OpenWrt 19.07.5 service release

bjonglez · December 10, 2020, 9:22am

Hi,

The OpenWrt community is proud to announce the newest service release in the 19.07 stable series: OpenWrt 19.07.5. It focuses on fixing several regression as well as security issues.

Selected highlights of this service release are:

Security fixes

Security Advisory 2020-12-09-2 - libuci import heap use after free (CVE-2020-28951)
Security Advisory 2020-12-09-1 - Linux kernel - ICMP rate limiting can be used to facilitate DNS poisoning attack (CVE-2020-25705)
musl: fix possible destination buffer overflow in some applications (CVE-2020-28928)
Various security fixes in packages

Major bug fixes

Fix regression in 19.07.4 causing transmit timeout and packet loss on mt7620 devices
Fix regression in 19.07.4 where VLAN tagging no longer works on ipq40xx devices
Fix long-standing instability issue on Ethernet link on several ath79 devices

Device support

Various fixes for My Net Range Extender, PowerCloud Systems CAP324, D-Link DIR-645, Quad-E4G
Support newer version of Turris Omnia
Fix ath9k firmware extraction for UniFi AP
Fix MAC address assignment on UniFi AC family (UniFi AC Mesh, UniFi AC LR, UniFi Lite)
Allow booting espressobin with a mainline firmware

Full release notes and upgrade instructions are available, as well as a detailed list of all changes since 19.07.4. Make sure to read the regressions and known issues before upgrading.

For latest information about the 19.07 series, refer to the wiki page.

To download a OpenWrt 19.07.5 firmware image for your device, head to the Table of Hardware or navigate directly in the list of firmware images.

OpenWrt Firmware Selector
We also have the newer option of the OpenWrt Firmware Selector. Please provide feedback about it in the dedicated thread.

As always, a big thank you goes to all our active package maintainers, testers, documenters, and supporters.

Have fun!

The OpenWrt Community

greg45416 · December 10, 2020, 7:56pm

I upgraded by Linksys WRT3200ACM to the new release and everything seems fine. Thanks for pushing out these security fixes!

jmomo · December 10, 2020, 10:40pm

Why was no announcement sent to the announcements mailing list?

Bobcat · December 11, 2020, 2:25am

Installed fine on Linksys MR8300

zen1932 · December 11, 2020, 2:45am

upgraded smoothly to archer C7V2 and wdr4900v2. work fine.
Just still no WAN & LAN leds export in /sys/class/leds.

Congratulation to developers.

otnert · December 11, 2020, 2:56am

TP-Link Archer C2600 nice and smooth sys-upgrade (keeping settings) from 19.07.4 => 19.07.5!

Naftali · December 11, 2020, 3:17am

thank you guys. Worked fine

psherman · December 11, 2020, 3:38am

Thanks to the dev team for the latest release! You are all amazing!!

I installed the update on 3 devices and all appears to be working well.

Ubiquiti RouterStation Pro (ath79)
TP-Link TL-WR902ACv1 (ar71xx)
Linksys E3000 (brcm47xx)

bjonglez · December 11, 2020, 7:49am

Emails did get sent, but they are currently stuck because of a technical issue.

jmomo · December 11, 2020, 8:38am

I just got them a few minutes ago.

eginnc · December 11, 2020, 12:41pm

19.07.5 is running great on my EdgeRouter X gateway. Thank you for another quality release.

farr4744 · December 11, 2020, 12:52pm

TP-Link Archer C2600 and TP-Link Archer A7 v5 updated without issues. Great work all!!

otnert · December 11, 2020, 11:59pm

First wireless crash in under 24 hours but recovers successfully.

[82607.136395] ------------[ cut here ]------------
[82607.136461] WARNING: CPU: 0 PID: 2474 at backports-4.19.137-1/net/wireless/util.c:1147 0xbf3dbd88 [cfg80211@bf3d7000+0x37000]
[82607.140100] invalid rate bw=4, mcs=15, nss=4
[82607.151415] Modules linked in: pppoe ppp_async ath10k_pci ath10k_core ath pppox ppp_generic nf_nat_pptp nf_conntrack_pptp nf_conntrack_ipv6 mac80211 iptable_nat ipt_REJECT ipt_MASQUERADE cfg80211 xt_time xt_tcpudp xt_state xt_nat xt_multiport xt_mark xt_mac xt_limit xt_conntrack xt_comment xt_TCPMSS xt_REDIRECT xt_LOG xt_FLOWOFFLOAD xt_CT wireguard usblp ts_fsm ts_bm slhc nf_reject_ipv4 nf_nat_tftp nf_nat_snmp_basic nf_nat_sip nf_nat_redirect nf_nat_proto_gre nf_nat_masquerade_ipv4 nf_nat_irc nf_conntrack_ipv4 nf_nat_ipv4 nf_nat_h323 nf_nat_amanda nf_nat nf_log_ipv4 nf_flow_table_hw nf_flow_table nf_defrag_ipv6 nf_defrag_ipv4 nf_conntrack_tftp nf_conntrack_snmp nf_conntrack_sip nf_conntrack_rtcache nf_conntrack_proto_gre nf_conntrack_irc nf_conntrack_h323 nf_conntrack_broadcast ts_kmp nf_conntrack_amanda
[82607.204470]  nf_conntrack iptable_raw iptable_mangle iptable_filter ip_tables crc_ccitt compat fuse ledtrig_usbport nf_log_ipv6 nf_log_common ip6table_mangle ip6table_filter ip6_tables ip6t_REJECT x_tables nf_reject_ipv6 ip6_udp_tunnel udp_tunnel tun vfat fat ntfs nls_utf8 nls_iso8859_1 nls_cp437 uas usb_storage uhci_hcd f2fs ext4 mbcache jbd2 crc32c_generic crc32_generic leds_gpio xhci_plat_hcd xhci_pci xhci_hcd dwc3 dwc3_of_simple ohci_platform ohci_hcd phy_qcom_dwc3 ahci ehci_platform sd_mod ahci_platform libahci_platform libahci libata scsi_mod ehci_hcd gpio_button_hotplug
[82607.255463] CPU: 0 PID: 2474 Comm: hostapd Not tainted 4.14.209 #0

