hostapd: use rtnl to set up interfaces (+11,-5)
6fd16b0
px5g-mbedtls: Fix permission of private key (+27,-10)
5106f55
px5g-wolfssl: Fix permission of private key (+30,-17)
c9e8453
hostapd: fix broke noscan option for mesh (+3,-3)
1cab0d7
hostapd: permit also channel 7 for 2.5GHz to be set to HT40PLUS (+1,-1)
85d1b43
hostapd: permit 40MHz in 802.1s only also for 2.4GHz g/n with noscan (+9)
f5e9fd6
hostapd: refresh patches (+10,-10)
2285eb7
ucode: update to Git HEAD (2023-11-07) (+3,-3)
⇒ 0352a33
uloop: support new interval and signal APIs (+303,-2)
⇒ 1468cc4
syntax: don't treat `as` and `from` as reserved keywords (+91,-14)
3d006f9
wolfssl: update to 5.6.4 (+2,-27)
b7e81d2
iptables: backport patch fixing bug with string module (+41,-1)
Packages / Firmware (1 change)
f6a9f0c
ipq-wifi: update to Git HEAD (2023-11-10) (+4,-4)
⇒ c9db9d0
ipq8074: add Asus RT-AX89X BDF ()
⇒ 3315428
ipq8074: update RegDB in new submitted BDF ()
⇒ 2b03441
ipq40xx: add YYeTs LE1 BDF ()
⇒ a9c253e
ipq8074: add Netgear WAX620 Board file for Netgear WAX620, extracted from sto... ()
⇒ ec09609
qca-wireless: ipq40xx: add BDFs for ZTE MF287 ()
⇒ 57aa1b1
ipq8174: Add Linksys MX4200 ()
⇒ 52a1c29
ipq8074: add Netgear WAX630 Board file for Netgear WAX630. Extracted from sto... ()
⇒ e7701b8
ipq8074: update RegDB in new submitted BDF ()
⇒ cd04ab7
qcn9074: update RegDB in new submitted BDF ()
⇒ f70fdf9
ipq8074: add Arcadyan AW1000 BDF ()
⇒ 21c4d97
ipq8074: add CMCC RM2-6 BDF ()
⇒ f92fa0a
ipq8074: add ZTE MF269 BDF ()
⇒ 371d4dc
ipq8074: add Yuncore AX880 BDF ()
⇒ 0c2e810
qcn9074: fix prpl Foundation Haze BDF for old mac80211 version ()
Packages / OpenWrt base files (1 change)
0da199f
base-files: fix wrong ucidef_set_network_device_mac network-device entry (+1,-1)
Packages / OpenWrt network userland (8 changes)
1304234
netifd: update to latest git HEAD (+3,-3)
⇒ eb69d3f
interface: do not release device on link down (+1,-1)
⇒ 5590a80
config: fix incompatible with jshn network-device entry (+2,-2)
525adac
uqmi: update to latest HEAD (+4,-4)
⇒ d6c963d
uim: add application state to SIM status (+17)
⇒ ffc5eea
uim: support SIM card power-up/down (+60,-1)
⇒ aac0776
uqmi: add APN profile commands (+312,-56)
⇒ c8c9f10
uim: fix help formatting (+1,-1)
fefa446
iwinfo: opt-out of lto usage (+2)
610ae4d
odhcpd: Bump to latest commits (+3,-3)
⇒ c9e619f
dhcpv4: improve error when a prefix is too long (+4,-3)
⇒ 4bbc6e7
add hostsfile output in addition to statefile (+127,-4)
⇒ d8118f6
config: make sure timer is not on the timeouts list before freeing (+3)
f780cfb
netifd: update to the latest version (+3,-3)
⇒ 383753d
device/bridge: support passing extra vlans in the device_set_state call (+174,-152)
⇒ b6e75ea
device: send notifications for device events via ubus (+23)
⇒ cab415c
bridge: add auth-required bridge members with auth_status=0 if vlan is enabled (+35,-17)
⇒ 827a02f
bridge: add support for configuring vlans for auth=1,auth_status=false (+16,-2)
⇒ 40ed736
device: fix build error on 32 bit systems (+12,-13)
⇒ 516ab77
system-linux: fix race condition on bringing up wireless devices (+26,-23)
11a41bc
netifd: update to Git HEAD (2023-11-09) (+3,-3)
⇒ 76eb342
interface-ip: mask out host bits in IPv4 route targets (+4)
⇒ 5c2e5d5
interface-ip: allow configuring routes without explicit interface (+18,-4)
⇒ 838f815
system-linux: add support for configurable GRO option (+96)
⇒ 2dc7f45
system-linux: add option to configure DSA conduit device (+218)
⇒ 5c9ecc1
system-linux: make system_if_get_master_ifindex static (+1,-2)
⇒ 841b05f
system-linux: fix compilation error if IFLA_DSA_MASTER is not supported (+8)
46385eb
netifd: update to the latest version (+3,-3)
⇒ eee02cc
device: add support to configure eee (+32)
⇒ bb28f6a
wireless: fix sign comparison warning (+1,-1)
⇒ 35facc8
wireless: fix premature removal of hotplug devices due to down state (+12,-11)
842932a
netifd: fix IPv4 route target masking (+33,-1)
Target / apm821xx (1 change)
03cb2d6
apm821xx: WNDR4700: fix broken sysupgrade, factory images (+7,-2)
