Ostatnio Na Forum
Polityka prywatności

Portal openrouter.info stosuje pliki cookies ("ciasteczka") pozwalające na dostosowanie zawartości portalu do indywidualnych potrzeb. Korzystanie z portalu bez zmiany ustawień dotyczących ciasteczek oznacza akceptację umieszczenia ich na urządzenia użytkownika. Zmianę ustawień pliku ciasteczek można wykonać zmieniając opcję w ustawieniach przeglądarki internetowej. Więcej informacji można znaleźć w Polityce prywatności.

OpenWrt 21.02.0-rc1

Wiele miesięcy musieliśmy czekać na kolejne wydanie stabilne OpenWrt i oto jest: świeże wydanie kandydujące oznaczone 21.02.0-rc1. Największymi zmianami są chyba wprowadzenie domyślnie obsługi https oraz WPA3, niesamowita ilość poprawek i dużo aktualizacji pakietów.

Informacje o wydaniu poniżej (EN):

Cytuj:
The OpenWrt community is proud to announce the first release candidate of the upcoming OpenWrt 21.02 stable version series. It incorporates over 5800 commits since branching the previous OpenWrt 19.07 release and has been under development for about one and a half year.


WPA3 support included by default

WPA3 was already supported in 19.07 but it was not provided by the default set of packages in OpenWrt images. With 21.02, all packages necessary to provide WPA3 are installed by default in OpenWrt images.


TLS and HTTPS support included by default

TLS support is now provided by default in OpenWrt images including the trusted CA certificates from Mozilla. It means that wget and opkg now support fetching resources over HTTPS out-of-the-box. The opkg download server is accessed through HTTPS by default. OpenWrt switched from mbed TLS to wolfSSL as the default SSL library, mbed TLS and OpenSSL are still available and can be installed manually.


Initial DSA support

DSA stands for Distributed Switch Architecture and is the Linux standard to deal with configurable Ethernet switches. OpenWrt 21.02 comes with initial support for DSA, which replaces the swconfig system that OpenWrt was using up until now. Not all targets have been ported: some devices still use swconfig while some devices already switched to DSA. This is a significant change to how switch ports and VLANs are managed. As such, sysupgrade will not be able to convert existing swconfig configuration to DSA configuration (see ?Upgrading? below).

The following targets are using a switch managed with DSA in OpenWrt 21.02:
* ath79 (only TP-Link TL-WR941ND)
* bcm4908
* gemini
* kirkwood
* mediatek (most boards)
* mvebu
* octeon
* ramips/mt7621
* realtek


Increased minimum hardware requirements: 8 MB flash, 64 MB RAM

Due to new features being introduced and the general size increase of the Linux kernel, devices now need at least 8 MB of flash and 64 MB of RAM to run a default build of OpenWrt.It is still possible to build custom OpenWrt images (e.g. using the ImageBuilder) that may fit devices with 4 MB of flash or 32 MB of RAM. However, the level of functionality will be reduced and there is no guarantee to stability. See OpenWrt on 4/32 devices for more details and guidance.


New hardware targets

A new realtek target has been added, which is often found in managed switches. As a result, it is now possible to run OpenWrt on devices with a significant number of Ethernet ports. See supported devices for realtek. In addition, new bcm4908 and rockchip targets have been added. Support for many new boards was added to the existing targets.


Dropped hardware targets

The ar71xx was deprecated in OpenWrt 19.07 and was gradually replaced by ath79, see ar71xx-ath79 migration. With OpenWrt 21.02, the ar71xx has been removed and users must use ath79 instead. If you are still running with the ar71xx target, it is recommended to reinstall OpenWrt 21.02 from scratch. Users already on the ath79 target can use sysupgrade to upgrade to OpenWrt 21.02.
Other targets were also removed: cns3xxx, rb532 and samsung.


ASLR activated

Network exposed user space applications are linked as position-independent executable (PIE) to allow full Address Space Layout
Randomization (ASLR) support. This makes it harder for attackers to exploit OpenWrt. See Hardening build options for more details.


Kernel with container support

Multiple Linux kernel compile options, needed for Linux Containers (LXC) and procd-ujail are activated by default for most targets. This allows to use LXC and ujail with the normal release builds.


SELinux support

It is possible to compile OpenWrt with SELinux support. This is currently not activated by default.


