Hi,

The OpenWrt community is proud to announce the newest stable release of the OpenWrt 24.10 stable series.

This release fixes several security issues, including security fixes in dnsmasq and the Linux kernel. We recommend everyone to upgrade.

The OpenWrt 24.10 series is in security maintenance (only security problems are fixed), with end of life (EoL) projected for September 2026. We recommend migrating to OpenWrt 25.12 before then.

Download firmware images using the OpenWrt Firmware Selector:

• https://firmware-selector.openwrt.org/?version=24.10.7

Download firmware images directly from our download servers:

• https://downloads.openwrt.org/releases/24.10.7/targets/

Main changes between OpenWrt 24.10.6 and OpenWrt 24.10.7

Only the main changes are listed below. See changelog-24.10.7 for the full changelog.

Security fixes

Linux kernel:

• CVE-2026-43284 ("Dirty Frag"): local privilege escalation through the IPsec ESP code path. This only affects devices that use IPsec, i.e. that have kmod-ipsec / the esp4 or esp6 kernel modules loaded. Fixed by the Linux kernel update to 6.6.138.
• CVE-2026-31431 ("Copy Fail"): in earlier releases this only affected users of the starfive target and users who had installed kmod-crypto-user. Fixed by the Linux kernel update to 6.6.137.

dnsmasq:

• Multiple upstream security fixes backported to dnsmasq 2.90: CVE-2026-2291, CVE-2026-4890, CVE-2026-4891, CVE-2026-4892, CVE-2026-4893 and CVE-2026-5172.

TLS/crypto libraries:

• openssl: update to 3.0.20, fixing multiple security vulnerabilities
• mbedtls: update to 3.6.6, fixing multiple security vulnerabilities
• wolfssl: update to 5.9.1, fixing multiple security vulnerabilities

Device support

• airoha: an7581: enable USB support
• airoha: EN7581: fix PCIe initialization and add x2 lane (x2 link) support
• airoha: add U-Boot support for EN7581/AN7583 boards
• bcm53xx: align image names with the device-tree compatible (affects image selection in the Firmware Selector)
• qualcommax: ipq807x: Linksys MX5300: fix MAC address labelling
• ramips: mt7621: Xiaomi Mi Router AC2100: fix MAC address labelling

Various fixes and improvements

• airoha: an7581: fix kernel panic in the I2S audio driver
• airoha: fix Ethernet hardware offload on EN7581 (backported upstream airoha_eth patches, offload with GDM2 present)
• lantiq: fix refcount and memory leak in the MTD partition parser
• wifi-scripts: fix MAC address check in the mac80211 setup script

Core components update

• Linux kernel: update from 6.6.127 to 6.6.141
• ca-certificates: update from 20250419 to 20260223
• mbedtls: update from 3.6.5 to 3.6.6
• openssl: update from 3.0.19 to 3.0.20
• wireless-regdb: update from 2026.02.04 to 2026.03.18
• wolfssl: update from 5.7.6 to 5.9.1

Upgrading to 24.10

Sysupgrade can be used to upgrade a device from 23.05 to 24.10, and configuration will be preserved in most cases.

For for upgrades inside the OpenWrt 24.10 stable series for example from a OpenWrt 24.10 release candidate Attended Sysupgrade is supported in addition which allows preserving the installed packages too.

• Sysupgrade from 22.03 to 24.10 is not officially supported.

• There is no configuration migration path for users of the ipq806x target for Qualcomm Atheros IPQ806X SoCs because it switched to DSA. You have to upgrade without saving the configuration.
  ''Image version mismatch. image 1.1 device 1.0 Please wipe config during upgrade (force required) or reinstall. Config cannot be migrated from swconfig to DSA Image check failed''

• User of the Linksys E8450 aka. Belkin RT3200 running OpenWrt 23.05 or earlier will need to run installer version v1.1.3 or later in order to reorganize the UBI layout for the 24.10 release. A detailed description is in the OpenWrt wiki. Updating without using the installer will break the device. Sysupgrade will show a warning before doing an incompatible upgrade.

• Users of the Xiaomi AX3200 aka. Redmi AX6S running OpenWrt 23.05 or earlier have to follow a special upgrade procedure described in the wiki. This will increase the flash memory available for OpenWrt. Updating without following the guide in the wiki break the device. Sysupgrade will show a warning before doing an incompatible upgrade.

• Users of Zyxel GS1900 series switches running OpenWrt 23.05 or earlier have to perform a new factory install with the initramfs image due to a changed partition layout. Sysupgrade will show a warning before doing an incompatible upgrade and is not possible. After upgrading, the config file /etc/config/system should not be restored from a backup, as this will overwrite the new compat_version value.

