25 Mar 00:37

01170d5

v23.05.3 Latest

Latest

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 -----------------------------------------------------
 OpenWrt 23.05.3, r23809-234f1a2efa
 -----------------------------------------------------

The OpenWrt community is proud to announce the newest stable release of the OpenWrt 23.05 stable series. It improves device support and brings a few bug fixes including security fixes.

Download firmware images using the OpenWrt Firmware Selector:

https://firmware-selector.openwrt.org/?version=23.05.3

Download firmware images directly from our download servers:

https://downloads.openwrt.org/releases/23.05.3/targets/

Main changes between OpenWrt 23.05.2 and OpenWrt 23.05.3

Security fixes

CVE-2023-36328: dropbear: Integer Overflow vulnerability in mp_grow in libtommath
CVE-2023-48795: dropbear: The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted
CVE-2023-50868: dnsmasq: The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack

Device support

Support for the following devices was added:
- ath79: UniFi UK-Ultra
- mediatek: Acelink EW-7886CAX
- mediatek: ASUS RT-AX59U
- mediatek: ASUS TUF AX6000
- mediatek: Buffalo WSR-3200AX4S
- mediatek: Cetron CT3003
- mediatek: Confiabits MT7981
- mediatek: Cudy RE3000 v1
- mediatek: D-Link EAGLE PRO AI M32
- mediatek: GL.iNet GL-MT6000
- mediatek: JCG Q30 PRO
- mediatek: Routerich AX3000
- mediatek: TP-Link EAP225v5
- mediatek: Ubiquiti UniFi 6 Plus
- mediatek: Zbtlink ZBT-Z8102AX
- mediatek: ZyXEL EX5700 (Telenor)
- ramips: Cudy WR1300 v3
- ramips: D-Link COVR-X1860 A1
- ramips: Rostelecom RT-FE-1A
- ramips: Rostelecom RT-FL-1 (Serсomm RT-FL-1)
- ramips: Rostelecom S1010 (Serсomm S1010.RT)
- ramips: TP-Link EX220 v1
- ramips: YunCore G720
- ramips: Z-ROUTER ZR-2660
ath79: Nanostation Loco M5 XW: Fix read only jffs2 partition
ath79: TP-Link TL-WDR3600 and TL-WDR4300: Fix spurious reboot hangs
ath79: ubnt-bullet-m-xw: fix Ethernet PHY traffic
ipq807x: edgecore EAP102: fix lan/wan
kirkwood: Ctera C200 V1: fix ubi part name
lantiq: xway: disable SMP: fix boot on some Danube boards and NAT performance
mediatek: MT7981/MT7986: fix Ethernet rx hang issue
meidatek: Mercusys MR90X v1: fix eeprom loading
mpc85xx: Extreme Networks WS-AP3825i: increase available RAM
mvebu: IEI-World Puzzle M90x: fix RTC
ramips: improve mtk_eth_soc resets
ramips: rt305x: Use default uart in lzma-loader
ramips: Sercomm NA502: Fix bootup problem
ramips: Unielec u7621-01: Correct the PCIe port number
realtek: d-link dgs-1210-10p: improve sfp support
realtek: Netgear GS110TPP: fix OEM install
rockchip: Orange Pi R1 Plus LTS: improve Ethernet stability

Various fixes and improvements

mt76: Add mt7922 firmware
mwlwifi: Add support for WPA3
dropbear: Increase scp transfer speed
kernel: fix bridge proxyarp issue with some broken DHCP clients
mac80211: fix min_tx_power setting
kernel: add Aquantia PHY firmware loader patches
hostapd: fix FILS AKM selection with EAP-192
hostapd: fix 11r defaults when using SAE
hostapd: fix 11r defaults when using WPA
hostapd: ACS: Fix typo in bw_40 frequency array on channel 118

Core components update

Update Linux from 5.15.137 to 5.15.150
Update mwlwifi from 2023-04-29 to 2023-11-20
Update mt76 from 2023-08-14 to 2023-09-11
Update netifd from 2023-11-10 to 2024-01-04
Update jsonfilter from 2018-02-04 to 2024-01-23
Update bcm27xx-gpu-fw from 2022-05-16 to 2024-01-11
Update mbedtls from 2.28.5 to 2.28.7
Update openssl from 3.0.12 to 3.0.13
Update wireless-regdb from 2023.09.01 to 2024.01.23
Update intel-microcode from 20230808 to 20240312
Update dnsmasq from 2.89 to 2.90

Upgrading to 23.05.3

Sysupgrade can be used to upgrade a device from 22.03 to 23.05, and configuration will be preserved in most cases.