Core components update

Core components have the following versions in 21.02.0-rc1:
- Updated toolchain:
* musl libc 1.1.24
* glibc 2.33
* gcc 8.4.0
* binutils 2.35.1
- Updated Linux kernel
* 5.4.111 for all targets
- Network:
* hostapd 2020-06-08, dnsmasq 2.84, dropbear 2020.81
* cfg80211/mac80211 from kernel 5.10.16
* wireguard backport from upstream Linux kernel
- System userland:
* busybox 1.33.0

In addition to the listed applications, many others were also updated.


Upgrading to 21.02.0-rc1

Sysupgrade can be used to upgrade a device from 19.07 to 21.02, and configuration will be preserved in most cases.

Sysupgrade from 18.06 to 21.02 is not supported.

There is no migration path for targets that switched from swconfig to DSA. In that case, sysupgrade will refuse to proceed with an appropriate error message:
Image version mismatch. image 1.1 device 1.0 Please wipe config during upgrade (force required) or reinstall. Config cannot be migrated from swconfig to DSA Image check failed

The default root file system partition size changed for targets/devices relying on booting from mass storage (HDD, USB flash, SD card, etc.), so MBR will change and any additional partition will be deleted when sysupgrading.


Known issues

* DSA support is new and might not be complete or fully working
* The LuCI web interface has no support for DSA yet
* LuCI writes unnecessary IPv6 RA options to /etc/config/dhcp if the user edits interface's DHCP settings. This could prevent client IPv6 connectivity.
* Update luci-mod-network to git-21.107.58557 or later to fix this problem


Full release notes and upgrade instructions are available at https://openwrt.org/releases/21.02/notes-21.02.0-rc1

In particular, make sure to read the regressions and known issues before upgrading: https://openwrt.org/releases/21.02/note ... own_issues

For a very detailed list of all changes since 19.07, refer to https://openwrt.org/releases/21.02/chan ... 1.02.0-rc1

To download the v21.02.0-rc1 images, navigate to: https://downloads.openwrt.org/releases/21.02.0-rc1/

- ---

To stay informed of new OpenWrt releases and security advisories, there are new channels available:

* a low-volume mailing list for important announcements: https://lists.openwrt.org/mailman/listi ... t-announce

* a dedicated "announcements" section in the forum: https://forum.openwrt.org/c/announcements/14

* other announcement channels (such as RSS feeds) might be added in the future, they will be listed at https://openwrt.org/contact


As always, a big thank you goes to all our active package maintainers, testers, documenters, and supporters.

Have fun!

The OpenWrt Community

  Więcej na forum…  

OpenWrt 19.07.7

Została wydana kolejna wersja poprawkowa OpenWrt oznaczona numerem 19.07.7. Jak zwykle dotyczy ona poprawek bezpieczeństwa i stabilności systemu.

Cytuj:
The OpenWrt community is proud to announce the seventh service release of OpenWrt 19.07. It fixes security issues, improves device support, and brings a few bug fixes.

The main changes from OpenWrt 19.07.6 are:

Security fixes
==============

* Security Advisory 2021-02-02-1 - netifd and odhcp6c routing loop on IPv6 point to point links (CVE-2021-22161)

* Security Advisory 2021-02-02-2 - wolfSSL heap buffer overflow in RsaPad_PSS (CVE-2020-36177)

Major bug fixes
===============

* Fix dnsmasq error messages such as "failed to send packet: Network unreachable" or "failed to send packet: Address family not supported by protocol" that could be filling up logs. This was a regression caused by the dnsmasq update in 19.07.6.

* Fix opkg so that it purges obsolete packages from its local cache. This fixes a long-standing issue in the ImageBuilder where a manual cleanup was needed before rebuilding.

Device support
==============

* Improve stability of mediatek Ethernet switch (affects many mt7621 devices)

* Fix Wi-Fi band detection on some Broadcom-based devices

* Fix poor 2.4 GHz Wi-Fi performance on TP-Link Archer C50 v4 due to a missing EEPROM chip ID

* Make initramfs image usable out-of-the-box on Turris Omnia

* Use full flash size on Nucom R5010UN v2

* Fix support for TP-Link TL-WR810N v1 in ath79

* Remove broken factory image for TP-Link Archer C2 v1

* Fix unintended failsafe mode during boot on Netgear EX6150

Various fixes and improvements
==============================

* The ImageBuilder no longer requires compilers (gcc, g++) and libncurses-dev. This was partially implemented in 19.07.6 but one part was missing to make it actually work.

