OpenWrt 24.10.7 Changelog

This changelog lists all commits done in OpenWrt since the v24.10.6 tag, grouped by subsystem. The changes are chronologically ordered from top to bottom and cover the Git repository history until the tagging of the 24.10.7 release.

See also the release notes that provide a more accessible overview of the main changes in 24.10.7.

ea7c6f0 kernel: bump 6.6 to 6.6.128 (+195,-295)
81abc8d kernel: bump 6.6 to 6.6.129 (+2,-2)
032575c kernel: bump 6.6 to 6.6.130 (+238,-563)
51ac6f9 kernel: bump 6.6 to 6.6.131 (+24,-24)
04b36e2 kernel: bump 6.6 to 6.6.132 (+2,-2)
2b9f01b kernel: bump 6.6 to 6.6.133 (+2,-2)
44df997 scripts/ext-tools.sh: set all prebuilt tool files to same timestamp (+4,-8)
71d259b rules.mk: Update ccache's compiler check. (+1,-1)
a6149ff build: do not set CCACHE_COMPILERCHECK (-1)
b11cca0 kernel: bump 6.6 to 6.6.134 (+74,-132)
00da0d2 kernel: bump 6.6 to 6.6.135 (+3,-209)
2e9a163 kernel: bump 6.6 to 6.6.136 (+140,-141)
14a27ac kernel: bump 6.6 to 6.6.137 (+9,-9)
aa8e6a9 kernel: bump 6.6 to 6.6.138 (+2,-2)
224995b kernel: bump 6.6 to 6.6.139 (+2,-2)
b3e4012 kernel: bump 6.6 to 6.6.140 (+81,-81)
ca4a3dd kernel: bump 6.6 to 6.6.141 (+168,-8.1K)

ea7c6f0 kernel: bump 6.6 to 6.6.128 (+195,-295)
032575c kernel: bump 6.6 to 6.6.130 (+238,-563)
51ac6f9 kernel: bump 6.6 to 6.6.131 (+24,-24)
b11cca0 kernel: bump 6.6 to 6.6.134 (+74,-132)
00da0d2 kernel: bump 6.6 to 6.6.135 (+3,-209)
2e9a163 kernel: bump 6.6 to 6.6.136 (+140,-141)
14a27ac kernel: bump 6.6 to 6.6.137 (+9,-9)
72dbda4 generic: backport new field_prep()/get() helper for non-const bitmask (+294)
bcff990 kernel: backport crypto: talitos - stop using crypto_ahash::init (+52)
b3e4012 kernel: bump 6.6 to 6.6.140 (+81,-81)
ca4a3dd kernel: bump 6.6 to 6.6.141 (+168,-8.1K)
ab4c7d6 airoha: an7581: enable USB support (+2)

1e61a54 uboot-sunxi: fix build with swig 4.3.0 (+54)
9d0bafc uboot-tegra: fix build with swig 4.3.0 (+54)
507bd4c boot: Introduce support for U-Boot support for Airoha EN7581/AN7583 (+2.1K)
c5de245 uboot-airoha: drop HIDDEN option (-1)

b76c38f wifi-scripts: fix macaddr check in mac80211.uc (+1,-1)
44d98ee openssl: update to version 3.0.20 (+2,-2)
c334b9a mbedtls: update to 3.6.6 (+3,-3)
002aa24 mbedtls: backport upstream patches to fix TLS 1.2 client issues (+321,-1)
4c472ca wolfssl: Update to version 5.8.2 (+4,-4)
6da7074 wolfssl: update to 5.8.4 (+3,-3)
b2defe9 wolfssl: update to 5.9.0 (+3,-3)
766cbba wolfssl: update to 5.9.1 (+3,-3)
15250e1 dnsmasq: apply six CVE-fix upstream patches to 2.90 (+205,-1)
db8cbe9 ca-certificates: update to 20260223 (+2,-2)

4d71297 wireless-regdb: update to version 2026.03.18 (+2,-2)

