Hi,The OpenWrt community is proud to announce the newest stable release of the OpenWrt 22.03 stable version series. It fixes security issues, improves device support, and brings a few bug fixes.
Download firmware images using the OpenWrt Firmware Selector: * https://firmware-selector.openwrt.org/?version=22.03.3 Download firmware images directly from our download servers: * https://downloads.openwrt.org/releases/22.03.3/targets/ Main changes between OpenWrt 22.03.2 and OpenWrt 22.03.3: ======================================================== Security fixes ============== * CVE-2022-30065: busybox: Fix a use-after-free in Busybox 1.35-x's awk applet * CVE-2022-0934: dnsmasq: Fixes single-byte, non-arbitrary write/use- after-free flaw in dnsmasq DHCPv6 server * CVE-2022-1304: e2fsprogs: An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5 * CVE-2022-47939: kmod-ksmbd: ZDI-22-1690: Linux Kernel ksmbd Use- After-Free Remote Code Execution Vulnerability * CVE-2022-46393: mbedtls: Fix potential heap buffer overread and overwrite * CVE-2022-46392: mbedtls: An adversary with access to precise enough information about memory accesses can recover an RSA private key * CVE 2022-42905: wolfssl: In the case that the WOLFSSL_CALLBACKS macro is set when building wolfSSL, there is a potential heap over read of 5 bytes when handling TLS 1.3 client connections. Device support ============== * Support for the following devices was added: * Ruckus ZoneFlex 7372 * Ruckus ZoneFlex 7321 * ZTE MF289F * TrendNet TEW-673GRU * Linksys EA4500 v3 * Wavlink WS-WN572HP3 4G * Fix reboot loop by using LZMA loader. This affects the following devices: * NETGEAR EX6150 * HiWiFi HC5962 * ASUS RT-N56U B1 * Belkin F9K1109v1 * D-Link DIR-645 * D-Link DIR-860L B1 * NETIS WF2881 * ZyXEL WAP6805 * Fix WAN mac address assignment. This affects the following devices: * UniElec U7621-01 * UniElec U7621-06 * TP-Link AR7241 * TP-Link TL-WR740N * TP-Link TL-WR741ND v4 * Teltonika RUT230 * Luma Home WRTQ-329ACN * mvebu: Disable devices using broken mv88e6176 switch. This affects the following devices: * CZ.NIC Turris Omnia * Linksys WRT1200AC * Linksys WRT1900ACS * Linksys WRT1900AC v1 * Linksys WRT1900AC v2 * Linksys WRT3200ACM * Linksys WRT32X * Linksys WRT3200ACM * SolidRun ClearFog Pro * lantiq/xrx200: Enable interrupts on second VPE * layerscape: Fix SPI-NOR issues with vendor patches * RouterBoard 912UAG: Fix reference clock * TP-Link RE200 v3/v4: Fix LED configuration * GL.iNet GL-MT1300: Fix flash access by reducing SPI clock * Youku YK-L2 and YK-L1: Allow installing initramfs-kernel.bin over vendor web UI * D-Link DIR-825 B1: Add factory image recipe * D-Link DIR-825-B1: Expand rootfs * D-Link DGS-1210-10P: Add support for extra buttons and LEDs * Asus RT-AC88U: Include Broadcom 4366b1 firmware by default * AVM FRITZ!Box 7430: Include USB driver by default * HAOYU Electronics MarsBoard A10: Include sound driver by default * Linksys EA6350v3, EA8300, MR8300 and WHW01: Allow flashing Linksys factory firmware Various fixes and improvements ============================== * firewall4: Fix boot hang with firewall4 and loadfile * Added the following kernel packages: * kmod-sched-prio (extracted from kmod-sched) * kmod-sched-red (extracted from kmod-sched) * kmod-sched-act-police (extracted from kmod-sched) * kmod-sched-act-ipt (extracted from kmod-sched) * kmod-sched-pie (extracted from kmod-sched) * kmod-sched-drr * kmod-sched-fq-pie * kmod-sched-act-sample * kmod-nvme * kmod-phy-marvell * kmod-hwmon-sht3x * kmod-netconsole * kmod-btsdio * Added firmware files for mt7916 and mt7921 devices * ucode: lexer: Fixes for regex literal parsing * hostapd: Remove dtim_period option from device, it is already a BSS property * procd: Service: pass all arguments to service * ustream-openssl: Disable renegotiation in TLSv1.2 and earlier * comgt-ncm: Add support for quectel modem EC200T-EU * umbim: Allow roaming and partner connections * kernel: Add support for EON EN25QX128A spi nor flash * iwinfo: Many bugfixes and improvements: * improvements in showing the used band, ht mode and hw mode * Added support for HE (Wifi 6) modes * Added support for new devices (MT7921AU, MT7986 WiSoC) * Add support for CCMP-256 and GCMP-256 ciphers * uhttpd: Fix incorrectly emitting HTTP 413 for certain content lengths * gcc: Import patch fixing asm machine directive for powerpc Core components update ====================== * Update Linux kernel from 5.10.146 to 5.10.161 * Update mac80211 backports from 5.15.58-1 to 5.15.81-1 * Update strace from 5.16 to 5.19 * Update mbedtls from 2.28.1 to 2.28.2 * Update openssl from 1.1.1q to 1.1.1s * Update wolfssl from 5.5.1 to 5.5.4 * Update util-linux from 2.37.3 to 2.37.4 * Update firewall4 from 2022-10-14 to 2022-10-18 * Update odhcpd from 2022-03-22 to 2023-01-02 * Update uhttpd from 2022-08-12 to 2022-10-31 * Update iwinfo from 2022-08-19 to 2022-12-15 * Update ucode from 2022-10-07 to 2022-12-02 ----------------- Full release notes and upgrade instructions are available at https://openwrt.org/releases/22.03/notes-22.03.3In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/22.03/notes-22.03.3#known_issues For a detailed list of all changes since 22.03.2, refer to https://openwrt.org/releases/22.03/changelog-22.03.3 To download the 22.03.3 images, navigate to: https://downloads.openwrt.org/releases/22.03.3/targets/ Use OpenWrt Firmware Selector to download: https://firmware-selector.openwrt.org/?version=22.03.3 As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters. Have fun! The OpenWrt Community --- To stay informed of new OpenWrt releases and security advisories, there are new channels available: * a low-volume mailing list for important announcements: https://lists.openwrt.org/mailman/listinfo/openwrt-announce * a dedicated "announcements" section in the forum: https://forum.openwrt.org/c/announcements/14 * other announcement channels (such as RSS feeds) might be added in the future, they will be listed at https://openwrt.org/contact
OpenPGP_0x93DD20630910B515.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