It's also been occurring with releases prior to 19.07.5 though.

huangjinqiu · December 12, 2020, 2:36am

Tried to upgrade from 19.07.4 for Linksys WRT1900ACS. I got the following errors:

root@VPN_Router:~# opkg update
Downloading http://downloads.openwrt.org/releases/19.07.5/targets/mvebu/cortexa9/packages/Packages.gz
Failed to send request: Operation not permitted
*** Failed to download the package list from http://downloads.openwrt.org/releases/19.07.5/targets/mvebu/cortexa9/packages/Packages.gz

Downloading http://downloads.openwrt.org/releases/19.07.5/targets/mvebu/cortexa9/kmods/4.14.209-1-a92a3f5c5bed2671533484c7ace9d5b5/Packages.gz
Failed to send request: Operation not permitted
*** Failed to download the package list from http://downloads.openwrt.org/releases/19.07.5/targets/mvebu/cortexa9/kmods/4.14.209-1-a92a3f5c5bed2671533484c7ace9d5b5/Packages.gz

Downloading http://downloads.openwrt.org/releases/19.07.5/packages/arm_cortex-a9_vfpv3-d16/base/Packages.gz
Failed to send request: Operation not permitted
*** Failed to download the package list from http://downloads.openwrt.org/releases/19.07.5/packages/arm_cortex-a9_vfpv3-d16/base/Packages.gz

Downloading http://downloads.openwrt.org/releases/19.07.5/packages/arm_cortex-a9_vfpv3-d16/freifunk/Packages.gz
Failed to send request: Operation not permitted
*** Failed to download the package list from http://downloads.openwrt.org/releases/19.07.5/packages/arm_cortex-a9_vfpv3-d16/freifunk/Packages.gz

Downloading http://downloads.openwrt.org/releases/19.07.5/packages/arm_cortex-a9_vfpv3-d16/luci/Packages.gz
Failed to send request: Operation not permitted
*** Failed to download the package list from http://downloads.openwrt.org/releases/19.07.5/packages/arm_cortex-a9_vfpv3-d16/luci/Packages.gz

Downloading http://downloads.openwrt.org/releases/19.07.5/packages/arm_cortex-a9_vfpv3-d16/packages/Packages.gz
Failed to send request: Operation not permitted
*** Failed to download the package list from http://downloads.openwrt.org/releases/19.07.5/packages/arm_cortex-a9_vfpv3-d16/packages/Packages.gz

Downloading http://downloads.openwrt.org/releases/19.07.5/packages/arm_cortex-a9_vfpv3-d16/routing/Packages.gz
Failed to send request: Operation not permitted
*** Failed to download the package list from http://downloads.openwrt.org/releases/19.07.5/packages/arm_cortex-a9_vfpv3-d16/routing/Packages.gz

Downloading http://downloads.openwrt.org/releases/19.07.5/packages/arm_cortex-a9_vfpv3-d16/telephony/Packages.gz
Failed to send request: Operation not permitted
*** Failed to download the package list from http://downloads.openwrt.org/releases/19.07.5/packages/arm_cortex-a9_vfpv3-d16/telephony/Packages.gz

What I am missing?

rseiler · December 12, 2020, 6:01am

WNDRMACV2 (i.e. WNDR3800) went fine here from .4. All behaving normally as far as I've noticed over the last day.

eduperez · December 12, 2020, 9:49am

You tried to upgrade using "opkg"? Or you upgraded successfully and now "opkg" is failing?

mbo2o · December 12, 2020, 10:30am

Upgraded WNDR3700v2 with keep setting no issues.

Thanks

huangjinqiu · December 12, 2020, 1:07pm

It upgraded successfully but opkg failed when i tried to update packages.

eduperez · December 12, 2020, 4:30pm

Your router does not seem to be able to connect to internet.

Please run the following commands (copy-paste the whole block) and paste the output here, using the "Preformatted text </> " button:

Remember to redact passwords, MAC addresses and any public IP addresses you may have

ubus call system board; \
uci export network; uci export wireless; \
uci export dhcp; uci export firewall; \
head -n -0 /etc/firewall.user; \
iptables-save -c; ip6tables-save -c; \
ip -4 addr ; ip -4 ro li tab all ; ip -4 ru; \
ip -6 addr ; ip -6 ro li tab all ; ip -6 ru; \
ls -l  /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/* ; head -n -0 /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/*