Known issues

• LEDs for Airoha AN8855 are not yet supported. Devices like the Xiaomi AX3000T with an Airoha switch will have their switch LEDs powered off. This issue will be addressed in an upcoming OpenWrt SNAPSHOT and the OpenWrt 24.10 minor release.
• 5GHz WiFi is non-functional on certain devices with ath10k chipsets. Affected models include the Phicomm K2T, TP-Link Archer C60 v3 and possibly others. For details, see issue #14541.

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/24.10/notes-24.10.7

In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/24.10/notes-24.10.7#known_issues

For a detailed list of all changes since 24.10.6, refer to
https://openwrt.org/releases/24.10/changelog-24.10.7

To download the 24.10.7 images, navigate to:
https://downloads.openwrt.org/releases/24.10.7/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org?version=24.10.7

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

To stay informed of new OpenWrt releases and security advisories, there
are new channels available:

• a low-volume mailing list for important announcements:
  https://lists.openwrt.org/mailman/listinfo/openwrt-announce

• a dedicated "announcements" section in the forum:
  https://forum.openwrt.org/c/announcements/14

• other announcement channels (such as RSS feeds) might be added in the
  future, they will be listed at https://openwrt.org/contact

Hi,

The OpenWrt community is proud to announce the fourth service release of the OpenWrt 25.12 stable series.

Download firmware images using the OpenWrt Firmware Selector:

• https://firmware-selector.openwrt.org/?version=25.12.4

Download firmware images directly from our download servers:

• https://downloads.openwrt.org/releases/25.12.4/targets/

Main changes between OpenWrt 25.12.3 and OpenWrt 25.12.4

Only the main changes are listed below. See the full changelog for details.

Security fixes

• dnsmasq: backport six upstream CVE-fix patches to dnsmasq 2.91:
  • CVE-2026-2291: heap buffer overflow in DNS domain-name handling.
  • CVE-2026-4890 / CVE-2026-4891: DNSSEC crashes via crafted NSEC bitmaps / RRSIG packets.
  • CVE-2026-4892: buffer overflow on large DHCPv6 CLIDs (only with --dhcp-script).
  • CVE-2026-4893: broken EDNS Client Subnet validation.
  • CVE-2026-5172: buffer overflow in extract_addresses() on crafted resource records.
• Linux kernel: CVE-2026-43284 ("Dirty Frag") — local privilege escalation via the IPsec ESP path. Only relevant on devices with kmod-ipsec / esp4/esp6 loaded. Fixed via the 6.12.87 kernel update.

Device support

New devices supported in 25.12.4:

• ath79: MikroTik RouterBOARD 960PGS (hEX PoE / PowerBox Pro)
• mediatek: filogic: Cudy WR3000E v1: add ubootmod variant
• mediatek: filogic: Cudy WR3000H v1: add ubootmod variant
• mediatek: filogic: Cudy WR3000P v1: add ubootmod variant
• mediatek: filogic: Cudy WR3000S v1: add ubootmod variant

Device fixes:

• ath79: Sitecom WLR-7100 (X7 AC1200): fix MAC address assignment, wire up 5 GHz WLAN LED, and move to the tiny target to free ~800 KiB of flash
• ipq40xx: Pakedge WR-1: restore lost band label on the WLAN LEDs
• mediatek: filogic: Cudy WR3000E/H/P/S v1 and WBR3000UAX v1 (ubootmod NAND builds): disable NMBM, which was mistakenly enabled and prevented the NAND from being used correctly
• microchipsw: fix LAN8814 QSGMII soft reset

WiFi fixes and improvements

• wifi-scripts: fix basic_rate mapping in the wpa_supplicant ucode generator
• mac80211: update backports package to 6.18.26 (general stability improvements)

Core component updates

• Linux kernel: update from 6.12.85 to 6.12.87
• mac80211: update from 6.18.7 to 6.18.26

Upgrading to 25.12.4

Upgrading from 24.10 to 25.12 should be transparent on most devices, as most configuration data has either remained the same or will be translated correctly on first boot by the package init scripts.
For upgrades within the OpenWrt 25.12 stable series, Attended Sysupgrade is also supported, which allows preserving the installed packages.

• Sysupgrade from 23.05 or earlier to 25.12 is not officially supported.

• Cron log level was fixed in busybox. system.@system[0].cronloglevel should be set to 7 for normal logging. 7 is the default now. If this option is not set, the default is used and no manual action is needed. fc0c518

• Bananapi BPI-R4: Interface eth1 was renamed to sfp-lan or lan4, and interface eth2 was renamed to sfp-wan to match the labels. You have to upgrade without saving the configuration. cd8dcfe

• TP-Link RE355 v1, RE450 v1 and RE450 v2: The partition layout and block size changed in this release to fix configuration loss on sysupgrade. Users upgrading from OpenWrt 25.12.0 or earlier must use sysupgrade -F to force the upgrade. The image must not exceed 5.875 MB (6016 KiB).

