OpenWrt 21.02.x

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 -----------------------------------------------------
 OpenWrt 21.02.0, r16279-5cc0535800
 -----------------------------------------------------

• Nuovi dispositivi e router compatibili
• Sicurezza wireless WPA3 inclusa di default
• Supporto DSA iniziale
• Requisiti hardware minimi aumentati: 8 MB di flash e 64 MB di RAM
• Nuova sintassi di configurazione di rete e modifica board.json
• ASLR attivo
• Kernel con supporto container
• Supporto SELinux
• Aggiornamento dei componenti principali

• Fix Let’s Encrypt certificate handling in WolfSSL
• Fix sysupgrade for Mikrotik targets
• Fix sysupgrade for Rockchip target when using squashfs

• Add support for iEi Puzzle-M901/Puzzle-M902

• Add build system support for Python 3.10
• Fix which handling on Fedora and MacOS build systems
• Add Tmux terminfo

• Update Linux kernel from 5.4.143 to 5.4.154
• Update mac80211 from 5.10.42 to 5.10.68
• Update ath10k-ct to 2021-09-22
• Update wolfssl from 4.7.0 to 4.8.1

• None

• Some IPv6 packets are dropped when software flow offloading is used: FS#3373
  • As a workaround, do not activate software flow offloading, it is deactivate by default.
• The menu bar in LuCI is wrongly aligned
  • If this is a real problem for you update the LuCI theme: opkg upgrade luci-theme-bootstrap

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 -----------------------------------------------------
 OpenWrt 21.02.2, r16495-bf0c965af0
 -----------------------------------------------------

Major bug fixes​

Device support​

• Minew G1-C: Allow dynamic RAM sizes
• Fix U-Boot hang on lantiq danube-s v1.5 with MX29LV640EB NOR
• Support for the following devices was added:
• Xiaomi AIoT Router AC2350
• Linksys EA6300 & EA9200
• Netgear RAXE500
• TP-Link tl-mr3020-v3: Fix switch topology
• Luxul XWR-3150 LAN: Fix ports numbering
• WD MyBook Live DUO: Fix USB-Port
• Turris Omnia: Use SFP module, if present
• OpenMesh OM5P-AC v2: Fixed device tree

Various fixes and improvements​

• Add new rpcapd package
• chmod 1777 /var/lock to follow FHS 3.0 guideline
• netifd: fix deletion of ip tunnels (FS#4058)
• multiple mac80211 backports:
• Add support Wifi 6 GHz band and HE options in scripts
• mac80211: fix IBSS/adhoc mode for brcmfmac
• Add ath10k smallbuffers

Core components​

• Update Linux kernel from 5.4.154 to 5.4.179
• Update mac80211 from 5.10.68 to 5.10.85
• Update wolfssl from 4.8.1 to 5.1.1
• Update wireless-regdb from 2021.04.21 to 2021.08.28
• Update mt76 from 2021-06-06 to 2021-12-03
• Update busybox from 1.33.1 to 1.33.2
• Update intel-microcode from 20200616 to 20210608
• Update linux-firmware from 20201118 to 20211216
• Update openssl from 1.1.1l to 1.1.1m
• Update mbedtls from 2.16.11 to 2.16.12

Regressions​

• Certificate validation fails in wolfssl against some sites especially sites using lets encrypt certificates. This affects for example wget in the default configuration #9283

Known issues​

• Some IPv6 packets are dropped when software flow offloading is used: FS#3373
• As a workaround, do not activate software flow offloading, it is deactivate by default.

Security fixes​

• wolfssl: Fix multiple security problems (CVE-2022-25638, CVE-2022-25640)
• openssl: Fix multiple security problems (CVE-2022-0778,
• zlib: backport security fix for a reproducible crash in compressor

Device support​

• Support for the following devices was added:
  • Yuncore XD3200
  • Yuncore A930
  • MikroTik RouterBOARD mAP lite
• ramips: Make memory detection more reliable
• ipTIME mt7620 devices: Fix flash detection
• Turris Omnia: improve detection of u-boot environment with U-boot 2021.09
• x86: Add pata_sis driver.
• Ubiquiti UniFi: fix label MAC address
• mvebu: udpu: fix initramfs booting
• a20-olinuxino-lime2: fix Ethernet link detection on
• TL-WR1043ND v4: Fix TPLINK_HWREV field
• OCEDO Raccoon: Fix link for long cables
• Improve support for some SFP GPON modules
• Ubiquiti UniFi AP Outdoor+: fix label MAC address
• ramips: fix reboot for remaining 32 MB boards
• TPLink WPA8630Pv2: Move to ath79-tiny target

Various fixes and improvements​

• Fix SSL certificate validation against some sites especially sites using lets encrypt certificates
• hostapd fixes and improvemnts:
  • fix radius problem due to invalid attributes
  • Expose more data over ubus
• base-files: call “sync” after initial setup
• imagebuilder: fix broken image generation with external targets

Core components​

• Update Linux kernel from 5.4.179 to 5.4.188
• Update openssl from 1.1.1m to 1.1.1n
• Update cypress-firmware from 5.4.18-2020_0402 to 5.4.18-2021_0812
• Update mac80211 from 5.10.85 to 5.10.110
• Update wolfssl from 5.1.1 to 5.2.0

Regressions​

Known issues​

• Some IPv6 packets are dropped when software flow offloading is used: FS#3373
  • As a workaround, do not activate software flow offloading, it is deactivate by default.