История изменений
Исправление Manhunt, (текущая версия) :
Множественные исправления в работе разнообразных железок.
Закрытие пачки CVE (спустя пару недель после предыдущего релиза, Карл!).
В общем, версия 25.12.0 была, по сути, бетой.
Security fixes
OpenWrt components (Trail of Bits audit, February 2026):
CVE-2026-30871: Stack buffer overflow in umdns DNS PTR query handling (HIGH)
CVE-2026-30872: Stack buffer overflow in umdns IPv6 reverse DNS lookup (HIGH)
CVE-2026-30873: Memory leak in jsonpath when processing strings, labels, and regexp tokens (LOW)
CVE-2026-30874: Command execution via PATH environment variable filter bypass in procd (LOW)
LuCI:
CVE-2026-32721: Possible XSS attack via malicious SSID in LuCI WiFi scan modal (HIGH)
Additional hardening from the same Trail of Bits audit (no CVE assigned):
odhcpd: fix stack buffer overflow in DHCPv6 Identity Association logging
procd: fix out-of-bounds write in cgroup path building and cgroup rule application
Исходная версия Manhunt, :
Security fixes
OpenWrt components (Trail of Bits audit, February 2026):
CVE-2026-30871: Stack buffer overflow in umdns DNS PTR query handling (HIGH)
CVE-2026-30872: Stack buffer overflow in umdns IPv6 reverse DNS lookup (HIGH)
CVE-2026-30873: Memory leak in jsonpath when processing strings, labels, and regexp tokens (LOW)
CVE-2026-30874: Command execution via PATH environment variable filter bypass in procd (LOW)
LuCI:
CVE-2026-32721: Possible XSS attack via malicious SSID in LuCI WiFi scan modal (HIGH)
Additional hardening from the same Trail of Bits audit (no CVE assigned):
odhcpd: fix stack buffer overflow in DHCPv6 Identity Association logging
procd: fix out-of-bounds write in cgroup path building and cgroup rule application