LEDE v17.01.3 service release

The LEDE Community is proud to announce the third service release of stable LEDE 17.01 series.

LEDE 17.01.3 “Reboot” incorporates a fair number of fixes back ported from the development branch during the last sixteen weeks.


Some selected highlights of the service release are:

  • Linux kernel updated to version 4.4.89 (from 4.4.71 in v17.01.2)
  • Numerous security fixes to curl, dnsmasq, mbedtls, tcpdump and the Linux kernel
  • Assorted platform fixes for ar7, ar71xx, bcm53xx, brcm63xx, imx6, ipq806x, lantiq, ramips, sunxi and x86

For a detailed list of changes since 17.01.2 refer to
https://lede-project.org/releases/17.01/changelog-17.01.3


For latest information about the 17.01 series, refer to the wiki at:
https://lede-project.org/releases/17.01/

To download the v17.01.3 images, navigate to:
https://downloads.lede-project.org/releases/17.01.3/


As always, a big thank you goes to all our active package maintainers,
testers, documenters and supporters.

Have fun!

The LEDE Community

13 Likes

Since I changed to LEDE I am impressed about the overall quality of the releases and the development process. Thank you all very much!

3 Likes

115 days since last reboot on 17.01.2 (c2600). I almost hate to upgrade and reboot. :slight_smile:

2 Likes

I have a very strange issue on latest version of LEDE. Before anyone says could be issue with other hardware, its not as this never happens when Im running DD WRT.

So once a day my Synology NAS which is connected wired to the router looses all connectivity and nothing can access it on my network. Only way to get it back is to either unplug and replug the ethernet cable and wait 5 mins or reboot my NAS.

i can`t get OpenVPN working with this version? i have to back to 17.01.2.....

On system upgrades, user installed packages aren't reinstalled or kept, you need to reinstall them.

Edit: here a couple of scripts for saving the user manually installed packages.

1 Like

I use Centos7 kvm LEDE | LEDE Reboot 17.01.3 r3533-d0bf257c46 x86_64 This system doesn't provide enough entropy to quickly generate high-quality random numbers.

What is the reason for this? Does kernel compilation not open support for virtualized processors?

<domain type='kvm'>
  <name>vm02</name>
  <uuid>17200020-0f1b-4722-be0f-4f161bbe8b20</uuid>
  <memory unit='KiB'>4096789</memory>
  <currentMemory unit='KiB'>4096789</currentMemory>
  <vcpu placement='static'>2</vcpu>
  <os>
    <type arch='x86_64' machine='pc-i440fx-rhel7.0.0'>hvm</type>
    <boot dev='hd'/>
  </os>
  <features>
    <acpi/>
    <apic/>
  </features>
  <cpu mode='custom' match='exact'>
    <model fallback='allow'>Nehalem</model>
  </cpu>

processor	: 3
vendor_id	: GenuineIntel
cpu family	: 6
model		: 55
model name	: Intel(R) Celeron(R) CPU  J1900  @ 1.99GHz
stepping	: 8
microcode	: 0x829
cpu MHz		: 1332.982
cache size	: 1024 KB
physical id	: 0
siblings	: 4
core id		: 3
cpu cores	: 4
apicid		: 6
initial apicid	: 6
fpu		: yes
fpu_exception	: yes
cpuid level	: 11
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 movbe popcnt tsc_deadline_timer rdrand lahf_lm 3dnowprefetch epb tpr_shadow vnmi flexpriority ept vpid tsc_adjust smep erms dtherm ida arat
bogomips	: 3993.60

