OpenWrt 19.07.0 first stable release


The OpenWrt community is proud to announce the first stable release of
the OpenWrt 19.07 stable version series. It incorporates 3954 commits
since the previous release 18.06.0 and 85 commits since the previous
release candidate 19.07.0-rc2.

An upgrade from OpenWrt 18.06 to OpenWrt 19.07 is supported in many
cases with the help of the sysupgrade utility which will also attempt to
preserve the configuration. A configuration backup is advised
nonetheless when upgrading to OpenWrt 19.07.

With this release, the OpenWrt project brings all supported targets back
to a single common kernel version and further refines and broadens
existing device support. It also introduces a new ath79 target and
brings support for WPA3.

Target transition from ar71xx to ath79

This release provides initial support for the new ath79 target, the
future device tree based successor of the popular ar71xx target. For
19.07, both targets are still built, but it is recommended to switch to
the ath79 target whenever possible: future releases of OpenWrt will drop
support for the ar71xx target.

Please read the known issues below before upgrading.

WPA3 support

The 19.07 release brings initial support for WPA3. However, WPA3 is not
enabled by default and requires installing specific packages: to run
WPA3 as an access point, hostapd-openssl is needed. For use as a Wi-Fi
station, you need either wpa-supplicant-openssl (station support only)
or wpad-openssl (AP + station). Due to their large size, these packages
are not installed by default, and it is impossible to install them on
devices with less than 8MB flash.

It should also be noted that many existing client devices will never
support WPA3, and that there are client devices that support WPA2 but
cannot connect to an AP configured with WPA2+WPA3 mixed mode. Please
only file bugs if you are sure the problem is not client related.

To configure your device as a WPA3 access point, see:

Client-side rendering of the LuCI web interface

The new version of LuCI, the integrated web interface for OpenWrt,
implements client-side rendering of views. This improves performance by
offloading some work that was done on the device (Lua code) to the
client browser (Javascript code)

The LuCI ecosystem is large, and not all LuCI apps have been adapted to
this change, which may result in crashes involving cbi.lua. In that
case, install the luci-compat package.

With this step, Lua usage in LuCI is reduced and LuCI effectively comes
closer to the goals of the experimental LuCI2 without having to rewrite
everything from scratch.

Main changes in OpenWrt 19.07.0

The main changes in this release since the previous OpenWrt 18.06
version are:

  • Updated toolchain:
    • musl libc 1.1.24
    • uClibc-ng 1.0.31
    • glibc 2.27
    • gcc 7.5.0
    • binutils 2.31.1
  • Updated Linux kernel
    • 4.14.162 for all targets
    • Flow offloading bugfixes
  • Network userland:
    • hostapd 2.9, dnsmasq 2.80, dropbear 2019.78
    • Fixes in network and wireless configuration handling
    • Bugfixes in DHCPv6 client and server
    • WPA3 configuration support
      • Install wpad-openssl for WPA3 support
  • System userland:
    • busybox 1.30.1
    • Sysupgrade support for backup and upgrade capability checks
    • Contains urngd, non-physical true random number generator daemon
      based on timing jitter
    • Bugfixes in the process manager, system message bus, embedded web
      server and the configuration management library
  • Platform and Driver Support
    • Dropped adm5120, adm8668, ar7, au1000, ixp4xx, mcs814x, omap24xx,
      ppc40x, ppc44x and xburst target
    • New ath79 target that will replace the popular ar71xx target
    • Updates and new device support across all targets
  • LuCI web interface:
    • Client side rendering of views for improved performance
    • Security fixes

A full list of all changes and security fixes is available in the
detailed changelog, see

Known issues

  • Sysupgrade from ar71xx to ath79 and vice versa is not officially
    supported, a full manual reinstall is recommended to switch targets for
    devices supported by both ar71xx and ath79
  • Images for some device became too big to support a persistent
    overlay, causing such models to lose configuration after a reboot. If
    you experience this problem, please report the affected device in the
    forum and consider downgrading to OpenWrt 18.06 or using the Image
    Builder to pack a smaller custom image
  • Some optional GUI packages crash with an error about missing
    "cbi.lua", install the luci-compat package to fix these
  • Possible Wi-Fi issues with ath10k-based boards. If you encounter such
    an issue, please file a bug report against openwrt-19.07. Please make
    sure the issue is not caused by WPA3. If you are using WPA3 and run into
    problems, revert to the encryption settings you used before upgrading to

For latest information about the 19.07 series, refer to the wiki at:

To download the v19.07.0 images, navigate to:

As always, a big thank you goes to all our active package maintainers,
testers, documenters, and supporters.

Have fun!

The OpenWrt Community


What would a "full manual reinstall" entail? Using tftp with the factory.bin file?

sysupgrade -F -n then reconfigure the device from the default settings.

Note that sysupgrade -F does not check if the file about to be flashed is the matching build for your device-- if you flash the wrong firmware it will brick.