Target / armsr (1 change)
c0c4a9b
armsr: preserve configuration during sysupgrade (+21,-1)
Target / ath79 (4 changes)
0bc33a6
ath79: wpj563: enable 2nd USB controller (+8)
269896f
kernel: bump 5.15 to 5.15.135 (+10,-10)
220ab83
ath79: increase the rfkill debounce interval for TP-Link Archer C7 v2 (+2,-1)
0dec0e0
kernel: fix mtd/NVMEM regression affecting U-Boot env NVMEM driver (+52,-4)
Target / bcm27xx (2 changes)
Target / bcm4908 (1 change)
64ab02a
kernel: bump 5.15 to 5.15.137 (+34,-34)
Target / bcm53xx (12 changes)
6a1b92b
bcm53xx: Linksys EA9200 nvram and 02_network fixes (+2)
74dbee1
bcm53xx: add Wavlink Quantum DAX/WL-WN538A8 as alt name (+4)
07d4455
bcm53xx: backport DT changes for ASUS RT-AC3100 queued for v6.6 (+432,-1)
9798032
bcm53xx: add support for ASUS RT-AC3100 (+8)
ba300c8
bcm53xx: build a single device per profile (+1)
a1e3ec0
bcm53xx: simplify patch adding switch ports (+16,-136)
cd189cd
bcm53xx: backport DT changes queued for v6.7 (+686,-1)
7bd682b
bcm53xx: disable unused switch ports in downstream patch (+144,-16)
6150df1
bcm53xx: backport 1 more late DT patch accepted for v6.7 (+63,-44)
8ff9264
bcm53xx: backport XHCI patch modifying xhci_run_finished() (+96,-27)
06efc80
kernel: bump 5.15 to 5.15.136 (+10,-97)
41f27bb
bcm53xx: add the latest fix version of brcm_nvram (+256)
Target / ipq40xx (3 changes)
4afff7b
ipq40xx: switch to performance governor by default (+2,-2)
58d57f7
ipq40xx: wpj428: switch to zimage to fit kernel partition (+1,-1)
0669716
kernel: backport v6.6 nvmem changes (+790,-1)
Target / ipq806x (1 change)
0669716
kernel: backport v6.6 nvmem changes (+790,-1)
Target / ipq807x (2 changes)
3d0a78a
qualcommax: only build initramfs if CONFIG_TARGET_ROOTFS_INITRAMFS is set (+3,-1)
0669716
kernel: backport v6.6 nvmem changes (+790,-1)
Target / lantiq (1 change)
023f90f
Revert "lantiq: xrx200: mark subtarget as source-only" (+1,-1)
Target / layerscape (1 change)
51bb178
treewide: fix shell errors during dump stage (+15)
Target / mediatek (5 changes)
89184b1
mediatek: add build for MT7981 RFB (+377,-1)
ec54022
mediatek: add label-mac for GL.iNet GL-MT3000 (+1)
04cde73
treewide: fix MERCUSYS brand spelling (+4,-4)
d3c1935
mediatek: add CMCC RAX3000M support (+425,-2)
51bb178
treewide: fix shell errors during dump stage (+15)
Target / mpc85xx (1 change)
0669716
kernel: backport v6.6 nvmem changes (+790,-1)
Target / pistachio (1 change)
0dec0e0
kernel: fix mtd/NVMEM regression affecting U-Boot env NVMEM driver (+52,-4)
Target / ramips (8 changes)
7706128
ramips: fix ZyXEL NR7101 bricking typo (+1,-1)
75fe50d
ramips: TP-link archer A6/C6 device tree updates (+41,-14)
ed6e136
ramips: fix Gigabit Ethernet port of the HiWiFi HC5861 (+6,-2)
6bb3c2e
ramips: enable wireless LEDs activity blinking for TP-Link EC330-G5u v1 (+2,-2)
04cde73
treewide: fix MERCUSYS brand spelling (+4,-4)
65bf66f
ramips: Add support for ComFast CF-E390AX (+161)
275f7e0
ramips: cf-ew72-v2: Add support for COMFAST CF-EW72 V2 (+209,-1)
b38b5c4
ramips: add support for MeiG SLT866 4G CPE (+262,-1)
Target / realtek (2 changes)
2ce5521
realtek: rename hpe,1920-8g-poe to match hardware (+9,-8)
4245adf
realtek: add support for HPE 1920-8g-poe+ (65W) (+25)
Target / sunxi (1 change)
982f859
sunxi: fixes led for nanopi boards (+2,-2)
Wireless / Common (1 change)
2ef625e
mac80211: fix not set noscan option for wpa_supplicant (+1,-1)
Miscellaneous (25 changes)
6420851
CI: build: drop redundant generate ccache hash job (+1,-9)
b98b3d4
CI: build: package external toolchain after build (+26)
6c80c75
CI: build: add option to configure container to use (+4,-1)
6099d08
CI: build: add checks to test if toolchain container can be used (+18,-2)
e2780cb
CI: push-containers: build and push container with external toolchain (+146,-18)
e83384b
CI: build: Add support to use container included external toolchain (+23,-1)
f666723
CI: ignore master branch for push events (+10)
c5441d2
CI: build: split cache ccache in separate restore and save jobs (+9,-2)