* Update to a new major version of ksmbd to fix several bugs. This breaks compatibility with previous versions of OpenWrt (19.07.0 to 19.07.6): it is no longer possible to install a working version of ksmbd-tools on previous versions of OpenWrt. Existing installations will keep working, but ksmbd-tools should not be upgraded with opkg.

Unfortunately, this ksmbd update introduced a regression: the kernel module package for ksmbd depends on the non-existant kmod-crypto-arc4. If you are affected by this issue, see https://openwrt.org/releases/19.07/note ... egressions for a workaround.

LuCI web interface
==================

* Fix array sorting on Chrome
* Add nextdns.io and quad 101 providers to luci-app-https-dns-proxy package

Core components
===============

* Update Linux kernel from 4.14.215 to 4.14.221

* Update wolfssl from 4.5.0 to 4.6.0


Full release notes and upgrade instructions are available at https://openwrt.org/releases/19.07/notes-19.07.7

In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/19.07/note ... egressions

For a very detailed list of all changes since 19.07.6, refer to https://openwrt.org/releases/19.07/changelog-19.07.7

For latest information about the 19.07 series, refer to the wiki at: https://openwrt.org/releases/19.07/

To download a OpenWrt 19.07.7 firmware image for your device, head to the Table of Hardware:
https://openwrt.org/toh/start

Or use the new firmware selector: https://firmware-selector.openwrt.org/

You can also navigate directly in the list of firmware images: https://downloads.openwrt.org/releases/19.07.6/targets/

As always, a big thank you goes to all our active package maintainers, testers, documenters, and supporters.

Have fun!

The OpenWrt Community

---

To stay informed of new OpenWrt releases and security advisories, there are new channels available:

* a low-volume mailing list for important announcements: https://lists.openwrt.org/mailman/listi ... t-announce

* a dedicated "announcements" section in the forum: https://forum.openwrt.org/c/announcements/14

* other announcement channels (such as RSS feeds) might be added in the future, they will be listed at https://openwrt.org/contact

  Więcej na forum…  

OpenWrt 19.07.6

Wydano OpenWrt 19.07.6. Głównym powodem stworzenia nowego wydania było znalezienie poważnych problemów w lokalnym serwerze dns i dhcp - dnsmasq.

Poniżej informacja o wydaniu [EN]

Cytuj:
The OpenWrt community is proud to announce the sixth service release of OpenWrt 19.07. It focuses on fixing several security issues.

Main changes from OpenWrt 19.07.5

Security fixes
* Security Advisory 2021-01-19-1 - dnsmasq multiple vulnerabilities CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687, CVE-2020-25684, CVE-2020-25685 and CVE-2020-25686)
* openssl: NULL pointer deref in GENERAL_NAME_cmp function can lead to a DOS attack. (CVE-2020-1971)

Note: security fixes for most packages can also be applied by upgrading only the affected packages on running devices, without the need for a full firmware upgrade. This can be done with opkg update; opkg upgrade the_package_name or through the LuCI web interface.

Nevertheless, we encourage all users to upgrade their devices to OpenWrt 19.07.6 or later versions whenever possible.

Major bug fixes
* Fix iOS 14 tethering problem

Device support
* Enable LED VCC for Asus RT-AC51U

LuCI web interface
* luci-mod-system: properly handle SSH pubkeys with options (GH#4684)
* luci-mod-network: properly handle wireless netdevs when creating interfaces
* Update translations from weblate

Core components
* Update Linux kernel from 4.14.209 to 4.14.215
* Update mac80211 and wifi drivers from 4.19.137-1 to 4.19.161-1
* Update wireless-regdb from 2019.06.03 to 2020.11.20
* Update mbedtls from 2.16.8 to 2.16.9
* Update openssl from 1.1.1h to 1.1.1i

Full release notes and upgrade instructions are available at https://openwrt.org/releases/19.07/notes-19.07.6

In particular, make sure to read the regressions and known issues before upgrading: https://openwrt.org/releases/19.07/note ... egressions