• Meraki MX60: Direct sysupgrade to 25.12.4 is not possible without manual preparation — meraki_loadaddr must be changed before upgrading, as the default value is insufficient to boot OpenWrt 25.12+. See the device wiki page for instructions.

Known issues

• Zyxel EX5601-T0: the WAN interface was renamed from eth1 to wan — check and update your network configuration after upgrading.
• Pixel 10 phones have problems connecting to WPA3-protected WiFi 6 APs. #21486
• 802.11r Fast Transition (FT) causes connection problems with some WiFi clients when WPA3 is used. #22200
• SQM CAKE MQ (cake_mq): throughput may be unexpectedly low on some configurations after the scheduler fixes in this release. #22344

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/25.12/notes-25.12.4

In particular, make sure to read the known issues before upgrading:
https://openwrt.org/releases/25.12/notes-25.12.4#known_issues

For a detailed list of all changes, refer to
https://openwrt.org/releases/25.12/changelog-25.12.4

To download the 25.12.4 images, navigate to:
https://downloads.openwrt.org/releases/25.12.4/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org?version=25.12.4

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

To stay informed of new OpenWrt releases and security advisories, there
are new channels available:

• a low-volume mailing list for important announcements:
  https://lists.openwrt.org/mailman/listinfo/openwrt-announce

• a dedicated "announcements" section in the forum:
  https://forum.openwrt.org/c/announcements/14

• other announcement channels (such as RSS feeds) might be added in the
  future, they will be listed at https://openwrt.org/contact

Hi,

The OpenWrt community is proud to announce the third service release of the OpenWrt 25.12 stable series.

Download firmware images using the OpenWrt Firmware Selector:

• https://firmware-selector.openwrt.org/?version=25.12.3

Download firmware images directly from our download servers:

• https://downloads.openwrt.org/releases/25.12.3/targets/

Main changes between OpenWrt 25.12.2 and OpenWrt 25.12.3

Only the main changes are listed below. See the full changelog for details.

Security fixes

• Linux kernel: fixes CVE-2026-31431 ("Copy Fail"). In earlier releases this only affected users on the starfive target and users who had installed kmod-crypto-user.
• mbedtls: update to 3.6.6 (multiple CVE fixes)
• OpenSSL: update to 3.5.6 (multiple CVE fixes)
• wolfSSL: update to 5.9.1 (multiple CVE fixes)

Device support

New devices supported in 25.12.3:

• mediatek: filogic: ASUS RT-AX52 PRO
• mediatek: filogic: D-Link AQUILA PRO AI E30
• mediatek: filogic: Huasifei WH3000 Pro (NAND variant)
• mediatek: filogic: Keenetic KAP-630 / Netcraze NAP-630
• mediatek: filogic: Zbtlink ZBT-Z8106AX-T
• mediatek: filogic: Zyxel WX5600-T0
• ramips: mt7621: EDUP EP-RT2983
• ramips: mt76x8: Cudy LT300 v3
• x86: DFI ADN553
• x86: DFI ASL553

Device fixes:

• ath79: Netgear WNDAP360: multiple fixes restoring proper operation (sysupgrade, kernel loader, ethernet, LED, serial baud rate and U-Boot environment)
• ath79: Extreme Networks WS-AP3805i: fix U-Boot environment configuration
• ath79: Mikrotik: fix included device packages
• ipq50xx: Linksys MX5500: add label MAC device assignment
• lantiq: Netgear DGN3500: fix U-Boot environment size — device was broken on 25.12 (#22692)
• mediatek: filogic: Bananapi BPI-R4: add device tree overlay for the BE14 WiFi 7 module — fixes very low WiFi TX power on this module (#17489)
• mediatek: filogic: Keenetic KN-1812: various Ethernet PHY device tree fixes (PHY reset, interrupt support, MDIO drive strength, partition naming, xsphy node)
• mediatek: filogic: Netgear EAX17: fix rootfs hash in FIT node for per-device rootfs builds
• mediatek: filogic: CMCC RAX3000M: add Airoha AN8855 switch support (#21230)
• mediatek: filogic: Zbtlink ZBT-Z8103AX-D: enable NMBM on the SPI-NAND flash
• mvebu: ClearFog Base/Pro: fix switch kernel module
• qualcommax: ipq50xx: Xiaomi AX6000: enable PCIe1 for QCA9887
• qualcommax: ipq807x: Linksys MX5300: add label MAC assignment
• ramips: Yuncore CPE200: fix EEPROM size
• ramips: mt7621: fix reset hang
• ramips: Wavlink WL-WN575A3: fix EEPROM size for 5 GHz WiFi
• ramips: Xiaomi Mi Router 4C: fix WAN LED GPIO (#18578)

