Update to new service release - Mandatory for security?


I'm using openwrt (and Lede in the past) for years now. The project is just awesome and the community has made a tremendous job (and I just can't measure how much ewaste is avoided thanks to this project!).

I'm happy with current features. When I upgrade, my main goal is to make sure every available security fixes are applied to my routers.

I often update the packages of my routers. However, I still see new service releases. My questions are:

  • is there any security update a service release has that can't be pushed to previous versions? (eg: is 22.03.3 fully updated as secure as 22.03.5 fully updated)
  • My guess is that kernel is only updated by service release? Is that correct?


Yes, among others (e.g. libc, it doesn't stop here).

If there is a service release, update, as soon as possible.
If there is a new major release, plan the update 'soon™'.