For a very detailed list of all changes since 19.07.5, refer to https://openwrt.org/releases/19.07/changelog-19.07.6

- ---

To stay informed of new OpenWrt releases and security advisories, there are new channels available:

* a low-volume mailing list for important announcements: https://lists.openwrt.org/mailman/listi ... t-announce

* a dedicated "announcements" section in the forum: https://forum.openwrt.org/c/announcements/14

* other announcement channels (such as RSS feeds) might be added in the future, they will be listed at https://openwrt.org/contact

- ---

For latest information about the 19.07 series, refer to the wiki at: https://openwrt.org/releases/19.07/

To download a OpenWrt 19.07.6 firmware image for your device, head to the Table of Hardware: https://openwrt.org/toh/start

Or navigate directly in the list of firmware images: https://downloads.openwrt.org/releases/19.07.6/targets/

As always, a big thank you goes to all our active package maintainers, testers, documenters, and supporters.

Have fun!

The OpenWrt Community

  Więcej na forum…  

OpenWrt 19.07.5

Dostępne jest nowe wydanie linii stabilnej OpenWrt 19.07.5. Poprawiono kilka rzeczy związanych z bezpieczeństwem (m.in bibliotekę systemową musl), dlatego też zaleca się aktualizację systemu do najnowszej dostępnej wersji.

Informacje o wydaniu (EN):

Cytuj:
The OpenWrt community is proud to announce the fifth service release of OpenWrt 19.07. It focuses on fixing several regression as well as security issues.

Main changes from OpenWrt 19.07.4

Security fixes
* Security Advisory 2020-12-09-2 - libuci import heap use after free (CVE-2020-28951)
* Security Advisory 2020-12-09-1 - Linux kernel - ICMP rate limiting can be used to facilitate DNS poisoning attack (CVE-2020-25705)
* musl: fix possible destination buffer overflow in some applications (CVE-2020-28928)

Note: security fixes for most packages can also be applied by upgrading only the affected packages on running devices, without the need for a full firmware upgrade. This can be done with opkg update; opkg upgrade the_package_name or through the LuCI web interface.

Nevertheless, we encourage all users to upgrade their devices to OpenWrt 19.07.5 or later versions whenever possible.

Major bug fixes
* Fix regression in 19.07.4 causing transmit timeout and packet loss on mt7620 devices: FS#3332
* Fix regression in 19.07.4 where VLAN tagging no longer works on ipq40xx devices: FS#3239
* Fix long-standing instability issue on Ethernet link on several ath79 devices: FS#2216, FS#2730, FS#3225

Device support
* Various fixes for My Net Range Extender, PowerCloud Systems CAP324, D-Link DIR-645, Quad-E4G
* Support newer version of Turris Omnia
* Fix ath9k firmware extraction for UniFi AP
* Fix MAC address assignment on UniFi AC family (UniFi AC Mesh, UniFi AC LR, UniFi Lite)
* Allow booting espressobin with a mainline firmware

Various fixes and improvements
* Fix support for 3G USB modems
* uhttpd: fix spurious keepalive connection timeouts
* firewall: fix parsing of boolean attributes
* mac80211: do not allow bigger VHT MPDUs than the hardware supports

LuCI web interface
* Set the fallback default of rollback timeout to 90s
* luci-app-firewall: fix removing networks from zone (GH#4523, GH#4573)
* rpcd-mod-luci: handle lease files from all dnsmasq/odhcpd sections (GH#911, GH#4303, GH#4308)
* luci-app-firewall: rules: add ICMPv6 Packet Too Big (Type 2)
* Update translations from weblate

Core components
* Update Linux kernel from 4.14.195 to 4.14.209
* Update intel-microcode from 20190918 to 20200616
* Update amd-microcode from 20180524 to 20191218


Full release notes and upgrade instructions are available at https://openwrt.org/releases/19.07/notes-19.07.5

In particular, make sure to read the regressions and known issues before upgrading: https://openwrt.org/releases/19.07/note ... egressions

For a very detailed list of all changes since 19.07.4, refer to https://openwrt.org/releases/19.07/changelog-19.07.5

- ---

To stay informed of new OpenWrt releases and security advisories, there are new channels available:

* a low-volume mailing list for important announcements: https://lists.openwrt.org/mailman/listi ... t-announce

* a dedicated "announcements" section in the forum: https://forum.openwrt.org/c/announcements/14

* other announcement channels (such as RSS feeds) might be added in the future, they will be listed at https://openwrt.org/contact

- ---

For latest information about the 19.07 series, refer to the wiki at: https://openwrt.org/releases/19.07/

To download a OpenWrt 19.07.5 firmware image for your device, head to the Table of Hardware: https://openwrt.org/toh/start

Or navigate directly in the list of firmware images: https://downloads.openwrt.org/releases/19.07.5/targets/

As always, a big thank you goes to all our active package maintainers, testers, documenters, and supporters.