032575c kernel: bump 6.6 to 6.6.130 (+238,-563)
503ffed airoha: add the capability to read firmware names from dts (+125)
4699a8a airoha: an7581: add specific NPU dtsi and update eMMC and W1700K (+13,-2)
db4a0d5 airoha: fix EN7581 PCIe initialization and add x2 link support (+295)
6bd5ed7 airoha: an7581: drop airoha,x2-mode related property and enable in device (-5)
530d332 airoha: an7581: disable NPU offload stats for eagle (+1,-1)
6f66bee airoha: replace I2S patch with upstream pending version (+721,-565)
62dc186 airoha: fix kernel panic from I2S driver (+4,-4)
eab2601 airoha: renumber ASoC and PCS patch for more backport patch ()
0c77a7d airoha: show link rate and duplex (+26)
ecb7f66 airoha: npu: Init BA memory region if provided via DTS (+40,-3)
fb959f6 airoha: net: fix building for en7523 (+149,-1)
6bbc109 airoha: backport some missing airoha_eth upstream patches (+856,-59)
af35693 airoha: an7581: move internal PHY interrupt to specific device DTS (-4)
a8382a4 airoha: backport patch fixing offload support with GDM2 present (+31)
ca4a3dd kernel: bump 6.6 to 6.6.141 (+168,-8.1K)
ab4c7d6 airoha: an7581: enable USB support (+2)

ea7c6f0 kernel: bump 6.6 to 6.6.128 (+195,-295)
032575c kernel: bump 6.6 to 6.6.130 (+238,-563)
51ac6f9 kernel: bump 6.6 to 6.6.131 (+24,-24)
b11cca0 kernel: bump 6.6 to 6.6.134 (+74,-132)
2e9a163 kernel: bump 6.6 to 6.6.136 (+140,-141)
b3e4012 kernel: bump 6.6 to 6.6.140 (+81,-81)

ea7c6f0 kernel: bump 6.6 to 6.6.128 (+195,-295)
032575c kernel: bump 6.6 to 6.6.130 (+238,-563)
51ac6f9 kernel: bump 6.6 to 6.6.131 (+24,-24)
b11cca0 kernel: bump 6.6 to 6.6.134 (+74,-132)
00da0d2 kernel: bump 6.6 to 6.6.135 (+3,-209)
2e9a163 kernel: bump 6.6 to 6.6.136 (+140,-141)
b3e4012 kernel: bump 6.6 to 6.6.140 (+81,-81)
ca4a3dd kernel: bump 6.6 to 6.6.141 (+168,-8.1K)

032575c kernel: bump 6.6 to 6.6.130 (+238,-563)

c77f9c8 bcm53xx: image: sync targets names with DT compatible (+14,-11)

ea7c6f0 kernel: bump 6.6 to 6.6.128 (+195,-295)
2e9a163 kernel: bump 6.6 to 6.6.136 (+140,-141)
ca4a3dd kernel: bump 6.6 to 6.6.141 (+168,-8.1K)

b3e4012 kernel: bump 6.6 to 6.6.140 (+81,-81)

ea7c6f0 kernel: bump 6.6 to 6.6.128 (+195,-295)

ea7c6f0 kernel: bump 6.6 to 6.6.128 (+195,-295)

2120db2 lantiq: fix mtdparsers refcount leak and memory leak (+16,-12)
ea7c6f0 kernel: bump 6.6 to 6.6.128 (+195,-295)
ca4a3dd kernel: bump 6.6 to 6.6.141 (+168,-8.1K)

ca4a3dd kernel: bump 6.6 to 6.6.141 (+168,-8.1K)

ea7c6f0 kernel: bump 6.6 to 6.6.128 (+195,-295)
032575c kernel: bump 6.6 to 6.6.130 (+238,-563)
51ac6f9 kernel: bump 6.6 to 6.6.131 (+24,-24)
b3e4012 kernel: bump 6.6 to 6.6.140 (+81,-81)
ca4a3dd kernel: bump 6.6 to 6.6.141 (+168,-8.1K)

ea7c6f0 kernel: bump 6.6 to 6.6.128 (+195,-295)
032575c kernel: bump 6.6 to 6.6.130 (+238,-563)
b3e4012 kernel: bump 6.6 to 6.6.140 (+81,-81)
ca4a3dd kernel: bump 6.6 to 6.6.141 (+168,-8.1K)

ea7c6f0 kernel: bump 6.6 to 6.6.128 (+195,-295)

ea7c6f0 kernel: bump 6.6 to 6.6.128 (+195,-295)
beaf298 qualcommax: ipq807x: label mac for Linksys MX5300 (+4)
fbca86e qualcommax: ipq807x: mx5300: use existing aliases node (+1,-4)

ea7c6f0 kernel: bump 6.6 to 6.6.128 (+195,-295)
a64f028 ramips-mt7621: fix xiaomi mi ac2100 mac address (+2,-2)
b11cca0 kernel: bump 6.6 to 6.6.134 (+74,-132)
ca4a3dd kernel: bump 6.6 to 6.6.141 (+168,-8.1K)