Warning

Sysupgrade from 21.02 to 23.05 is not officially supported.
ipq40xx EA6350v3, EA8300, MR8300 and WHW01 require tweak to the U-Boot environment on update from 22.03 to 23.05. Refer to the Device wiki or the instruction on sysupgrade on how to do this change. Config needs to be reset on sysupgrade.

Known issues

Warning

lantiq/xrx200 target shows error messages in DSA switch configuration of the integrated GSWIP switch. (see: #13200)
OpenWrt 23.05.3 was signed with the wrong signing keys. The keys from OpenWrt snapshot were used for OpenWrt 23.05.3, OpenWrt 23.05.2, OpenWrt 23.05.0 and the release candidates. A later OpenWrt 23.05 service release will use a different key.

See up to date information here:
https://openwrt.org/releases/23.05/notes-23.05.3#known_issues

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/23.05/notes-23.05.3

In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/23.05/notes-23.05.3#known_issues

For a detailed list of all changes since 23.05.2, refer to
https://openwrt.org/releases/23.05/changelog-23.05.3

To download the 23.05.3 images, navigate to:
https://downloads.openwrt.org/releases/23.05.3/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org/?version=23.05.3

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

Assets 2

04 Dec 23:41

hauke

v22.03.6

f372b71

v22.03.6

Hi,

The OpenWrt community is proud to announce the newest stable release of the OpenWrt 22.03 stable version series. It fixes security issues, improves device support, and brings a few bug fixes.

Download firmware images using the OpenWrt Firmware Selector:

https://firmware-selector.openwrt.org/?version=22.03.6
Download firmware images directly from our download servers:
https://downloads.openwrt.org/releases/22.03.6/targets/

OpenWrt 22.03 EOL in April 2024

The OpenWrt 22.03 series will be supported till April 2024 according to the OpenWrt security policy. The last release from the OpenWrt 22.03 series is planned for April 2024, after this date we will not provide any updates for OpenWrt 22.03, not even for severe security problems. We encourage everyone to upgrade to OpenWrt 23.05 which will be supported till 2025.

Main changes between OpenWrt 22.03.5 and OpenWrt 22.03.6:

Device support

Support for the following devices was added:
- ramips: Cudy X6 v2
- ramips: Keenetic Lite III rev. A
- ramips: SNR-CPE-W4N-MT router
ath79: WLR-7100: fix packetloss
ath79: wpj563: enable 2nd USB controller
ath79: TP-Link Archer C7 v2: increase the rfkill debounce interval
bmips: NETGEAR DGND3700v2: fix boot loop
ipq40xx: switch to performance governor by default
ramips: Cudy X6: fixes / improvements

Various fixes and improvements

build: generate index.json
build: fix generation of large .vdi images
lua: fix integer overflow in LNUM patch
dropbear: add ed25519 for failsafe key
treewide: add PKG_CPE_ID to multiple packages
mac80211: fix not set noscan option for wpa_supplicant
hostapd: fix broke noscan option for mesh
hostapd: permit also channel 7 for 2.5GHz to be set to HT40PLUS

Core components update

Update Linux kernel from 5.10.176 to 5.10.201
Update openssl from 1.1.1t to 1.1.1w
Update wolfssl from 5.5.4 to 5.6.4
Update mbedtls from 2.28.2 to 2.28.5
Update mt76 22.03 from 2022-09-06 to 2023-09-11
Update wireless-regdb from 2023.02.13 to 2023.09.01
Update linux-firmware from 20220411 to 20230804
Update intel-microcode from 20220809 to 20230808
Update ca-certificates from 20211016 to 20230311
Update uhttpd from 2022-10-31 to 2023-06-25
Update urngd from 2020-01-21 to 2023-11-01

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/22.03/notes-22.03.6

In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/22.03/notes-22.03.6#known_issues

For a detailed list of all changes since 22.03.5, refer to
https://openwrt.org/releases/22.03/changelog-22.03.6

To download the 22.03.6 images, navigate to:
https://downloads.openwrt.org/releases/22.03.6/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org/?version=22.03.6

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

To stay informed of new OpenWrt releases and security advisories, there are new channels available:

a low-volume mailing list for important announcements:
https://lists.openwrt.org/mailman/listinfo/openwrt-announce
a dedicated "announcements" section in the forum:
https://forum.openwrt.org/c/announcements/14
other announcement channels (such as RSS feeds) might be added in the future, they will be listed at https://openwrt.org/contact

Assets 2

15 Nov 22:49

github-actions

v23.05.2

1c26bcb

v23.05.2

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 -----------------------------------------------------
 OpenWrt 23.05.2, r23630-842932a63d
 -----------------------------------------------------

The OpenWrt community is proud to announce the newest stable release of the OpenWrt 23.05 stable series. It improves device support and brings a few bug fixes.