Have fun!

The OpenWrt Community

  Więcej na forum…  

OpenWrt 18.06.9

Ukazała się następna wersja "starego" wydania stabilnego OpenWrt oznaczonego numerem 18.06.9. Według zapowiedzi jest to już ostatnie wydanie te linii i zalecane jest przejście na nowsze, o ile oczywiście pozwala na to posiadany sprzęt.

Informacje o wydaniu (EN):

Cytuj:
The OpenWrt Community is proud to announce the ninth service release of the stable OpenWrt 18.06 series. OpenWrt 18.06.9 brings security fixes, as well as the usual device support fixes and core components update.

End of support for OpenWrt 18.06
This release is the final one for OpenWrt 18.06. You should consider upgrading to a newer version (OpenWrt 19.07 or later)

-----
The main highlights of this service release are:

Security fixes
* Security Advisory 2020-12-09-2 - libuci import heap use after free (CVE-2020-28951)
* Security Advisory 2020-12-09-1 - Linux kernel - ICMP rate limiting can be used to facilitate DNS poisoning attack (CVE-2020-25705)
* Security Advisory 2020-05-06-2 - relayd out-of-bounds reads of heap data and possible buffer overflow (CVE-2020-11752)
* Security Advisory 2020-05-06-1 - umdns out-of-bounds reads of heap data and possible buffer overflow (CVE-2020-11750)
* libjson-c: fix out of bounds write vulnerability (CVE-2020-12762)
* mac80211: backport some fixes for the Kr00k vulnerability in WPA. It is not clear which wireless driver/firmware combinations could be vulnerable in OpenWrt. These backported patches harden mac80211 just in case.

Note: security fixes for most packages can also be applied by upgrading only the affected packages on running devices, without the need for a full firmware upgrade. This can be done with opkg update; opkg upgrade the_package_name or through the LuCI web interface.

Nevertheless, we encourage all users to upgrade their devices to OpenWrt 18.06.9 or a newer major release whenever possible.

Bug fixes
* libubox: Fix regression that could cause procd to fail to start or restart some services. This is especially visible as it broke LuCI when upgrading from older 18.06.X releases (FS#3177)
* musl: fix locking synchronization bug
* kernel: backport out-of-memory fix for non-Ethernet devices
* firewall: fix TCP MSS clamping that was only applied on one direction (FS#3231)

Device support
* brcm63xx: fix BCM6348/BCM6358 hangs while booting (FS#2202)
* ipq40xx: fix essedma MAC hang by disabling TCP segmentation offload for IPv6
* ramips: fix USB detection on all rt305x devices
* mikrotik: add support for the new ath9k caldata encoding (LZO) found in newer hardware revisions
* Various fixes for ZyXEL Keenetic, ZyXEL NBG6616, TP-Link Archer C60 v1/v2, GL.iNet GL-AR750S, Embedded Wireless Dorin, Pirelli A226M-FWB, Arduino Yun

Core components update
* Linux kernel updated from 4.9.214 to 4.9.243 and from 4.14.171 to 4.14.206
* mbedtls updated from 2.16.4 to 2.16.8
* wireguard updated from 0.0.20190601 to 1.0.20200611
-----

For latest information about the 18.06 series, refer to the wiki at: https://openwrt.org/releases/18.06/

To download the v18.06.9 images, navigate to: https://downloads.openwrt.org/releases/18.06.9/targets/

As always, a big thank you goes to all our active package maintainers, testers, documenters, and supporters.

Have fun!

The OpenWrt Community

  Więcej na forum…  
Starsze wiadomości  
designed by digi-led.pl
góra
...Copyright © 2010-2017, Ekipa openrouter.info