Thank you guys! I just upgraded my Linksys WRT3200ACM from 18.06.4 to this one and got all of the add-ons back up and running in no time. I appreciate all of the time you're putting into this!


@hauke @jow

Info about 19.07.0 is still missing from the download site's index page:

(there 18.06.5 and 17.01.7 are still being promoted)


Updated a WRT32X to 19.07.0.

Works so far except on issue: I cannot get unbound to work. The package is not found via opkg.

Collected errors:
 * opkg_install_cmd: Cannot install package unbound.

Has anyone a tip or suggestion here? Unfortunately this is a showstopper for me because I have to rework my whole setup.

Thanks and best regards

Got it installed by using package unbound-daemon. Unfortunately it doesnt start and ends in a crash loop.:frowning: I am using the default unbound config so far.

Has anyone the same problem?

Best regards


Thanks for the new release, may someone could explain what is exactly required for WPA3? According to release note talks as:

"to run WPA3 as an access point, hostapd-openssl is needed"


"WPA3 configuration support install wpad-openssl for WPA3 support"

So which is required, one (which) or both?


This version does not work with hg556a ver A the same problem does not boot

OpenWrt defaults to using wpad-basic (previously, and still for flash constrained targets, wpad-mini), which combines hostapd and wpa_supplicant into a single multi-call binary (for size reasons, as both are sharing a lot of common code which would otherwise be duplicated).

So yes, WPA3 support does require a hostapd implementation built against openssl - one provider of this (and the recommended one) would be wpad-openssl, but technically it's equivalent (but smaller in size) to installing hostapd-openssl and wpasupplicant-openssl.

Executive summary: just remove wpad-mini/ wpad-basic and install wpad-openssl.


The PGP key for 19.07 release builds is only downloadable via the OpenWrt website and not present on any public keyserver. Is that intentional?

User ID: OpenWrt Build System
Public Key: 0x28A39BC3 2074BE7A (4096 Bit RSA, created 2019-07-14, expires 2021-07-13)
Fingerprint: D9C6 901F 45C9 B868 5868 7DFF 28A3 9BC3 2074 BE7A

Want to express thanks to OpenWRT team and community for building this software and keeping regular roll-outs of stable versions! Any Netgear R7800 (and probably any other router) user would agree how much better the router works with OpenWRT compared to stock. And it is good to have stable, tested builds available, because flashing master builds is not always so safe, if guaranteed operation and easy updating is needed.

Is it preffered to use the openssl version over wolfssl? I am asking because I have been using wpad-wolfssl, as the wolfssl wepbage advertises their implementation of code as more modern, built from ground-up without legacy code (as compared to openssl), optimized for small code and good performance, etc. Is this true to some extent or does this really not matter at all in the end? I was thinking maybe openssl gets more code review than wolfssl and would thus be the preffered one because of that. It's just that I see openssl versions recommended more than wolfssl, so started wondering. I also remember there was/is a problem with wpad-wolfssl on mesh networks, but I was wondering if there are some other differences/issues also.

WolfSSL was (not sure if it still is) buggy in combination with wpa3 and wouldn't work. OpenSSL is fine. Not sure if that bug has already been fixed.


Thanks for the tl;dr executive summary ;- ) Would suggest to bold it

I played a little with it on my spare R6350 seems solid, thanks for the release :wink:

Although i'll stay on the snapshot version for the R6350, the wifi seems to have an issue on the 19.07, 2.4Ghz stuck @ bg 5Ghz at bg (didn't manage to make it work at all), seems like a driver issue but didn't investigate more.

Same here Robert, on WDR3600 ath79.
unbound-daemon "unbound s in a crash loop 6 crashes"

Installed as test on the WDR3600 after seeing your message here.
My main device is R8000 which I've left at 18.06.2 as I need unbound to work on there.


Thank you for the great software.

I upgraded TP-LINK TD-W8970 from 19.07-rc2 through the LUCI interface. No issues after a few hours.

With the previous version I had uptime almost three weeks. However, finally I had to reboot the router since it practically freezed reporting one of errors

Non Pre-emtive CRC errors (CRC_P): 2 / 0
Pre-emtive CRC errors (CRCP_P): 0 / 0

increasing crazy (it indicated ~8 digits figure). No idea, what it means. It happened before.

Thank you so much!

Great work, many thanks! :+1:

Maybe SKS Keyserver Network Under Attack ?
At least it is present on


Hi Geof,

do you have any other log messages from unbound before the error?

I've reverted to 18.06.6 for now. But I want to do the update to 19.07.0.

In any case, it has to do with my setup and is not broken at all. After stopping any other service like dropbear and dnsmasq, reverting any unbound related config changes and so on it still crashes. With a absolute clean install and a changed listen port of dnsmasq it stays up, finally. But thats no solution without the rest of my configs.

But in summary I am doing no fancy config. Only uci commands for network, wireless and firewall. And all is working fine since months under 18.06.

Best regards