Download firmware images using the OpenWrt Firmware Selector:

https://firmware-selector.openwrt.org/?version=23.05.2

Download firmware images directly from our download servers:

https://downloads.openwrt.org/releases/23.05.2/targets/

Main changes between OpenWrt 23.05.0 and OpenWrt 23.05.2

23.05.1 was tagged, but not official release because we found a severe bug between tagging and announcing the release.

Device support

Support for the following devices was added:
* bcm53xx: ASUS RT-AC3100
* mediatek: CMCC RAX3000M
* mediatek: MT7981 RFB
* ramips: ComFast CF-E390AX
* ramips: ComFast CF-EW72 V2
* ramips: MeiG SLT866 4G CPE
* realtek: HPE 1920-8g-poe+ (65W)
apm821xx: Netgear WNDR4700: Fix broken sysupgrade, factory images
armsr: Preserve configuration during sysupgrade
ath79: Compex wpj563: Enable 2nd USB controller
ath79: TP-Link Archer C7 v2: Fix wifi shutdown and "irq 23: nobody cared" error
bcm53xx: Make Linux use correct switch ports again
bcm53xx: Linksys EA9200: nvram and 02_network fixes
ipq40xx: Switch to performance governor by default
lantiq: xrx200: Build target again
mediatek: Xiaomi Redmi Router AX6000: Fix Ethernet in U-Boot
realtek: HPE 1920-8g-poe: Rename to match hardware
ramips: HiWiFi HC5861: Fix Gigabit Ethernet port
ramips: ZyXEL NR7101: Fix bricking typo

Various fixes and improvements

Fix assignment of default MAC addresses on some targets
build: Hide kmod-zram config unless enabled
build: Fix lto build
build: Fix glibc build
build: Fix pkg-config detection when inside of a nix-shell
build: Add CycloneDX SBOM JSON support
hostapd: Do not trim trailing whitespace, except for newline
hostapd: Fix OWE association with mbedtls
hostapd: Fix broken WPS on broadcom-wl and ath11k
hostapd: Fix broken noscan option
wifi: Fix applying mesh parameters when wpa_supplicant is in use
iptables: backport patch fixing bug with string module
mbedtls: Activate secp521r1 curve by default
px5g-mbedtls: Fix permission of private key
px5g-wolfssl: Fix permission of private key
netifd: Fixed race condition in default gateway configuration

Core components update

Update mbedtls from 2.28.4 to 2.28.5
Update openssl from 3.0.11 to 3.0.12
Update wolfssl from 5.6.3 to 5.6.4
Update Linux from 5.15.134 to 5.15.137
Update ipq-wifi from 2023-06-03 to 2023-11-10
Update uqmi from 2022-05-04 to 2022-10-20
Update umdns from 2023-01-16 to 2023-10-19
Update urngd from 2023-07-25 to 2023-11-01
Update ucode from 2023-06-06 to 2023-11-07
Update firewall4 from 2023-03-23 to 2023-09-01
Update odhcpd from 2023-06-24 to 2023-10-24
Update netifd from 2023-10-20 to 2023-11-10

Upgrading to 23.05.2

Sysupgrade can be used to upgrade a device from 22.03 to 23.05, and configuration will be preserved in most cases.

Warning

Sysupgrade from 21.02 to 23.05 is not officially supported.
ipq40xx EA6350v3, EA8300, MR8300 and WHW01 require tweak to the U-Boot environment on update from 22.03 to 23.05. Refer to the Device wiki or the instruction on sysupgrade on how to do this change. Config needs to be reset on sysupgrade.

Known issues

Warning

lantiq/xrx200 target shows error messages in DSA switch configuration of the integrated GSWIP switch. (see: #13200)
OpenWrt 23.05.2 was signed with the wrong signing keys. The keys from OpenWrt snapshot were used for OpenWrt 23.05.2, OpenWrt 23.05.0 and the release candidates. A later OpenWrt 23.05 service release will use a different key.

See up to date information here:
https://openwrt.org/releases/23.05/notes-23.05.2#known_issues

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/23.05/notes-23.05.2

In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/23.05/notes-23.05.2#known_issues

For a detailed list of all changes since 23.05.0, refer to
https://openwrt.org/releases/23.05/changelog-23.05.2

To download the 23.05.2 images, navigate to:
https://downloads.openwrt.org/releases/23.05.2/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org/?version=23.05.2

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

To stay informed of new OpenWrt releases and security advisories, there are new channels available:

a low-volume mailing list for important announcements:
https://lists.openwrt.org/mailman/listinfo/openwrt-announce
a dedicated "announcements" section in the forum:
https://forum.openwrt.org/c/announcements/14
other announcement channels (such as RSS feeds) might be added in the future, they will be listed at https://openwrt.org/contact

Assets 2

19 Oct 05:03

ynezz

v23.05.0

bd4f415

23.05.0

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 -----------------------------------------------------
 OpenWrt 23.05.0, r23497-6637af95aa
 -----------------------------------------------------

The OpenWrt community is proud to announce the first stable release of the OpenWrt 23.05 stable series.
Download firmware images via the Firmware Selector or directly from our download servers:

An upgrade from OpenWrt 22.03 to OpenWrt 23.05 is supported in many cases with the help of the sysupgrade utility which will also attempt to preserve the configuration. A configuration backup is advised nonetheless when upgrading to OpenWrt 23.05. (see “ Upgrading to 23.05.0” below).