WiFi fixes and improvements

• wifi-scripts: fix incorrect erp_domain and fils_cache_id values generated by the ucode-based config script (#21768)
• wifi-scripts: add missing bridge_isolate and network_vlan fields to the ucode schema (#22620)
• wifi-scripts: add missing iface and other fields to the ucode station/vlan schema (#22165)
• wifi-scripts: add EHT (WiFi 7) rates to set_fixed_freq

Networking and system fixes

• mbedtls: backport upstream patches to fix TLS 1.2 client issues — fixes a regression that broke DDNS updates and other TLS 1.2 client connections; the regression was introduced in mbedtls package updates shipped after the 25.12.2 release (#22874)
• base-files: sysupgrade: fix -u option (skip default configuration) which was broken with apk
• base-files: sysupgrade: fix -f (custom backup) when the path contains spaces
• base-files: sysupgrade: update backup exclusion list
• base-files: use DISKSEQ instead of MAJOR/MINOR for stable disk identification (MAJOR/MINOR are not sequential)
• lantiq: fix mtdparsers refcount and memory leak
• uqmi / umbim: introduce devpath option for selecting cellular modems by USB device path
• kernel: add kmod-vsock and kmod-vsock-virtio for VM guests (vsock communication)

Core component updates

• Linux kernel: update from 6.12.74 to 6.12.85
• ca-certificates: update from 20250419 to 20260223
• linux-firmware: update from 20251125 to 20260221
• mbedtls: update from 3.6.5 to 3.6.6 (security fixes)
• OpenSSL: update from 3.5.5 to 3.5.6 (security fixes)
• wireless-regdb: update from 2026.02.04 to 2026.03.18
• wolfSSL: update from 5.8.4 to 5.9.1 (security fixes)
• xdp-tools: update from 1.4.3 to 1.6.3

Upgrading to 25.12.3

Upgrading from 24.10 to 25.12 should be transparent on most devices, as most configuration data has either remained the same or will be translated correctly on first boot by the package init scripts.
For upgrades within the OpenWrt 25.12 stable series, Attended Sysupgrade is also supported, which allows preserving the installed packages.

• Sysupgrade from 23.05 or earlier to 25.12 is not officially supported.

• Cron log level was fixed in busybox. system.@system[0].cronloglevel should be set to 7 for normal logging. 7 is the default now. If this option is not set, the default is used and no manual action is needed. fc0c518

• Bananapi BPI-R4: Interface eth1 was renamed to sfp-lan or lan4, and interface eth2 was renamed to sfp-wan to match the labels. You have to upgrade without saving the configuration. cd8dcfe

• TP-Link RE355 v1, RE450 v1 and RE450 v2: The partition layout and block size changed in this release to fix configuration loss on sysupgrade. Users upgrading from OpenWrt 25.12.0 or earlier must use sysupgrade -F to force the upgrade. The image must not exceed 5.875 MB (6016 KiB).

• Meraki MX60: Direct sysupgrade to 25.12.3 is not possible without manual preparation — meraki_loadaddr must be changed before upgrading, as the default value is insufficient to boot OpenWrt 25.12+. See the device wiki page for instructions.

Known issues

• Zyxel EX5601-T0: the WAN interface was renamed from eth1 to wan — check and update your network configuration after upgrading.
• Pixel 10 phones have problems connecting to WPA3-protected WiFi 6 APs. #21486
• 802.11r Fast Transition (FT) causes connection problems with some WiFi clients when WPA3 is used. #22200
• SQM CAKE MQ (cake_mq): throughput may be unexpectedly low on some configurations after the scheduler fixes in this release. #22344

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/25.12/notes-25.12.3

In particular, make sure to read the known issues before upgrading:
https://openwrt.org/releases/25.12/notes-25.12.3#known_issues

For a detailed list of all changes, refer to
https://openwrt.org/releases/25.12/changelog-25.12.3

To download the 25.12.3 images, navigate to:
https://downloads.openwrt.org/releases/25.12.3/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org?version=25.12.3

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

To stay informed of new OpenWrt releases and security advisories, there
are new channels available:

• a low-volume mailing list for important announcements:
  https://lists.openwrt.org/mailman/listinfo/openwrt-announce

• a dedicated "announcements" section in the forum:
  https://forum.openwrt.org/c/announcements/14

• other announcement channels (such as RSS feeds) might be added in
  the future, they will be listed at https://openwrt.org/contact

Hi,

The OpenWrt community is proud to announce the second service release of the OpenWrt 25.12 stable series.

Download firmware images using the OpenWrt Firmware Selector:

• https://firmware-selector.openwrt.org/?version=25.12.2

Download firmware images directly from our download servers:

• https://downloads.openwrt.org/releases/25.12.2/targets/

Main changes between OpenWrt 25.12.1 and OpenWrt 25.12.2

Only the main changes are listed below. See the full changelog for details.

