OpenWrt

OpenWrt 18.06

End of life · latest 18.06.9 on 2020-12-09 · initial release 2018-07-31 · EoL 2020-12

Get firmware on Downloads (latest 18.06.9). Each version's full technical changelog lives on the wiki; the notes below are the per-release summary.

OpenWrt 18.06.9 — Final Service Release · 9 December 2020

End of support for OpenWrt 18.06

This release is the final one for OpenWrt 18.06. You should consider upgrading to a newer version (OpenWrt 19.07 or later)

Receiving important changes and announcements

We have a new mailing list for release announcements and other important changes: consider subscribing!

See https://openwrt.org/contact#important_changes_and_announcements for details.

Highlights in OpenWrt 18.06.9

The OpenWrt Community is proud to announce the ninth service release of the stable OpenWrt 18.06 series. OpenWrt 18.06.9 brings security fixes, as well as the usual device support fixes and core components update.

The main highlights of this service release are:

Security fixes

Note: security fixes for most packages can also be applied by upgrading only the affected packages on running devices, without the need for a full firmware upgrade. This can be done with opkg update; opkg upgrade the_package_name or through the LuCI web interface.

Nevertheless, we encourage all users to upgrade their devices to OpenWrt 18.06.9 or a newer major release whenever possible.

Bug fixes

  • libubox: Fix regression that could cause procd to fail to start or restart some services. This is especially visible as it broke LuCI when upgrading from older 18.06.X releases (FS#3177)
  • musl: fix locking synchronization bug
  • kernel: backport out-of-memory fix for non-Ethernet devices
  • firewall: fix TCP MSS clamping that was only applied on one direction (FS#3231)

Device support

  • brcm63xx: fix BCM6348/BCM6358 hangs while booting (FS#2202)
  • ipq40xx: fix essedma MAC hang by disabling TCP segmentation offload for IPv6
  • ramips: fix USB detection on all rt305x devices
  • mikrotik: add support for the new ath9k caldata encoding (LZO) found in newer hardware revisions
  • Various fixes for ZyXEL Keenetic, ZyXEL NBG6616, TP-Link Archer C60 v1/v2, GL.iNet GL-AR750S, Embedded Wireless Dorin, Pirelli A226M-FWB, Arduino Yun

Core components update

  • Linux kernel updated from 4.9.214 to 4.9.243 and from 4.14.171 to 4.14.206
  • mbedtls updated from 2.16.4 to 2.16.8
  • wireguard updated from 0.0.20190601 to 1.0.20200611

Additional notes

For more details, please see the detailed Changelog.

Note that updates to the package feeds are available immediately to all minor releases of OpenWrt: there is no need to upgrade to a new OpenWrt image to install newer versions of a package. This applies to core OpenWrt packages as well as community-maintained packages.

As always, a big thank you goes to all our active package maintainers, testers, documenters, and supporters.

OpenWrt 18.06.8 — Service Release · 6 March 2020

Highlights in OpenWrt 18.06.8

The OpenWrt Community is proud to announce the eighth service release of the stable OpenWrt 18.06 series. OpenWrt 18.06.8 brings security fixes, as well as the usual device support fixes and core components update.

The main highlights of this service release are:

For more details, please see the detailed Changelog.

Regressions in OpenWrt 18.06.8

  • libubox regression: procd may fail to start or restart some services due to a regression in libubox (thread, FS#3177). This is especially visible as it breaks LuCI when upgrading from older 18.06.X releases: because of the regression, rpcd fails to start under some circumstances (empty rpcd section in /etc/config/rpcd).

Additional notes

Note that updates to the package feeds are available immediately to all minor releases of OpenWrt: there is no need to upgrade to a new OpenWrt image to install newer versions of a package. This applies to core OpenWrt packages as well as community-maintained packages.

As always, a big thank you goes to all our active package maintainers, testers, documenters, and supporters.