OpenWrt 23.05.0 incorporates over 4300 commits since branching the previous OpenWrt 22.03 release and has been under development for over one year.

Only the main changes are listed below. See changelog-23.05.0 for the full changelog.

Many new devices added

OpenWrt 23.05 supports over 1790 devices. Support for over 200 new devices was added in addition to the device support by OpenWrt 22.03.

The ipq807x target for the Qualcomm IPQ807x Wifi 6 SoCs was added
The mediatek/filogic subtarget for the Mediatek Filogic 830 and 630 SoCs was added
The sifiveu target for the HiFive RISC-V Unleashed and Unmatched boards

Highlights of device support

Switched ipq40xx target to DSA
VDSL support on AVM FRITZ!Box 7530
Support for devices with 2.5G PHYs
- Acer Predator W6 (MT7986A), Mercusys MR90X v1 (MT7986BLA), Netgear WAX206 (MT7622), Netgear WAX220 (MT7986), ZyXEL NWA50AX Pro (MT7981), Asus (TUF Gaming) AX4200 (MT7986A), Netgear WAX218 (IPQ8074), Xiaomi AX9000 (IPQ8074), Dynalink DL-WRX36 (IPQ8074), GL.iNet GL-MT6000 (MT7986A), Netgear WAX620 (IPQ8072A), ZyXEL EX5700 (MT7986)
Support for Wifi 6E (6GHz)
- Acer Predator W6 (MT7986A), ZyXEL EX5700 (MT7986)
2 Gbps WAN/LAN NAT Routing on ramips MT7621 devices (See OpenWrt forum)
Improved DSL statistics on ubus and in LuCI
Added Arm SystemReady (EFI) compliant target armsr replacing the armvirt target

Switch from wolfssl to mbedtls as default

OpenWrt has transitioned its default cryptographic library from wolfSSL to Mbed TLS. This shift brings several changes and implications:

Size Efficiency: Mbed TLS is considerably smaller, making it an optimal choice for systems where storage space is paramount.
LTS and ABI Stability: Mbed TLS consistently provides updates via its Long Term Support (LTS) branch, ensuring both security and a stable application binary interface (ABI). In contrast, wolfSSL does not offer an LTS release, and its stable ABI is limited to a specific set of functions.
TLS 1.3 Support: Users should be aware that Mbed TLS 2.28 no longer supports TLS 1.3.

While Mbed TLS is now the default, users who have specific needs or preferences can still manually switch back to wolfSSL or choose OpenSSL.

Rust Package Support

This release introduces the ability to include rust-written programs into the OpenWrt package infrastructure. Examples are: bottom, maturin, aardvark-dns and ripgrep.

Core components update

Core components have the following versions in 23.05.0:

Updated toolchain:
- musl libc 1.2.4
- glibc 2.37
- gcc 12.3.0
- binutils 2.40
Updated Linux kernel
- 5.15.134 for all targets
Network:
- hostapd master snapshot from September 2023
- dnsmasq 2.89, dropbear 2022.82
- cfg80211/mac80211 from kernel 6.1.24
System userland:
- busybox 1.36.1

In addition to the listed applications, many others were also updated.

Upgrading to 23.05.0

Sysupgrade can be used to upgrade a device from 22.03 to 23.05, and configuration will be preserved in most cases.

Warning

Sysupgrade from 21.02 to 23.05 is not officially supported.

ipq40xx EA6350v3, EA8300 and MR8300 require tweak to the U-Boot environment on update from 22.03 to 23.05. Refer to the Device wiki or the instruction on sysupgrade on how to do this change. Config needs to be reset on sysupgrade.

Known issues

Warning

The prebuilt images for Zyxel NR7101 are currently broken and will brick your device. PLEASE DO NOT INSTALL (bug already fixed but require SNAPSHOT or self-compile)

lantiq/xrx200 target is not build because the DSA driver for the integrated GSWIP switch shows some error messages. (see: #13200)
bcm53xx: Netgear R8000 and Linksys EA9200 Ethernet is broken (see: #13548)
default gateway setting is not applied when using the wifi device in station mode. (see: #13598)
realtek: there is currently a problem with MAC address getting wiped on installing 23.05.0. A fix is in progress and the correct MAC address will be restored on 23.05.1

Assets 2

28 Jun 22:00

hauke

v23.05.0-rc2

55ae516

OpenWrt 23.05.0-rc2 - Second Release Candidate Pre-release

Pre-release

The OpenWrt community is proud to announce the second release candidate of the upcoming OpenWrt 23.05 stable series.
OpenWrt 23.05.0-rc2 incorporates over 4000 commits since branching the previous OpenWrt 22.03 release and has been under development for over one year.