fad08e8
CI: build: add job to remove previous ccache cache if already exist (+19)
c8d4694
CI: build: add option to disable use of ccache (+13,-5)
d7e2468
CI: build: add option to define custom ccache cache type (+6,-2)
51adcb7
CI: build: fix ccache cache usage (+12,-1)
15f4d6b
CI: coverity: disable ccache usage (+1)
5bfa66b
CI: build: limit cache save/delete only on push events (+2,-2)
f7e4f8c
CI: add support for getting ccache cache from S3 (+124,-3)
05331f0
CI: kernel: test each subtarget on push events (+6,-4)
37395ec
ci: bump buildworker container to version v6 (+2,-2)
6cdd9a6
ci: build: verify downloaded toolchain tarball (+12,-2)
b00fcab
CI: label-kernel: support compile testing kernel version and all target (+87,-10)
3826ebb
CI: build-tools: build all host tools (+1)
76a9b0e
CI: migrate each workflow to use reusable workflow from dedicated repo (+22,-670)
b63c6e3
CI: drop unused reusable workflow and dockerfiles (-861)
c53dda1
CI: generilize S3 secret keys name and rename to proper name (+4,-4)
263ef84
CI: provide new required secret for S3 endpoint and bucket name (+4)
592aacc
ci: add workflow for automated GitHub release (+24)
Addressed bugs
#13112
Description: [23.05.0] 802.11s (mesh) use only 20MHz BW (2.4 GHz)
Link: https://github.com/openwrt/openwrt/issues/13112
Commits:
85d1b43
hostapd: permit 40MHz in 802.1s only also for 2.4GHz g/n with noscan (+9)
#13572
Description: bcm53xx: build fails with default config
Link: https://github.com/openwrt/openwrt/issues/13572
Commits:
ba300c8
bcm53xx: build a single device per profile (+1)
#13649
Description: IPQ4019 ethernet
Link: https://github.com/openwrt/openwrt/issues/13649
Commits:
4afff7b
ipq40xx: switch to performance governor by default (+2,-2)
#13716
Description: Netgear WNDR4700 not booting after update to OpenWRT version 23.05.0
Link: https://github.com/openwrt/openwrt/issues/13716
Commits:
03cb2d6
apm821xx: WNDR4700: fix broken sysupgrade, factory images (+7,-2)
#13724
Description: Redmi AX6000 is not able to connect to tftp for recovery
Link: https://github.com/openwrt/openwrt/issues/13724
Commits:
620721f
uboot-mediatek: Sync phy-mode for Xiaomi Redmi Router AX6000 (+2,-2)
#13736
Description: TP-Link Archer C6 (EU) ver3.20 - WiFi/WPS Button not working
Link: https://github.com/openwrt/openwrt/issues/13736
Commits:
75fe50d
ramips: TP-link archer A6/C6 device tree updates (+41,-14)
#13767
Description: odhcpd doesn't log its own leases - LuCi UI indicates expired when the leases are not expired
Link: https://github.com/openwrt/openwrt/issues/13767
Commits:
4bbc6e7
add hostsfile output in addition to statefile (+127,-4)
#13774
Description: <mbedtls> No more support of P-521 curve of signing certs starting from openwrt 23
Link: https://github.com/openwrt/openwrt/issues/13774
Commits:
3223f31
mbedtls: Activate secp521r1 curve by default (+2,-2)
#13776
Description: CONFIG_EXTERNAL_CPIO is ignored if CONFIG_TARGET_ROOTFS_INITRAMFS_SEPARATE
Link: https://github.com/openwrt/openwrt/issues/13776
Commits:
ee3600a
image: Fix the CONFIG_EXTERNAL_CPIO logic (+1,-1)
#13812
Description: iptables 1.8.8 string extension critical bug
Link: https://github.com/openwrt/openwrt/issues/13812
Commits:
b7e81d2
iptables: backport patch fixing bug with string module (+41,-1)
#13881
Description: image builder missing ./tmp/.packageinfo
Link: https://github.com/openwrt/openwrt/issues/13881
Commits:
cfadbc0
image: fix image generation within ImageBuilder (+2)
#13946
Description: WDS master not working anymore
Link: https://github.com/openwrt/openwrt/issues/13946
Commits:
46385eb
netifd: update to the latest version (+3,-3)
⇒ eee02cc
device: add support to configure eee (+32)
⇒ bb28f6a
wireless: fix sign comparison warning (+1,-1)
⇒ 35facc8
wireless: fix premature removal of hotplug devices due to down state (+12,-11)
Security fixes
CVE-2023-5363
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5363
Commits:
cdf7c3a
openssl: update to 3.0.12 (+3,-3)