OpenWrt 18.06.7 — Service Release · 31 January 2020

Highlights In OpenWrt 18.06.7

The OpenWrt Community is proud to announce the seventh service release of the stable OpenWrt 18.06 series. OpenWrt 18.06.7 brings important security fixes, as well as the usual device support fixes and core components update.

The main highlights of this service release are:

For more details, please see the detailed Changelog.

Note that updates to the package feeds are available immediately to all minor releases of OpenWrt: there is no need to upgrade to a new OpenWrt image to install newer versions of a package. This applies to core OpenWrt packages as well as community-maintained packages.

As always, a big thank you goes to all our active package maintainers, testers, documenters, and supporters.

OpenWrt 18.06.6 — Sixth Service Release · 6 January 2020

Highlights In OpenWrt 18.06.6

The OpenWrt Community is proud to announce the sixth service release of the stable OpenWrt 18.06 series. OpenWrt 18.06.6 incorporates security updates for base packages, new versions of the Linux kernel, a bug fix related to signature verification, and fixes for various devices.

Some selected highlights of this service release are:

  • Linux kernel updated from 4.9.198 to 4.9.208 and from 4.14.151 to 4.14.162
  • Security fixes for the following base packages: e2fsprogs, openssl, uhttpd
  • LXC and netns fixes for an issue that could cause kernel panics
  • PCIe reset crash fix on brcmfmac
  • Device detection fix for all Mikrotik devices, fixing sysupgrade for newer devices
  • Device support fixes for several devices: lantiq, Archer C20i, Mikrotik RBM33G, TL-WDR3320 v2, TL-WDR3600, TL-WDR4300, TL-WDR4310, TL-WDR4900 v2, Archer C5, Archer C7, MW4530R, WeVO 11AC NAS, WeVO W2914NS v2, ASUS WL-330N, Asus WL-330N3G, Samsung CY-SWR1100, Ravpower WD03

For more details, please see the detailed Changelog.

Note that updates to the package feeds are available immediately to all minor releases of OpenWrt: there is no need to upgrade to a new OpenWrt image to install newer versions of a package. This applies to core OpenWrt packages as well as community-maintained packages.

As always, a big thank you goes to all our active package maintainers, testers, documenters, and supporters.

OpenWrt 18.06.5 — Fifth Service Release · 8 November 2019

Highlights In OpenWrt 18.06.5

The OpenWrt Community is proud to announce the fifth service release of the stable OpenWrt 18.06 series. OpenWrt 18.06.5 incorporates security updates for base packages, new versions of the Linux kernel, a bug fix related to signature verification, and fixes for various devices.

Some selected highlights of this service release are:

  • Linux kernel updated from 4.9.184 to 4.9.198 and from 4.14.131 to 4.14.151, including security fixes
  • Security fixes for LuCI, the web interface bundled with OpenWrt, fixing CRSF and XSS bugs
  • Security fixes for the following base packages: musl, hostapd, wolfssl, openssl, iptables, ustream-ssl, libpcap, tcpdump, bzip2
  • Wireless fixes for the brcmfmac driver, fixing crashes and facilitating debug (backported from Linux 5.4)
  • Fix signature verification bug: in rare cases, usign would refuse a valid signature, making it impossible to install packages from an opkg feed. This bug has been fixed in usign, and a workaround has been implemented when generating package indexes, so that devices using an unfixed version of usign don’t encounter this bug
  • Device support fixes for several devices: WNR2200, WPJ531, HiveAP 121, DIR-615 H1

For more details, please see the detailed Changelog.

Note that updates to the package feeds are available immediately to all minor releases of OpenWrt: there is no need to upgrade to a new OpenWrt image to install newer versions of a package. This applies to core OpenWrt packages as well as community-maintained packages.

As always, a big thank you goes to all our active package maintainers, testers, documenters, and supporters.