This is just a release candidate and not the final release yet.

Download firmware images using the OpenWrt Firmware Selector:

https://firmware-selector.openwrt.org/?version=23.05.0-rc2
Download firmware images directly from our download servers:
https://downloads.openwrt.org/releases/23.05.0-rc2/targets/

Changes between OpenWrt 23.05.0-rc1 and 23.05.0-rc2

Changes in this release candidate since the previous 23.05.0-rc1 release candidate are:

Device support
- New devices
  - ath79: Aruba AP-115
  - bmips: Observa VH4032N
  - bmips: Netgear DGND3700 v1
  - bmips: Netgear DGND3800B
  - bmips: Netgear EVG2000
  - bmips: Comtrend VR-3025un
  - bmips: Comtrend WAP-5813n
  - bmips: Comtrend AR-5381u
  - bmips: Actiontec R1000H
  - bmips: Sercomm AD1018
  - bmips: Comtrend VG-8050
  - bmips: NuCom R5010UNv2
  - bmips: Arcadyan AR7516
  - filogic: Netgear WAX220
  - ipq40xx: Buffalo WTR-M2133HP (converted to DSA)
  - ipq807x: prpl Foundation Haze board
  - ramips: mt7621: Zbtlink ZBT-WG1608 (32M)
  - ramips: Beeline SmartBox TURBO+
  - rockchip: Orange Pi R1 Plus
  - rockchip: Orange Pi R1 Plus LTS
- Fix lzma-loader for
  - ramips: ASIARF boards
- ramips: TP-Link MR600v2: fix image generation for sysupgrade image
- mvebu: Fix random crashes in mvneta
- armvirt: Added EFI support and renamed to armsr
- Add RISC-V support
  - Added sifiveu target for HiFive Unleashed and Unmatched boards

Many other changes in all parts of OpenWrt, see Chnagelog for details.

Highlights in OpenWrt 23.05.0:

Many new devices added

OpenWrt 23.05 supports over 1770 devices. Support for over 180 new devices was added in addition to the device support by OpenWrt 22.03.

The ipq807x target for the Qualcomm IPQ807x Wifi 6 SoCs was added
The mediatek/filogic subtarget for the Mediatek Filogic 830 and 630 SoCs was added
The sifiveu target for the HiFive RISC-V Unleashed and Unmatched boards

Highlights of device support

Switched ipq40xx target to DSA
VDSL support on AVM FRITZ!Box 7530
Support for devices with 2.5G PHYs
- Netgear WAX206 (MT7622)
- Asus (TUF Gaming) AX4200 (MT7986A)
- Netgear WAX218 (IPQ8074)
- Xiaomi AX9000 (IPQ8074)
- Dynalink DL-WRX36 (IPQ8074)
2 Gbps WAN/LAN NAT Routing on ramips MT7621 devices
Improved DSL statistics on ubus and in LuCI

Switch from wolfssl to mbedtls as default

OpenWrt switched the default cryptographic library from wolfssl to mbedtls. This library is used for HTTPS/TLS in the Webserver providing LuCI and for the cryptographic operations in hostapd. mbedtls provides security updates in their LTS branch without changing the application binary interface (ABI) of the library. wolfssl provides a stable ABI only for a very limited subset of functions. mbedtls allows us to update only mbedtls without the need to recompile and upgrade all users of mbedtls.

Core components update

Core components have the following versions in 23.05.0-rc2:

Updated toolchain:
- musl libc 1.2.4
- glibc 2.37
- gcc 12.3.0
- binutils 2.40
Updated Linux kernel
- 5.15.118 for all targets
Network:
- hostapd master snapshot from March 2023
- dnsmasq 2.89
- dropbear 2022.82
cfg80211/mac80211 from kernel 6.1.24
System userland:
- busybox 1.36.1

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/23.05/notes-23.05.0-rc2

In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/23.05/notes-23.05.0-rc2#known_issues

For a detailed list of all changes since 23.05.0-rc1, refer to
https://openwrt.org/releases/23.05/changelog-23.05.0-rc2

To download the 23.05.0-rc2 images, navigate to:
https://downloads.openwrt.org/releases/23.05.0-rc2/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org/?version=23.05.0-rc2

As always, a big thank you goes to all our active package maintainers,
testers, documenters and supporters.

