Ukukhutshwa koguqulelo olutsha oluzinzileyo lwe-OpenWrt 22.03.3 lusanda kubhengezwa, inguqulelo iza neempazamo ezahlukeneyo apho i-Busybox, i-dnsmasq kunye nezinye izilungiso zivelele, ukongeza koku, uphuculo oluthile lwenkxaso kule nguqulo entsha nayo ivelele.
Kulabo abangaqhelekanga nge-OpenWrt, kuya kufuneka uyazi loo nto Olu lusasazo lweLinux eyilelwe ukusetyenziswa kwizixhobo ezahlukeneyo zenethiwekhiezinje ngemizila kunye neendawo zokufikelela.
I-OpenWrt ixhasa amaqonga namaqonga ohlukeneyo kwaye inenkqubo yokwakha ekuvumela ukuba wenze ngokulula kwaye ulwakhiwo olunqamlezileyo, kubandakanya izinto ezininzi ebandleni, okwenza kube lula ukwenza i-firmware ekulungeleyo ukuyisebenzisa okanye umfanekiso wediski olungiselelwe imisebenzi ethile kunye neseti oyifunayo yeephakeji zangaphambili -ifakiwe.
Iindaba eziphambili ze-OpenWrt 22.03.3
Kolu guqulelo lutsha oluvela kwi-OpenWrt 22.03.3 zivezwa uphuculo lwamacandelo ahlukeneyo enkqubo, apho sinokufumana khona i iinguqulelo ezihlaziyiweyo zeLinux kernel 5.10.161 (uguqulelo olongeza i-mac80211 isitaki esingenazingcingo esifakwe kwinguqulo 5.15.81), umtya 5.19, mbedtls 2.28.2, openssl 1.1.1s, wolfssl 5.5.4, util-linux 2.37.4, firewall4 2022-10-18, odhcpd 2023-01-02, uhttpd 2022-10-31, iwinfo 2022-12-15, ucode 2022-12-02.
Kunye neLinux Kernel kukwakhankanyiwe ukuba bongeze iipakethi zemodyuli entsha yekernel: kmod-sched-prio, kmod-sched-red, kmod-sched-act-police, kmod-sched-act-ipt, kmod-sched- i-pie, i-kmod-sched-drr, i-kmod-sched-fq-pie, i-kmod-sched-act-sample, i-kmod-nvme, i-kmod-phy-marvell, i-kmod-hwmon-sht3x, i-kmod-netconsole, kunye ne-kmod-btsdio.
Kwicala le uphuculo lwenkxaso Singafumana kule nguqulo entsha exhasa iRuckus ZoneFlex 7372/7321, ZTE MF289F, TrendNet TEW-673GRU, Linksys EA4500 v3 kunye neWavlink WS-WN572HP3 4G izixhobo zongezwa.
Ukongeza koku, sinokufumanisa ukuba kwi-D-Link DIR-825 B1 izicwangciso zomfanekiso wenkqubo yefektri kunye neengcambu ezandisiweyo zongezwa. Ngokungagqibekanga, i-firmware ye-chip ye-Broadcom 4366b1 yongezwa kwi-Asus RT-AC88U yokwakha.
Ngokuphathelele izilungiso, sinokufumanisa ukuba ingxaki nge-loop yokuqalisa kwakhona xa usebenzisa i-LZMA bootloader kwizixhobo NETGEAR EX6150, HiWiFi HC5962, ASUS RT-N56U B1, Belkin F9K1109v1, D-Link DIR-645, iye yasonjululwa. I-DIR-860L B1, i-NETIS WF2881 kunye neZyXEL WAP6805.
Kwakhona kukhankanyiwe ukuba ingxaki yokunikezela iidilesi ze-WAN MAC kwizixhobo ze-UniElec U7621-01, UniElec U7621-06, TP-Link AR7241, TP-Link TL-WR740N, TP-Link TL-WR741ND v4, Telton230QLuma RUT329 Home -XNUMXACN.