OpenWrt 18.06.4 — Fourth Service Release · July 2019

Highlights In OpenWrt 18.06.4

The OpenWrt Community is proud to announce the fourth service release of the stable OpenWrt 18.06 series. OpenWrt 18.06.4 incorporates a number of bug fixes in the network and system userland, as well as updates to the kernel and base packages.

Note that the OpenWrt 18.06.3 release was skipped in favor to 18.06.4 due to a last minute 4.14 kernel update fixing TCP connectivity problems which were introduced with the first iteration of the Linux SACK vulnerability patches.

Some selected highlights of the service release are:

  • Linux kernel updated to versions 4.9.184/4.14.131 (from 4.9.152/4.14.95 in v18.06.2)
  • SACK security fixes for the Linux kernel
  • WPA3 security fixes in hostapd
  • Further security fixes for Curl and the Linux kernel
  • MT76 wireless driver updates
  • Various network and system service fixes

As always, a big thank you goes to all our active package maintainers, testers, documenters, and supporters.

OpenWrt 18.06.3 — Third Service Release · July 2019

Highlights In OpenWrt 18.06.3

The OpenWrt Community is proud to announce the third service release of the stable OpenWrt 18.06 series. OpenWrt 18.06.3 incorporates a number of bug fixes in the network and system userland, as well as updates to the kernel and base packages.

Some selected highlights of the service release are:

  • Linux kernel updated to versions 4.9.182/4.14.128 (from 4.9.152/4.14.95 in v18.06.2)
  • SACK security fixes for the Linux kernel
  • WPA3 security fixes in hostapd
  • Further security fixes for Curl and the Linux kernel
  • MT76 wireless driver updates
  • Various network and system service fixes

As always, a big thank you goes to all our active package maintainers, testers, documenters, and supporters.

OpenWrt 18.06.2 — Second Service Release · January 2019

Highlights In OpenWrt 18.06.2

The OpenWrt Community is proud to announce the second service release of the stable OpenWrt 18.06 series. OpenWrt 18.06.2 incorporates a fair number of bug fixes in the network userland and the build system, as well as updates to the kernel and base packages.

Some selected highlights of the service release are:

  • Linux kernel updated to versions 4.9.152/4.14.95 (from 4.9.120/4.14.63 in v18.06.1)
  • Security fixes for the Linux kernel, GNU patch, Glibc, BZip2, Grub, OpenSSL and MbedTLS
  • Build system bug fixes
  • IPv6 and network service fixes

As always, a big thank you goes to all our active package maintainers, testers, documenters, and supporters.

OpenWrt 18.06.1 — First Service Release · August 2018

Highlights In OpenWrt 18.06.1

The OpenWrt Community is proud to announce the first service release of the OpenWrt 18.06 stable series. It incorporates a number of fixes back ported from the development branch during the last two weeks.

Some selected highlights of the service release are:

  • Linux kernel updated to versions 4.9.120/4.14.63 (from 4.9.111/4.14.52 in v18.06.0)
  • Security fixes for Opkg, Curl, Mbedtls, OpenSSL and the Linux kernel
  • Binary builds for the at91 and ath25 targets
  • Updated mwlwifi driver
  • Improved input validation for rpcd uci ubus calls
  • Crash fixes in libuci
  • Assorted bug fixes in netifd

As always, a big thank you goes to all our active package maintainers, testers, documenters, and supporters.

OpenWrt 18.06.0 — First Stable Release · July 2018

Highlights In OpenWrt 18.06.0

The OpenWrt community is proud to announce the first release of the OpenWrt 18.06 stable version series. It incorporates over 4000 commits since branching the previous LEDE 17.01 release and has been under development for well over a year.

With this release, the re-merged OpenWrt project attempts to define a baseline for future development based on the technological modernization and refined release processes done by the former LEDE project.