Have fun!

The OpenWrt Community

To stay informed of new OpenWrt releases and security advisories, there are new channels available:

a low-volume mailing list for important announcements:
https://lists.openwrt.org/mailman/listinfo/openwrt-announce
a dedicated "announcements" section in the forum:
https://forum.openwrt.org/c/announcements/14
other announcement channels (such as RSS feeds) might be added in
the future, they will be listed at https://openwrt.org/contact

Assets 2

09 Jun 15:33

hauke

v23.05.0-rc1

f29f876

OpenWrt 23.05.0-rc1 - First Release Candidate - 9 June 2023 Pre-release

Pre-release

The OpenWrt community is proud to announce the first release candidate of the upcoming OpenWrt 23.05 stable series.
OpenWrt 23.05.0-rc1 incorporates over 3900 commits since branching the previous OpenWrt 22.03 release and has been under development for over one year.

This is just a release candidate and not the final release yet.

Download firmware images using the OpenWrt Firmware Selector:

https://firmware-selector.openwrt.org/?version=23.05.0-rc1
Download firmware images directly from our download servers:
https://downloads.openwrt.org/releases/23.05.0-rc1/targets/

Highlights in OpenWrt 23.05.0:

Many new devices added

OpenWrt 23.05 supports over 1750 devices. Support for over 160 new devices was added in addition to the device support by OpenWrt 22.03.

The ipq807x target for the Qualcomm IPQ807x Wifi 6 SoCs was added

Highlights of device support

Switched ipq40xx target to DSA
VDSL support on AVM FRITZ!Box 7530
Support for devices with 2.5G PHYs
- Netgear WAX206 (MT7622)
- Asus (TUF Gaming) AX4200 (MT7986A)
- Netgear WAX218 (IPQ8074)
- Xiaomi AX9000 (IPQ8074)
- Dynalink DL-WRX36 (IPQ8074)
Improved DSL statistics on ubus and in LuCI

Switch from wolfssl to mbedtls as default

Core components update

Core components have the following versions in 23.05.0-rc1:

Updated toolchain:
- musl libc 1.2.4
- glibc 2.37
- gcc 12.3.0
- binutils 2.40
Updated Linux kernel
- 5.15.114 for all targets
Network:
- hostapd master snapshot from March 2023
- dnsmasq 2.89
- dropbear 2022.82
cfg80211/mac80211 from kernel 6.1.24
System userland:
- busybox 1.36.1

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/23.05/notes-23.05.0-rc1

In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/23.05/notes-23.05.0-rc1#known_issues

For a detailed list of all changes since 22.03.0, refer to
https://openwrt.org/releases/23.05/changelog-23.05.0-rc1

To download the 23.05.0-rc1 images, navigate to:
https://downloads.openwrt.org/releases/23.05.0-rc1/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org/?version=23.05.0-rc1

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

To stay informed of new OpenWrt releases and security advisories, there
are new channels available:

a low-volume mailing list for important announcements:
https://lists.openwrt.org/mailman/listinfo/openwrt-announce
a dedicated "announcements" section in the forum:
https://forum.openwrt.org/c/announcements/14
other announcement channels (such as RSS feeds) might be added in the
future, they will be listed at https://openwrt.org/contact

Assets 2

03 May 21:42

aparcar

v22.03.5

863f769

22.03.5

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 -----------------------------------------------------
 OpenWrt 22.03.5, r20134-5f15225c1e
 -----------------------------------------------------

The OpenWrt community is proud to announce the newest stable release of the OpenWrt 22.03 stable version series. It fixes security issues, improves device support, and brings a few bug fixes.

Download firmware images via the Firmware Selector or directly from our download servers:

An upgrade from OpenWrt 21.02 or 22.03 to OpenWrt 22.03.5 is supported in many cases with the help of the sysupgrade utility which will also attempt to preserve the configuration. A configuration backup is advised nonetheless when upgrading to OpenWrt 22.03. (see “Upgrading” below).

Only the main changes are listed below. See changelog-22.03.5 for the full changelog.

Security fixes

CVE-2023-0464: openssl: Excessive Resource Usage Verifying X.509 Policy Constraints
CVE-2023-0465: openssl: Invalid certificate policies in leaf certificates are silently ignored

Device support

Archer AX23 / MR70X: Reduce SPI-frequency
Aruba AP-105: Create APBoot compatible image
Buffalo WSR-600DHP: Fix boot loop

Various fixes and improvements

Fix UBI (Unsorted Block Images) bug which prevented some devices from booting
Fix ccache compile with GCC 13

Core components update

Update uclient from 2021-05-14 to 2023-04-13

Upgrading to 22.03.5

Sysupgrade can be used to upgrade a device from OpenWrt 21.02 or 22.03 to
22.03.5 and configuration will be preserved in most cases.