ea7c6f0 kernel: bump 6.6 to 6.6.128 (+195,-295)
032575c kernel: bump 6.6 to 6.6.130 (+238,-563)
b11cca0 kernel: bump 6.6 to 6.6.134 (+74,-132)
ca4a3dd kernel: bump 6.6 to 6.6.141 (+168,-8.1K)

ea7c6f0 kernel: bump 6.6 to 6.6.128 (+195,-295)
032575c kernel: bump 6.6 to 6.6.130 (+238,-563)

ea7c6f0 kernel: bump 6.6 to 6.6.128 (+195,-295)
032575c kernel: bump 6.6 to 6.6.130 (+238,-563)
ca4a3dd kernel: bump 6.6 to 6.6.141 (+168,-8.1K)

Description: DDNS update not working in latest 25.12 snapshot due to SSL failure
Link: https://github.com/openwrt/openwrt/issues/22874
Commits:
002aa24 mbedtls: backport upstream patches to fix TLS 1.2 client issues (+321,-1)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-002-2026
Commits:
15250e1 dnsmasq: apply six CVE-fix upstream patches to 2.90 (+205,-1)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7394
Commits:
4c472ca wolfssl: Update to version 5.8.2 (+4,-4)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7395
Commits:
4c472ca wolfssl: Update to version 5.8.2 (+4,-4)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7396
Commits:
4c472ca wolfssl: Update to version 5.8.2 (+4,-4)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11931
Commits:
6da7074 wolfssl: update to 5.8.4 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11932
Commits:
6da7074 wolfssl: update to 5.8.4 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11933
Commits:
6da7074 wolfssl: update to 5.8.4 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11934
Commits:
6da7074 wolfssl: update to 5.8.4 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11935
Commits:
6da7074 wolfssl: update to 5.8.4 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11936
Commits:
6da7074 wolfssl: update to 5.8.4 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12888
Commits:
6da7074 wolfssl: update to 5.8.4 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12889
Commits:
6da7074 wolfssl: update to 5.8.4 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66442
Commits:
c334b9a mbedtls: update to 3.6.6 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0819
Commits:
b2defe9 wolfssl: update to 5.9.0 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1005
Commits:
b2defe9 wolfssl: update to 5.9.0 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2645
Commits:
b2defe9 wolfssl: update to 5.9.0 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2646
Commits:
b2defe9 wolfssl: update to 5.9.0 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3229
Commits:
b2defe9 wolfssl: update to 5.9.0 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3230
Commits:
b2defe9 wolfssl: update to 5.9.0 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3503
Commits:
b2defe9 wolfssl: update to 5.9.0 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3547
Commits:
b2defe9 wolfssl: update to 5.9.0 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3548
Commits:
b2defe9 wolfssl: update to 5.9.0 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3549
Commits:
b2defe9 wolfssl: update to 5.9.0 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3579
Commits:
b2defe9 wolfssl: update to 5.9.0 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3580
Commits:
b2defe9 wolfssl: update to 5.9.0 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3849
Commits:
b2defe9 wolfssl: update to 5.9.0 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4159
Commits:
b2defe9 wolfssl: update to 5.9.0 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4395
Commits:
b2defe9 wolfssl: update to 5.9.0 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25833
Commits:
c334b9a mbedtls: update to 3.6.6 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25834
Commits:
c334b9a mbedtls: update to 3.6.6 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25835
Commits:
c334b9a mbedtls: update to 3.6.6 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28387
Commits:
44d98ee openssl: update to version 3.0.20 (+2,-2)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28388
Commits:
44d98ee openssl: update to version 3.0.20 (+2,-2)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28389
Commits:
44d98ee openssl: update to version 3.0.20 (+2,-2)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28390
Commits:
44d98ee openssl: update to version 3.0.20 (+2,-2)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31789
Commits:
44d98ee openssl: update to version 3.0.20 (+2,-2)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31790
Commits:
44d98ee openssl: update to version 3.0.20 (+2,-2)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34871
Commits:
c334b9a mbedtls: update to 3.6.6 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34872
Commits:
c334b9a mbedtls: update to 3.6.6 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34873
Commits:
c334b9a mbedtls: update to 3.6.6 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34874
Commits:
c334b9a mbedtls: update to 3.6.6 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34875
Commits:
c334b9a mbedtls: update to 3.6.6 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34876
Commits:
c334b9a mbedtls: update to 3.6.6 (+3,-3)

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34877
Commits:
c334b9a mbedtls: update to 3.6.6 (+3,-3)