Ku ubuthathaka obusisigxina zikhankanyiwe
- I-CVE-2022-30065: i-busybox: Lungisa ukusetyenziswa-emva kwe-free kwi-Busybox 1.35-x's
awk applet - I-CVE-2022-0934: i-dnsmasq: Lungisa i-single-byte yokubhala / ukusetyenziswa.
Ukungaphumeleli kweposi yasimahla kwiseva ye-dnsmasq DHCPv6 - I-CVE-2022-1304: i-e2fsprogs: ubuthathaka bokufunda/ukubhala
yafunyanwa kwi-e2fsprogs 1.46.5 - CVE-2022-47939: kmod-ksmbd: ZDI-22-1690: Linux Kernel ksmbd Use -
Emva kwe-Remote yeKhowudi eSetyenziswa sesichengeni - I-CVE-2022-46393: i-mbedtls: lungisa i-buffer enokubakho kwi-buffer overreading kunye
Bhala ngaphezulu - I-CVE-2022-46392: i-mbedtls: umchasi onokufikelela kwidatha echanekileyo ngokwaneleyo
ulwazi malunga nofikelelo kwimemori lunokufumana kwakhona iqhosha labucala leRSA - CVE 2022-42905: wolfssl: Kwimeko apho iWOLFSSL_CALLBACKS
macro iseti xa kwakhiwa wolfSSL, kukho okuninzi okunokwenzeka malunga
I-5-byte efundwayo xa uphethe i-TLS 1.3 uqhagamshelwano lwabaxhasi.
Ye- Olunye utshintsho ezibalaseleyo:
- Kwizixhobo ze-Youku YK-L2 kunye ne-YK-L1, i-initramfs-kernel.bin inokufakwa ngokusebenzisa ujongano lwewebhu lomenzi.
- I-D-Link DGS-1210-10P ixhasa amaqhosha angaphezulu kunye nezikhombisi ze-LED.
- Umqhubi we-USB wongezwe kwindibano ye-AVM FRITZ!Ibhokisi 7430.
- Umlawuli womsindo wongezwa kwindibano ye-HAOYU Electronics MarsBoard A10.
I-Linksys EA6350v3, EA8300, MR8300, kunye ne-WHW01 izixhobo zinokuhlaziya i-firmware ngaphandle kwebhokisi.
Ukuphazamiseka okulungisiweyo kwi-boot nge-firewall4 kunye nefayile yokulayisha. - Iifayile ze-firmware ezongeziweyo ze-mt7916 kunye nezixhobo ze-mt7921.
- Iphakheji ye-ustream-openssl ivala uthethathethwano loqhagamshelwano olusekwe kwi-TLSv1.2 kunye neenguqulelo zangaphambili zeprothokholi.
- Inkxaso eyongeziweyo yemodem ye-Quectel EC200T-EU kwiphakheji ye-comgt-ncm.
- I-umbim utility ivumela ukuzulazula kunye noqhagamshelwano ngothungelwano lwamahlakani.
- Inkxaso yeendlela ze-HE (Wifi 6), izixhobo ezitsha (MT7921AU, MT7986 WiSoC) kunye nee-ciphers ezongezelelweyo (CCMP-256, GCMP-256) zongezwe kwi-iwinfo utility.
Ukuba ufuna ukwazi ngakumbi ngayo malunga neenkcukacha ezidityanisiweyo kolu khululo lutsha lwe-OpenWrt firmware 22.03.3 ungakhangela ulwazi kupapasho loqobo Kule khonkco ilandelayo.
Khuphela inguqulelo entsha ye-OpenWrt 22.03.3
Ukwakhiwa kwale nguqulo intsha kulungiselelwe amaqonga ama-35 ahlukeneyo, anokufumana kuwo iiphakheji zokuhlaziya kwikhonkco elingezantsi.