Warning
Sysupgrade from 19.07 to 22.03.x is not supported.

Warning There is no migration path for targets that switched from swconfig
to DSA. In that case,
sysupgrade will refuse to proceed with an appropriate error message: Image version mismatch. image 1.1 device 1.0 Please wipe config during upgrade (force required) or reinstall. Config cannot be migrated from swconfig to DSA Image check failed

Known issues

See reporting bugs if you encounter issues with this release.

Broken MV88E6176 switch

Devices featuring the MV88E6176 integrated switch are currently broken in 22.03: the switch behaves as a hub, meaning network packets will be sent to all ports. This bug is documented in (FS#11077). This problem is only seen with kernel 5.10. OpenWrt 21.02 and OpenWrt master are not affected.

Assets 2

03 May 21:45

aparcar

v21.02.7

57a6d97

21.02.7

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 -----------------------------------------------------
 OpenWrt 21.02.7, r16847-f8282da11e
 -----------------------------------------------------

The OpenWrt community is proud to announce the newest stable release of the OpenWrt 21.02 stable version series. It fixes security issues and brings a bug fix.

Download firmware images via the Firmware Selector or directly from our download servers:

An upgrade from OpenWrt 19.07 or 21.02 to OpenWrt 21.02.7 is supported in many cases with the help of the sysupgrade utility which will also attempt to preserve the configuration. A configuration backup is advised nonetheless when upgrading to OpenWrt 21.02. (see “Upgrading” below).

The OpenWrt 21.02 stable series is now end of life following the OpenWrt Security support guidelines. We encourage all users of the OpenWrt 21.02 stable series to upgrade to OpenWrt 22.03. We will not fix any security problems, even severe ones in the OpenWrt 21.02 release branch any more.

Only the main changes are listed below. See changelog-21.02.7 for the full changelog.

Security fixes

CVE-2023-0464: openssl: Excessive Resource Usage Verifying X.509 Policy Constraints
CVE-2023-0465: openssl: Invalid certificate policies in leaf certificates are silently ignored

Device support

None

Various fixes and improvements

Fix UBI (Unsorted Block Images) bug which prevented some devices from booting

Core components

Update uclient from 2021-05-14 to 2023-04-13

Upgrading to OpenWrt 21.02.7

Upgrading from OpenWrt 21.02 is straightforward thanks to the sysupgrade utility: sysupgrade from web interface or sysupgrade from command-line.

An upgrade from OpenWrt 19.07 to OpenWrt 21.02 is supported in many cases, including preserving configuration. A configuration backup is advised nonetheless when upgrading from OpenWrt 19.07.

Known issues

None so far.

See reporting bugs if you encounter issues with this release.

Assets 2

14 Apr 20:40

aparcar

v22.03.4

94adc23

v22.03.4

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 -----------------------------------------------------
 OpenWrt 22.03.4, r20123-38ccc47687
 -----------------------------------------------------

OpenWrt 22.03.4

The OpenWrt community is proud to announce the newest point release of the
OpenWrt 22.03 stable version series. It fixes security issues, improves device
support, and brings a few bug fixes.

Get OpenWrt Firmware at:

Main changes between OpenWrt 22.03.3 and OpenWrt 22.03.4

Only the main changes are listed below. See changelog-22.03.4 for the full changelog.

Security fixes

Added devices

05ec70f kernel: add support for XMC XM25QH64C
0657576 ath79: add LTE led for GL.iNet GL-XE300
788a0cf mpc85xx: add support for Watchguard Firebox T10
3c6692b ramips: add support for TP-Link Archer AX23 v1
f5db04e ramips: add support for Mercusys MR70X
711e45e ramips: add support for D-Link DAP-X1860 A1

Fixed issues

#7757 via 4b7f9e4 lantiq-xrx200: fix wan LED on o2 box 6431
#9491 via fea7478 iproute2: add missing libbpf dependency
#10871 via 3bc6d2a tools/dosfstools: fix PKG_SOURCE
#11701 via 50d707e lantiq: fix lzma-loader for Netgear DGN 3500(B)

Improvements

38ccc47 imagebuilder: allow to specific ROOTFS_PARTSIZE
7531ef7 sdk: expose PATENTED an NLS build options*

Core components update

f61c5cf kernel: bump 5.10 to 5.10.176
863288b mac80211: Update to version 5.15.92-1
7c10b7b CI: build: fix external toolchain use with release tag tests

Upgrading to 22.03.4

Sysupgrade can be used to upgrade a device from OpenWrt 21.02 or 22.03 to
22.03.4 and configuration will be preserved in most cases.

Warning
Sysupgrade from 19.07 to 22.03.x is not supported.