Highlights of this release since the previous LEDE 17.01 and OpenWrt Chaos Calmer 15.05 versions are:

  • Linux kernel updated to version either 4.9.111 or 4.14.52, depending on the architecture
  • Updated toolchain:
    • musl libc 1.1.19
    • uClibc-ng 1.0.30
    • glibc 2.26+
    • gcc 7.3.0
    • binutils 2.29.1
  • Updated Linux kernel:
    • Kernel 4.9.111 for ar7, ar71xx, arc770, at91, brcm2708, brcm63xx, ixp4xx, lantiq, layerscape, mpc85xx, orion, rb532 and uml
    • Kernel 4.14.52 for apm821xx, archs38, armvirt, ath25, bcm53xx, brcm47xx, cns3xxx, gemini, imx6, ipq40xx, ipq806x, kirkwood, malta, mediatek, mvebu, mxs, octeon, octeontx, omap, oxnas, pistachio, ramips, sunxi and x86
    • Backported network flow offloading support for targets using kernel 4.14
  • Network userland:
    • IPv6 related fixes in DHCPv6 client and servers
    • Support for user DHCPv6 client options in sent packets
    • DHCP forced renew support (RFC6704) in odhcpd
    • Firewall support for conntrack helper setup and better ipset integration
    • Introduced support for configuring GRE, GRE-TAP, VETH, VTI, VXLAN
    • CAKE v20180716 includes tc filter classification making ingress prioritisation easier. Cake & sqm-scripts updated representing state of the art mitigations for bufferbloat
    • Wireguard VPN v20180625 with MIPS optimisations and flow-offload compatibility
  • System userland:
    • Improvements in system upgrade procedure
    • Bugfixes in the process manager, system message bus, embedded webserver and the configuration management library
  • Platform and Driver Support
    • Dropped adm5120, adm8668, au1000, mcs814x, omap24xx, ppc40x, ppc44x, xburst and zynq targets
    • Added Spectre and Meltdown mitigations as well as microcode loading support to x86
    • Rebased oxnas target on top of upstream Kernel 4.14 support
    • Updates and new device support across all targets
  • Web interface:
    • New auto-rollback functionality to revert configuration changes when access to the router is lost
    • Better support for displaying virtual interfaces and low level configuration errors
    • Security improvements

Known issues:

  • Support for a hardware-bug workaround needed for devices having an AT8032 ethernet phy accidentally got dropped. Hence devices with that ethernet chip may experience connectivity issues. At least ubnt-loco-m-xw and most likely other single-port ubnt devices are affected. [fix merged, queued for 18.06.1]
  • Using ip4ip6 tunnel interface as a fallback interface accepting ip4-in-ip6 tunneled packets from any remote address doesn’t work. [fix merged, queued for 18.06.1]
  • Support for PCIe on ox820 is broken, results in missing USB3 support on Shuttle KD20 [driver needs more work]
  • Images for some device became too big to support a persistent overlay, causing such models to lose configuration after a reboot. If you experience this problem, please report the affected device and consider downgrading to LEDE 17.01.5 or using the Image Builder to pack a smaller custom image
  • Some devices, such as the Netgear R6100, may lack 5GHz wireless AC support. Investigation is ongoing and a fix is expected for 18.06.1. Affected users shall downgrade to LEDE 17.01.5 for the time being and wait for the first service release.
  • Devices using the mt76 wireless driver may experience stability issues on 2.4GHz
  • The legacy at91 and legacy ath25 (formerly “atheros”) targets failed to build due to image size constraints and are not part of the release
  • A GUI bug prevents selecting and scrolling text in the system and kernel log pages. To solve, either upgrade “luci-theme-bootstrap” using opkg or switch to another theme. [fix merged, queued for 18.06.1]

With the release of OpenWrt 18.06, the old OpenWrt 15.05 release is marked end of life and will not get any support any more, not even for severe security problems. LEDE 17.01 will still get some security support for a limited time. We encourage everyone to upgrade to OpenWrt 18.06 to get the best support.

As always, a big thank you goes to all our active package maintainers, testers, documenters, and supporters.

OpenWrt 18.06.0-rc2 — Second Stable Release Candidate · July 2018

← All releases