[    0.000000] Linux version 4.4.89 (buildbot@builds-02.infra.lede-project.org) (gcc version 5.4.0 (LEDE GCC 5.4.0 r3103-1b51a49) ) #0 SMP Sat Sep 30 13:27:29 2017
[    0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz root=PARTUUID=ac0a49be-02 rootfstype=ext4 rootwait console=tty0 console=ttyS0,115200n8 noinitrd
[    0.000000] x86/fpu: Legacy x87 FPU detected.
[    0.000000] x86/fpu: Using 'lazy' FPU context switches.
....
[    1.796198] usb 1-1: new full-speed USB device number 2 using uhci_hcd
[    1.810965] random: jshn: uninitialized urandom read (4 bytes read, 4 bits of entropy available)
[    1.833580] random: jshn: uninitialized urandom read (4 bytes read, 4 bits of entropy available)
[    1.847025] random: jshn: uninitialized urandom read (4 bytes read, 4 bits of entropy available)
[    1.866302] random: jshn: uninitialized urandom read (4 bytes read, 4 bits of entropy available)
[    1.881783] random: jshn: uninitialized urandom read (4 bytes read, 4 bits of entropy available)
[    1.895167] random: jshn: uninitialized urandom read (4 bytes read, 4 bits of entropy available)
[    1.913328] 8021q: adding VLAN 0 to HW filter on device eth0
[    1.992541] random: procd: uninitialized urandom read (4 bytes read, 4 bits of entropy available)
[    4.982404] mount_root: mounting /dev/root
[    4.991244] EXT4-fs (vda2): re-mounted. Opts: (null)
[    5.026493] EXT4-fs (vda1): mounted filesystem without journal. Opts: (null)
[    5.072044] urandom-seed: Seeding with /etc/urandom.seed
[    5.090456] procd: - early -
[    5.674502] procd: - ubus -
[    5.685035] random: ubusd: uninitialized urandom read (4 bytes read, 6 bits of entropy available)
[    5.734016] random: ubusd: uninitialized urandom read (4 bytes read, 6 bits of entropy available)
[    5.744797] random: ubusd: uninitialized urandom read (4 bytes read, 6 bits of entropy available)
Configuring dnscrypt-proxy.
Sun Oct  8 01:15:14 2017 [WARNING] This system doesn't provide enough entropy to quickly generate high-quality random numbers
Sun Oct  8 01:15:14 2017 [WARNING] Installing the rng-utils/rng-tools or haveged packages may help.
Sun Oct  8 01:15:14 2017 [WARNING] On virtualized Linux environments, also consider using virtio-rng.
Sun Oct  8 01:15:14 2017 [WARNING] The service will not start until enough entropy has been collected.

Try a virtual RNG device, it provides entropy from the host to the guest

<devices>
  <rng model='virtio'>
    <backend model='random'>/dev/random</backend>
    <alias name='rng0'/>
    <address type='pci' domain='0x0000' bus='0x00' slot='0x09' function='0x0'/>
  </rng>
</devices
1 Like

Is Fastpath included? Or it must be manually added?

Is this an important update for those who are running smoothly on 17.01.2? Wondering if I should install 17.01.3 (for important security fixes) or can safely hold off for the next major release.

@mc510 What do you think?

https://lede-project.org/releases/17.01/notes-17.01.3

It's good to update just for the dnsmasq update, among other fixes.

2 Likes

Up for 5 days and no issues.

1 Like

I've seen user reporting various problems with 17.01.3 release. I'm personally sticking with 17.01.2 for the moment.

This is a pretty broad brush - would you cite links to reported problems? (My motto: We promise not to fix it if we don't know it's broke... ) Thanks.

Dear all!
First of all, many thanks for your excellent work and the 17.01.3 release! I'm new to the forum. I have an TP-Link Archer C5 v1 and was updating form 17.01.1 to 17.01.3 via sysupgrade. As always, this requires some manual installation of packages required for 3G-modem internet access.
With the upgrade ot 17.01.3 I realized that the package comgt is no longer in the repository for download. Can someone please compile it?
Further packages may be missing as well, if they are not already included in the base-install. On 17.01.1 I additionally needed to install: kmod-usb-serial kmod-usb-serial-option kmod-usb-serial-wwan

Many thanks
Mario

Will this be addressed in this release?

no, it will be fixed in v17.01.4, it wasn't known in 17.01.3

David Lang

17.01.4 is already available.

1 Like