2014-04-19 20:01:41 UTC
please break wifi.
+ debloat qlens reduced again to 12 for be and bk wifi queues
+ heartbleed fix from -3 forward
I note that nearly every "secured"-by-openssl network facing daemon has been
shown vulnerable to heartbleed. The hole in openvpn bit *me*, in
particular. I've updated, rekeyed and re-certified the vpns I have in
place, and you should too for any openvpn servers and clients you have
It was a real PITA for me, and I only had a few boxes on it.
For more details, see: http://community.openvpn.net/openvpn/wiki/heartbleed
For more details on the daemons potentially affected by heartbleed in
cerowrt, openwrt, and others, see the advisory at:
+ resync with openwrt
notably there were updates to netifd, and a fix for a strongswan CVE
+ dnscrypt added as an optional package (thx stephen walker and "mailjoe")
+ snort added as an optional package
+/- full dnssec
- upgrade to httping 2.x broke
- no sqm autotuning yet
- neither snort nor dnscrypt tested
If you are not experiencing problems with wifi or with heartbleed
there are few reasons to update to this release.
I wanted to note to those that use sysupgrade without a clean reflash,
in that the
/etc/opkg.conf file is not re-written in this case, and still points
to the old repository.
If you wish to install additional packages after an inplace upgrade,
you will have
to also update /etc/opkg.conf to point to the right place.