On 1/25/22 00:07, Hauke Mehrtens wrote:
On 1/24/22 22:53, Hauke Mehrtens wrote:
Hi,
I would like to tag a new 21.02 and 19.07 minor release in about one
week. I am not aware of a severe security problem, it was just some
time since the last release.
Are there any known regressions in the current stable branches
compared to the last release and should we fix them?
If we should backport some changes from master please just answer to
this mail with the commit and a reason why you need it.
There are already some pull requests on github:
https://github.com/openwrt/openwrt/pulls?q=is%3Apr+is%3Aopen+label%3Arelease%2F21.02
https://github.com/openwrt/openwrt/pulls?q=is%3Apr+is%3Aopen+label%3Arelease%2F19.07
Hauke
There are some security patches available for hostapd. Is someone
working on backporting them to OpenWrt 21.02 or 19.07?
https://w1.fi/security/2022-1/
Dnsmasq also has some new CVEs assigned.
Is someone working on backporting these fixes?
https://nvd.nist.gov/vuln/detail/CVE-2021-45951
https://nvd.nist.gov/vuln/detail/CVE-2021-45952
https://nvd.nist.gov/vuln/detail/CVE-2021-45953
https://nvd.nist.gov/vuln/detail/CVE-2021-45954
https://nvd.nist.gov/vuln/detail/CVE-2021-45955
https://nvd.nist.gov/vuln/detail/CVE-2021-45956
https://nvd.nist.gov/vuln/detail/CVE-2021-45957
Hauke
Hi,
Sorry for the delay, I haven't found the time to take care of these CVEs
yet and I would like to get them fixed before the release.
There are also some CVEs fixed in wolfssl:
https://github.com/openwrt/openwrt/pull/4910
This will probably break the ABI again.
It would be nice if someone could tak over one component to get this
fixed faster.
Hauke
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel