From the resolution to https://community.nxp.com/t5/Layerscape/LS1021A-TWR-UDP-packet-loss/m-p/1093227 it was recommended that for the Layerscape I use OpenWrt-19.04 from
https://source.codeaurora.org/external/qoriq/qoriq-components/openwrt
There do not seem to be any new commits which resolve issues on openwrt's security advisories:
https://openwrt.org/docs/guide-developer/security
Taking the first issue as an example:
https://openwrt.org/advisory/2020-05-06-2 updates package/network/services/relayd/Makefile to take commit "f4d759be54ceb37714e9a6ca320d5b50c95e9ce9" instead of "ad0b25ad74345d367c62311e14b279f5ccb8ef13" for the relayd source.
From looking at the code I am evaluating it is still using the vulnerable version.
Taking a look at openwrt-19.07 the LSDK commits do not at first glance appear to have been upstreamed.
Is there a variant of open wrt that has the latest LSDK support and is actively maintained i.e. latest bugfixes / security patching?
We have a new version OpenWrt will be released on September 25th, I have uploaded the internal version in the following link, you could have reference.
https://drive.google.com/file/d/1l1opSntkpVxssKFUKbXvabrEN-HB1AN0/view?usp=sharing
Hi @yipingwang ,
Thanks for replying.
I was asking as I don't understand the release schedule. For example what is gating the 25 September release (open wrt release cycle / annual NXP release cycle) and how do I know that I am going to have the latest bug / security fixes available?
Would moving to a different recommended layerscape distribution provide more timely fixes (e.g. debian)?
John
Hello John,
NXP released OpenWrt is ready for customers on September 25th.
I have uploaded this version OpenWrt to you again, which includes git commit information.
https://drive.google.com/file/d/1uxTNZzrc6Fu-wjaEL5arYe_QjSRnOp-Q/view?usp=sharing
After typing "git log" command, you will find security related patches mentioned by you have been applied in this version OpenWrt.
Please refer to the attached git commit information.
Thanks,
Yiping