Device support

• airoha: rename kernel module kmod-pwm-an7581 to kmod-pwm-airoha — users with this module explicitly installed need to reinstall under the new name
• apm821xx: fix U-Boot environment definitions for NETGEAR WNDR4700, Western Digital MyBookLive, Meraki MR24 and Meraki MX60; fix PCIe boot failure on Meraki MX60
• ath79: fix initramfs boot for Huawei AP5030DN and AP6010DN
• ath79: fix VLAN CPU port tagging on 2-CPU-port devices (affects several dual-CPU switch configurations)
• ath79: remove incorrectly included WiFi packages from Mikrotik RB750r2 (device has no WiFi hardware)
• ipq40xx: fix ART partition name for Linksys Velop WHW03 V1 — restores correct WiFi calibration data access
• ipq40xx: fix MAC address reading for Linksys devices using eMMC-based NVMEM
• lantiq: xrx200: fix failsafe mode on BT HomeHub 5A — LAN ports 1 & 2 now work correctly in failsafe (#22480)
• mediatek: Bananapi BPI-R4: fix SFP+ electric module support — modules that stopped working after a snapshot upgrade are now functional again (#19878)
• ramips: fix kernel decompress error that bricked ELECOM WRC-X1800GS on 25.12.0 (#22270)
• ramips: fix initramfs kernel load address for TP-Link EAP615-Wall v1
• ramips: fix MAC address assignment for Xiaomi Mi AC2100
• realtek: fix D-Link fan control script

WiFi fixes and improvements

• wifi-scripts: fix 160 MHz channel width configuration — hostapd was not correctly configured for 160 MHz, preventing its use (#22481)
• wifi-scripts: fix SU beamformee antenna count — incorrect count was passed to the driver
• hostapd: fix memory leak in Radio Resource Management (RRM) ubus interface
• mac80211: ath12k: add thermal sensor support for QCA/IPQ devices
• mac80211: ath9k: fix GPIO mask handling from device tree
• mt76: fix severe WiFi latency regression (up to multiple seconds) on 2.4 GHz introduced in 25.12.1 — affected many MediaTek devices including OpenWrt One, Zyxel EX5601, ASUS RT-AX53U, Xiaomi AX3000T/AX6000, Cudy WR3000/X6, GL Flint 2 and others (#22491)
• mt76: multiple further stability fixes for MediaTek WiFi chipsets (MT7615/MT7915/MT7996/MT7992/MT792x):
  • add per-link beacon monitoring for MLO (Multi-Link Operation)
  • fix MT7996/MT7992 link handling during MLO station add/remove
  • fix scan work requeue race with spinlock

Upgrading to 25.12.2

Upgrading from 24.10 to 25.12 should be transparent on most devices, as most configuration data has either remained the same or will be translated correctly on first boot by the package init scripts.
For upgrades within the OpenWrt 25.12 stable series, Attended Sysupgrade is also supported, which allows preserving the installed packages.

• Sysupgrade from 23.05 or earlier to 25.12 is not officially supported.

• Cron log level was fixed in busybox. system.@system[0].cronloglevel should be set to 7 for normal logging. 7 is the default now. If this option is not set, the default is used and no manual action is needed. fc0c518

• Bananapi BPI-R4: Interface eth1 was renamed to sfp-lan or lan4, and interface eth2 was renamed to sfp-wan to match the labels. You have to upgrade without saving the configuration. cd8dcfe

• TP-Link RE355 v1, RE450 v1 and RE450 v2: The partition layout and block size changed in this release to fix configuration loss on sysupgrade. Users upgrading from OpenWrt 25.12.0 or earlier must use sysupgrade -F to force the upgrade. The image must not exceed 5.875 MB (6016 KiB).

• Meraki MX60: Direct sysupgrade to 25.12.2 is not possible without manual preparation — meraki_loadaddr must be changed before upgrading, as the default value is insufficient to boot OpenWrt 25.12+. See the device wiki page for instructions.

Known issues

• Zyxel EX5601-T0: the WAN interface was renamed from eth1 to wan — check and update your network configuration after upgrading.
• Pixel 10 phones have problems connecting to WPA3-protected WiFi 6 APs. #21486
• 802.11r Fast Transition (FT) causes connection problems with some WiFi clients when WPA3 is used. #22200
• SQM CAKE MQ (cake_mq): throughput may be unexpectedly low on some configurations after the scheduler fixes in this release. #22344

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/25.12/notes-25.12.2

In particular, make sure to read the known issues before upgrading:
https://openwrt.org/releases/25.12/notes-25.12.2#known_issues

For a detailed list of all changes, refer to
https://openwrt.org/releases/25.12/changelog-25.12.2

To download the 25.12.2 images, navigate to:
https://downloads.openwrt.org/releases/25.12.2/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org?version=25.12.2

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

To stay informed of new OpenWrt releases and security advisories, there
are new channels available:

• a low-volume mailing list for important announcements:
  https://lists.openwrt.org/mailman/listinfo/openwrt-announce

• a dedicated "announcements" section in the forum:
  https://forum.openwrt.org/c/announcements/14

• other announcement channels (such as RSS feeds) might be added in the
  future, they will be listed at https://openwrt.org/contact

Hi,

The OpenWrt community is proud to announce the newest stable release of the OpenWrt 24.10 stable series.

