OpenWrt 19.07.10 service release

Hi,

The OpenWrt community is proud to announce the newest service release of OpenWrt 19.07. It fixes security issues, improves device support, and brings a few bug fixes.

:warning: OpenWrt 19.07.10 is the final release of the 19.07 release branch, this branch is now end of life and we will not fix problems on this branch any more, not even severe security problems. We encourage all users still using OpenWrt 19.07 to upgrade to OpenWrt 21.02 or more recent OpenWrt versions.

Download firmware images via the Firmware Selector or directly from our download servers:

The main changes from OpenWrt 19.07.9 are:

Security fixes

  • wolfssl: Fix multiple security problems (CVE-2022-25638, CVE-2022-25640)
  • openssl: Fix security problem (CVE-2022-0778)
  • zlib: Backport security fix for a reproducible crash in compressor

Device support

  • OCEDO Raccoon: Fix link for long cables with
  • MikroTik wAP: Fix device detection

Various fixes and improvements

  • imagebuilder: Fix broken image generation with external targets
  • imagebuilder: Fix partition signature
  • patchelf: Backport fix for rpath endianness
  • base-files: Call “sync” after initial setup
  • ubus: backport Fixes for UAF and other issues

Core components

  • Update Linux kernel from 4.14.167 to 4.14.275
  • Update mac80211 from 4.19.221-1 to 4.19.237-1
  • Update openssl from 1.1.1m to 1.1.1n
  • Update wolfssl from 4.7.0 to 5.2.0

Regressions

  • at91 images are not created any more because the build needs Python.h which is not installed on the build bots.
    • To fix this issue export the missing environmental variable before using the ImageBuilder: export SOURCE_DATE_EPOCH=1
  • oxnas/ox820 images are not created any more because of a build problem

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/19.07/notes-19.07.10

In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/19.07/notes-19.07.10#regressions

For a very detailed list of all changes since 19.07.9, refer to
https://openwrt.org/releases/19.07/changelog-19.07.10

For latest information about the 19.07 series, refer to the wiki at:
https://openwrt.org/releases/19.07/

To download a OpenWrt 19.07.10 firmware image for your device, head to the Table of Hardware:
https://openwrt.org/toh/start

Or use the new firmware selector:
https://firmware-selector.openwrt.org/

You can also navigate directly in the list of firmware images:
https://downloads.openwrt.org/releases/19.07.10/targets/

As always, a big thank you goes to all our active package maintainers, testers, documenters, and supporters.

Have fun!

The OpenWrt Community


To stay informed of new OpenWrt releases and security advisories, there are new channels available:

5 Likes

Updating my WRT3200ACM soon

Many thanks for this release.
Upgraded Archer A7v5 successfully.

Thanks update/preform reset on my MikroTik

Summary

openwrt-19.07.10-ar71xx-mikrotik-rb-nor-flash-16M-squashfs-sysupgrade.bin
Hostname Dachshund
Model MikroTik RouterBOARD 951Ui-2nD
Architecture Qualcomm Atheros QCA9533 ver 2 rev 0
Firmware Version OpenWrt 19.07.10 r11427-9ce6aa9d8d / LuCI openwrt-19.07 branch git-22.099.58928-786ebc9
Kernel Version 4.14.275

Sorry, I am curious.

Why people use 19.07.10 instead of 21.02.3?

All my devices run on 21.02.3, I not know the reason why I should use 19.07.10

Some probably want to avoid the change from swconfig to DSA a while longer.

@Naftali
Only ar71xx vs ath79 support, or flash size restriction?

Because for some of us 21.02 just does not work (believe me i tried for days). I have a Linksys WRT1900ACS and because the wifi drivers are no longer supported so 19.07 is the best option as it just works.

1 Like

I am also staying on 19 for my WRT3200ACM.

I heard they fixed the problem in previous version of 21.02.

It was 21.02.2 I was fighting with. I tried for days, every suggestion I could find. In the end 19.07 just worked no issues. Really hesitant to try 21.02.3 as it is all running so well. But no more security updates now is concerning

For me, it's to avoid

Known issues

  • Some IPv6 packets are dropped when software flow offloading is used: FS#3373

    • As a workaround, do not activate software flow offloading, it is deactivate by default.

And I'm not installing an RC1 on my home router.