Hi,

The OpenWrt community is proud to announce the newest stable release of the OpenWrt 21.02 stable version series. It fixes security issues and brings a bug fix.

Download firmware images using the OpenWrt Firmware Selector:

• https://firmware-selector.openwrt.org/?version=21.02.7
  Download firmware images directly from our download servers:
• https://downloads.openwrt.org/releases/21.02.7/targets/

The OpenWrt 21.02 stable series is now end of life following the OpenWrt Security support guidelines. We encourage all users of the OpenWrt 21.02 stable series to upgrade to OpenWrt 22.03. We will not fix any security problems, even severe ones in the OpenWrt 21.02 release branch any more.
https://openwrt.org/docs/guide-developer/security#support_status

Main changes between OpenWrt 21.02.6 and OpenWrt 21.02.7:

Security fixes

• CVE-2023-0464: openssl: Excessive Resource Usage Verifying X.509 Policy Constraints
• CVE-2023-0465: openssl: Invalid certificate policies in leaf certificates are silently ignored

Device support

• None

Various fixes and improvements

• Fix UBI (Unsorted Block Images) bug which prevented some devices from booting

Core components

• Update uclient from 2021-05-14 to 2023-04-13

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/21.02/notes-21.02.7

In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/21.02/notes-21.02.7#known_issues

For a detailed list of all changes since 21.02.6, refer to
https://openwrt.org/releases/21.02/changelog-21.02.7

To download the 21.02.7 images, navigate to:
https://downloads.openwrt.org/releases/21.02.7/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org/?version=21.02.7

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

To stay informed of new OpenWrt releases and security advisories, there are new channels available:

• a low-volume mailing list for important announcements:
  https://lists.openwrt.org/mailman/listinfo/openwrt-announce

• a dedicated "announcements" section in the forum:
  https://forum.openwrt.org/c/announcements/14

• other announcement channels (such as RSS feeds) might be added in the
  future, they will be listed at https://openwrt.org/contact

Upgraded WRT1900ACS, no issues.

No issues upgrading on WRT1900ACS here either.

Any timetable on v23 release? I'm assuming WRT1900ACS will be supported again with v23.

This sounds encouraging https://github.com/openwrt/openwrt/issues/10672#issuecomment-1304812810

Just a reminder, the downloads page OpenWrt Downloads Released: Fri, 14 April 2023 still points to the release branch 21.02.6 at the time of posting.

cc @aparcar @jow @hauke

Fixed, thanks for pinging

When will version 21.02.8 be released ???

Never. The 21.02 is retired.

You should update to latest stable as soon as possible, if the device limits permit. ( https://openwrt.org/supported_devices/864_warning )

Although there will be no further 21.02 releases, if there are any changes, they will appear in snapshot builds and shown here: https://git.openwrt.org/?p=openwrt/openwrt.git;a=shortlog;h=refs/heads/openwrt-21.02

Since 21.02 is EOL, it is completely up to you to monitor the above repo and then take action accordingly (e.g., update to the 21.02 snapshot a day or two after a security update appears, using auc -b 21.02 -B 21.02-snapshot or whatever).

The best and most secure course of action remains as always: update to latest stable.

EDIT: 21.02 will drop off (already have?) the buildbot lists, so you'll be on your own to generate images, and auc/sysupgrade won't suffice.