Download firmware images using the OpenWrt Firmware Selector:

• https://firmware-selector.openwrt.org/?version=24.10.6

Download firmware images directly from our download servers:

• https://downloads.openwrt.org/releases/24.10.6/targets/

Main changes between OpenWrt 24.10.5 and OpenWrt 24.10.6

Only the main changes are listed below. See changelog-24.10.6 for the full changelog.

Security fixes

OpenWrt components (Trail of Bits audit, February 2026):

• CVE-2026-30871: Stack buffer overflow in umdns DNS PTR query handling (HIGH)
• CVE-2026-30872: Stack buffer overflow in umdns IPv6 reverse DNS lookup (HIGH)
• CVE-2026-30873: Memory leak in jsonpath when processing strings, labels, and regexp tokens (LOW)
• CVE-2026-30874: Command execution via PATH environment variable filter bypass in procd (LOW)

LuCI:

• CVE-2026-32721: Possible XSS attack via malicious SSID in LuCI WiFi scan modal (MEDIUM)

OpenSSL:

• openssl: update to 3.0.19, fixing multiple security vulnerabilities

Device support

• airoha: an7581: fix switch port and LED functionality
• ath79: CF-EW71 v2: fix MAC address assignment
• imx: Gateworks Venice GW72xx-2x, GW73xx-2x, GW75xx-0x, GW75xx-2x: add sysupgrade support
• ipq40xx: ASUS Lyra: fix reading of WiFi calibration data
• lantiq: fix GPIO expander clock, restoring correct LED and GPIO behaviour on affected devices
• mediatek: Banana Pi BPi-R3: fix PWM fan speed control — medium cooling level now works correctly
• mediatek: Cudy AP3000 v1, Cudy WR3000H: fix Ethernet connectivity on units with a Motorcomm PHY
• mediatek: Cudy M3000, ramips: Cudy AP1300 Outdoor: fix incorrect Ethernet port assignment
• mediatek: Cudy WR3000P: enable USB 3.0 support in default firmware image
• mediatek: GL-MT2500: fix sysupgrade compatibility from earlier releases
• mt7620: fix potential crash on MT7620-based devices
• ramips: mt76x8: fix boot counter tracking
• realtek: GS1900-24E: fix switch reliability

Various fixes and improvements

• imx: cortexa53: fix memory allocation for DMA-intensive operations
• jsonpath: fix memory leak (CVE-2026-30873)
• mac80211: ath11k: fix crash caused by unsupported 11ax EDCA parameters
• mac80211: ath9k: fix WiFi hang — chip is now automatically reset on inactivity
• mt76: mt76x02: fix WiFi traffic stall after interface reconfiguration
• procd: fix security issues (CVE-2026-30874) and other improvements
• umdns: fix security issues (CVE-2026-30871, CVE-2026-30872)

Core components update

• Linux kernel: update from 6.6.119 to 6.6.127
• openssl: update from 3.0.18 to 3.0.19
• procd: update from 2024-12-22 to 2026-03-14
• umdns: update from 2025-02-10 to 2026-02-06
• wireless-regdb: update from 2025.10.07 to 2026.02.04

OpenWrt 24.10 end of life

With the release of OpenWrt 25.12 stable series, the OpenWrt 24.10 stable series will go end of life in 6 months. We will not provide security updates for OpenWrt 24.10 after September 2026. We encourage everyone to upgrade to OpenWrt 25.12 before September 2026.

Upgrading to 24.10

Sysupgrade can be used to upgrade a device from 23.05 to 24.10, and configuration will be preserved in most cases.

For for upgrades inside the OpenWrt 24.10 stable series for example from a OpenWrt 24.10 release candidate Attended Sysupgrade is supported in addition which allows preserving the installed packages too.

• Sysupgrade from 22.03 to 24.10 is not officially supported.

• There is no configuration migration path for users of the ipq806x target for Qualcomm Atheros IPQ806X SoCs because it switched to DSA. You have to upgrade without saving the configuration.
  ''Image version mismatch. image 1.1 device 1.0 Please wipe config during upgrade (force required) or reinstall. Config cannot be migrated from swconfig to DSA Image check failed''

• User of the Linksys E8450 aka. Belkin RT3200 running OpenWrt 23.05 or earlier will need to run installer version v1.1.3 or later in order to reorganize the UBI layout for the 24.10 release. A detailed description is in the OpenWrt wiki. Updating without using the installer will break the device. Sysupgrade will show a warning before doing an incompatible upgrade.

