Security issues in the 3.201 firmware

eric · August 2, 2021, 1:05am

Looking at the change log for OpenWrt 19.07.8 at:

It looks like there are about 15 security fixes in this release. Comparing the versions of the kernel and key security packages like openssl being used in the GL iNet’s 3.201 firmware to the information in the security CVEs notice section of the 19.07.8 change log, it looks like many of these security bugs are in the 3.201 firmware. Will the 3.203 firmware be re-based on OpenWrt 19.07.8 or will you at least pull in the security fixes before releasing it?

alzhao · August 3, 2021, 3:44am

Checking the severity. Better to release the 3.203 then do a 3.204 later

eric · August 5, 2021, 3:24am

Since 3.203 was released without fixing these security issues, any idea on when we might see 3.204?

alzhao · August 5, 2021, 8:46am

Yes. We will have 3.204 asap. I am still not sure when. But should be much faster than 3.203.