+ felix's wifi patch for bug #442 added please break wifi. + debloat qlens reduced again to 12 for be and bk wifi queues + heartbleed fix from -3 forward
I note that nearly every "secured"-by-openssl network facing daemon has been shown vulnerable to heartbleed. The hole in openvpn bit *me*, in particular. I've updated, rekeyed and re-certified the vpns I have in place, and you should too for any openvpn servers and clients you have too. It was a real PITA for me, and I only had a few boxes on it. For more details, see: http://community.openvpn.net/openvpn/wiki/heartbleed For more details on the daemons potentially affected by heartbleed in cerowrt, openwrt, and others, see the advisory at: http://www.bufferbloat.net/news/50 + resync with openwrt notably there were updates to netifd, and a fix for a strongswan CVE + dnscrypt added as an optional package (thx stephen walker and "mailjoe") + snort added as an optional package +/- full dnssec - upgrade to httping 2.x broke - no sqm autotuning yet - neither snort nor dnscrypt tested If you are not experiencing problems with wifi or with heartbleed there are few reasons to update to this release. I wanted to note to those that use sysupgrade without a clean reflash, in that the /etc/opkg.conf file is not re-written in this case, and still points to the old repository. If you wish to install additional packages after an inplace upgrade, you will have to also update /etc/opkg.conf to point to the right place. -- Dave Täht NSFW: https://w2.eff.org/Censorship/Internet_censorship_bills/russell_0296_indecent.article _______________________________________________ Cerowrt-devel mailing list [email protected] https://lists.bufferbloat.net/listinfo/cerowrt-devel