• Users of the Xiaomi AX3200 aka. Redmi AX6S running OpenWrt 23.05 or earlier have to follow a special upgrade procedure described in the wiki. This will increase the flash memory available for OpenWrt. Updating without following the guide in the wiki break the device. Sysupgrade will show a warning before doing an incompatible upgrade.

• Users of Zyxel GS1900 series switches running OpenWrt 23.05 or earlier have to perform a new factory install with the initramfs image due to a changed partition layout. Sysupgrade will show a warning before doing an incompatible upgrade and is not possible. After upgrading, the config file /etc/config/system should not be restored from a backup, as this will overwrite the new compat_version value.

Known issues

• LEDs for Airoha AN8855 are not yet supported. Devices like the Xiaomi AX3000T with an Airoha switch will have their switch LEDs powered off. This issue will be addressed in an upcoming OpenWrt SNAPSHOT and the OpenWrt 24.10 minor release.
• 5GHz WiFi is non-functional on certain devices with ath10k chipsets. Affected models include the Phicomm K2T, TP-Link Archer C60 v3 and possibly others. For details, see issue #14541.

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/24.10/notes-24.10.6

In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/24.10/notes-24.10.6#known_issues

For a detailed list of all changes since 24.10.5, refer to
https://openwrt.org/releases/24.10/changelog-24.10.6

To download the 24.10.6 images, navigate to:
https://downloads.openwrt.org/releases/24.10.6/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org?version=24.10.6

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

To stay informed of new OpenWrt releases and security advisories, there
are new channels available:

• a low-volume mailing list for important announcements:
  https://lists.openwrt.org/mailman/listinfo/openwrt-announce

• a dedicated "announcements" section in the forum:
  https://forum.openwrt.org/c/announcements/14

• other announcement channels (such as RSS feeds) might be added in the
  future, they will be listed at https://openwrt.org/contact

Hi,

The OpenWrt community is proud to announce the first service release of the OpenWrt 25.12 stable series.

Download firmware images using the OpenWrt Firmware Selector:

• https://firmware-selector.openwrt.org/?version=25.12.1

Download firmware images directly from our download servers:

• https://downloads.openwrt.org/releases/25.12.1/targets/

Main changes between OpenWrt 25.12.0 and OpenWrt 25.12.1

Only the main changes are listed below. See the full changelog for details.

Security fixes

OpenWrt components (Trail of Bits audit, February 2026):

• CVE-2026-30871: Stack buffer overflow in umdns DNS PTR query handling (HIGH)
• CVE-2026-30872: Stack buffer overflow in umdns IPv6 reverse DNS lookup (HIGH)
• CVE-2026-30873: Memory leak in jsonpath when processing strings, labels, and regexp tokens (LOW)
• CVE-2026-30874: Command execution via PATH environment variable filter bypass in procd (LOW)

LuCI:

• CVE-2026-32721: Possible XSS attack via malicious SSID in LuCI WiFi scan modal (HIGH)

Additional hardening from the same Trail of Bits audit (no CVE assigned):

• odhcpd: fix stack buffer overflow in DHCPv6 Identity Association logging
• procd: fix out-of-bounds write in cgroup path building and cgroup rule application

Device support

• airoha: fix EN7581 PCIe initialization and add x2 (2-lane) link support — improves PCIe reliability and unlocks full bandwidth for affected devices
• ath79: TP-Link RE355 v1, RE450 v1/v2: fix partition alignment to prevent configuration loss on sysupgrade
• ipq40xx: Devolo Magic 2 WiFi next: enable device support
• ipq40xx: re-enable MeshPoint.One target
• ipq806x: AP3935: fix U-Boot NVMEM layout
• lantiq: fix GPIO expander clock (gpio-stp-xway) — restores correct LED and GPIO behaviour on affected devices
• lantiq: fix missing WAN MAC address assignment on some devices
• mediatek: Cudy M3000: add support for hardware variant with Motorcomm YT8821 PHY (previously only the Realtek PHY variant was supported)
• mediatek: TP-Link BE450: fix 10GbE PHY reset timing that caused intermittent boot stalls, add missing WLAN toggle button, fix reported memory size
• microchipsw: Novarq Tactical 1000: fix swapped SFP I2C buses for ports 1 and 3 — fixes SFP EEPROM read failures
• ramips: Keenetic KN-1910: fix sysupgrade functionality
• realtek: RTL838x-based switches: fix non-functional reboot
• treewide: Linksys devices: fix MAC address assignment