Warning There is no migration path for targets that switched from swconfig
to DSA. In that case,
sysupgrade will refuse to proceed with an appropriate error message: Image version mismatch. image 1.1 device 1.0 Please wipe config during upgrade (force required) or reinstall. Config cannot be migrated from swconfig to DSA Image check failed

Known issues

#12232 Linksys MR8300 may break after the update, wait for the next service release!

Assets 2

14 Apr 20:58

aparcar

v21.02.6

9f213a8

v21.02.6

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 -----------------------------------------------------
 OpenWrt 21.02.6, r16842-bc99ce5b22
 -----------------------------------------------------

OpenWrt 21.02.6

Note
OpenWrt 22.03 is already out, if you're freshly installing a device, consider to use 22.03.x instead.

The OpenWrt community is proud to announce the newest point release of the
OpenWrt 21.02 stable version series. It fixes security issues, improves device
support, and brings a few bug fixes.

Get OpenWrt Firmware at:

Main changes between OpenWrt 21.02.5 and OpenWrt 21.02.6

Only the main changes are listed below. See changelog-21.02.6 for the full changelog.

Security fixes

Added devices

None

Fixed issues

#9442 via 12861e0 generic: add support for EON EN25QX128A spi nor flash
#9894 via 8f45981 uboot-layerscape: adjust LS1012A-IOT config and env
#10530 via 0d4a025 mpc85xx: Drop pci aliases to avoid domain changes
#10968 via 09a649f ramips: rt3883: enable lzma-loader for Belkin F9K1109v1
#11654 via 76c9c2b rampis: fix Reference to non-existent node for GB-PC2
784565b tools/mkimage: fix build on MacOS arm64

Improvements

360d756 build: make find_md5 reproducible with AUTOREMOVE
multiple improvements around external toolchains
bc99ce5 imagebuilder: allow to specific ROOTFS_PARTSIZE
d84d34e sdk: expose binary strip settings
8a11563 base-files: support "metric" in board.json
A lot of CI improvements

Core components update

5e69c09 kernel: bump 5.4 to 5.4.238
202d404 cmake: update to version 3.19.8

Upgrading to 21.02.6

Sysupgrade can be used to upgrade a device from OpenWrt 19.07 to 21.02.6 and
configuration will be preserved in most cases.

Warning
There is no migration path for targets that switched from swconfig
to DSA. In that case,
sysupgrade will refuse to proceed with an appropriate error message: Image version mismatch. image 1.1 device 1.0 Please wipe config during upgrade (force required) or reinstall. Config cannot be migrated from swconfig to DSA Image check failed

Known issues

None so far. Please report bugs and issues!

Assets 2

Releases: openwrt/openwrt

v23.05.3

Main changes between OpenWrt 23.05.2 and OpenWrt 23.05.3

Security fixes

Device support

Various fixes and improvements

Core components update

Upgrading to 23.05.3

Known issues

v22.03.6

OpenWrt 22.03 EOL in April 2024

Main changes between OpenWrt 22.03.5 and OpenWrt 22.03.6:

Device support

Various fixes and improvements

Core components update

v23.05.2

Main changes between OpenWrt 23.05.0 and OpenWrt 23.05.2

Device support

Various fixes and improvements

Core components update

Upgrading to 23.05.2

Known issues

23.05.0

Many new devices added

Highlights of device support

Switch from wolfssl to mbedtls as default

Rust Package Support

Core components update

Upgrading to 23.05.0

Known issues

OpenWrt 23.05.0-rc2 - Second Release Candidate

Changes between OpenWrt 23.05.0-rc1 and 23.05.0-rc2

Highlights in OpenWrt 23.05.0:

Many new devices added

Highlights of device support

Switch from wolfssl to mbedtls as default

Core components update

OpenWrt 23.05.0-rc1 - First Release Candidate - 9 June 2023

Highlights in OpenWrt 23.05.0:

Many new devices added

Highlights of device support

Switch from wolfssl to mbedtls as default

Core components update

22.03.5

Security fixes

Device support

Various fixes and improvements

Core components update

Upgrading to 22.03.5

Known issues

Broken MV88E6176 switch

21.02.7

Security fixes

Device support

Various fixes and improvements

Core components

Upgrading to OpenWrt 21.02.7

Known issues

v22.03.4

OpenWrt 22.03.4

Main changes between OpenWrt 22.03.3 and OpenWrt 22.03.4

Security fixes

Added devices

Fixed issues

Improvements

Core components update

Upgrading to 22.03.4

Known issues

v21.02.6

OpenWrt 21.02.6

Main changes between OpenWrt 21.02.5 and OpenWrt 21.02.6

Security fixes

Added devices

Fixed issues

Improvements

Core components update

Upgrading to 21.02.6

Known issues