Skip to content

Bump OpenWrt to 19.07.8 #31

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
gaby wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump OpenWrt to 19.07.8 #31

gaby wants to merge 1 commit into from

Conversation

@gaby
Copy link

@gaby gaby commented Oct 23, 2021
edited
Loading

  • Update OpenWrt to latest 19.07 release
  • Merge some of the layers in the Docker image.

Major security fixes with this release:

Security fixes

  • Fix FragAttacks (fragmentation and aggregation attacks) vulnerabilities in cfg80211, mac80211, ath10k and ath10k-ct
  • We are not sure if some closed source firmware files are still affected by these problems.
  • Security Advisory 2021-08-01-1 - XSS via missing input validation of host names displayed (CVE-2021-32019) 19
  • Security Advisory 2021-08-01-2 - Stored XSS in hostname UCI variable (CVE-2021-33425) 9
  • Security Advisory 2021-08-01-3 - luci-app-ddns: Multiple authenticated RCEs (CVE-2021-28961) 11

Release notes: https://forum.openwrt.org/t/openwrt-19-07-8-service-release/103208

@gaby
Copy link
Author

gaby commented Oct 23, 2021

@oofnikj Friendly bump

@gaby
Copy link
Author

gaby commented Oct 23, 2021

Once this PR is merge, a separate PR can be created to upgrade to 21.02.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@gaby