WiFi fixes and improvements

• mac80211: fix crash triggered by Channel Switch Announcement (CSA) when AP VLAN interfaces are in use
• mt76: add MT7990 firmware support (new MediaTek WiFi 7 chipset)
• mt76: mt7915: fix power save mode handling
• mt76: mt7921/MT7902: add MT7902e MCU and DMA layout support
• mt76: mt7996/mt7992: fix crash in transmit path, fix out-of-bounds access during hardware restart, improve MLO/CSA and radar detection support
• wifi-scripts: fix incorrect VHT160 capability advertisement — was incorrectly set on non-160 MHz AP configurations, degrading station upload speed (#22435)
• wifi-scripts: fix malformed wpa_supplicant config when 802.1X EAP credentials (identity, password, certificates) contain spaces (#22212)

Web interface (LuCI) and system fixes

• luci-mod-network: fix XSS vulnerability in WiFi scan modal (CVE-2026-32721)
• ustream-ssl (OpenSSL variant): fix use-after-free crash causing uhttpd (the LuCI web server) to crash under high load (#19349)

Networking and system fixes

• firewall4: set as the preferred firewall package over the legacy firewall package
• iptables: prefer the nftables-backed variants (iptables-nft, ip6tables-nft) when iptables is pulled in as a dependency
• kernel: CAKE QoS scheduler fixes — avoid unnecessary synchronization overhead when running without a rate limit, fix DiffServ rate scaling
• kernel: SFP: improve Huawei MA5671a module support — module is now accessible even when no fiber is connected
• odhcpd: fix segfault when disabling a DHCP interface, fix DHCPv4 lease tree corruption, fix truncated field in DHCPv6 lease queries, fix DNS search list padding
• ppp: fix potential memory safety issue (undefined behavior in memcpy with overlapping buffers); remove the MRU limit patch for PPPoE connections (ppp-project/ppp#573)

Package manager (apk)

• apk: update to version 3.0.5 with several OpenWrt-specific bug fixes
• apk: add --force-reinstall option to reinstall already-installed packages without requiring a version change

Core component updates

• apk: update from 3.0.2 to 3.0.5
• jsonfilter: update from 2025-10-04 to 2026-03-16 (fixes CVE-2026-30873)
• libubox: update from 2026-02-13 to 2026-03-13 (ABI version stabilized for 25.12 stable series)
• Linux kernel: update from 6.12.71 to 6.12.74
• odhcpd: update from 2026-01-19 to 2026-03-16
• omcproxy: update from 2025-10-04 to 2026-03-07
• procd: update from 2026-02-20 to 2026-03-14 (fixes CVE-2026-30874)
• umdns: update from 2025-10-04 to 2026-02-06 (fixes CVE-2026-30871, CVE-2026-30872)
• ustream-ssl: update from 2025-10-03 to 2026-03-01

Upgrading to 25.12.1

Upgrading from 24.10 to 25.12 should be transparent on most devices, as most configuration data has either remained the same or will be translated correctly on first boot by the package init scripts.
For upgrades within the OpenWrt 25.12 stable series, Attended Sysupgrade is also supported, which allows preserving the installed packages.

• Sysupgrade from 23.05 or earlier to 25.12 is not officially supported.

• Cron log level was fixed in busybox. system.@system[0].cronloglevel should be set to 7 for normal logging. 7 is the default now. If this option is not set, the default is used and no manual action is needed. fc0c518

• Bananapi BPI-R4: Interface eth1 was renamed to sfp-lan or lan4, and interface eth2 was renamed to sfp-wan to match the labels. You have to upgrade without saving the configuration. cd8dcfe

• TP-Link RE355 v1, RE450 v1 and RE450 v2: The partition layout and block size changed in this release to fix configuration loss on sysupgrade. Users upgrading from OpenWrt 25.12.0 or earlier must use sysupgrade -F to force the upgrade. The image must not exceed 5.875 MB (6016 KiB).

Known issues

• Zyxel EX5601-T0: the WAN interface was renamed from eth1 to wan — check and update your network configuration after upgrading.
• Pixel 10 phones have problems connecting to WPA3-protected WiFi 6 APs. #21486
• 802.11r Fast Transition (FT) causes connection problems with some WiFi clients when WPA3 is used. #22200
• SQM CAKE MQ (cake_mq): throughput may be unexpectedly low on some configurations after the scheduler fixes in this release. #22344
• 160 MHz channel width cannot be configured. #22481

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/25.12/notes-25.12.1

In particular, make sure to read the known issues before upgrading:
https://openwrt.org/releases/25.12/notes-25.12.1#known_issues

For a detailed list of all changes, refer to
https://openwrt.org/releases/25.12/changelog-25.12.1

To download the 25.12.1 images, navigate to:
https://downloads.openwrt.org/releases/25.12.1/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org?version=25.12.1

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

To stay informed of new OpenWrt releases and security advisories, there
are new channels available:

• a low-volume mailing list for important announcements:
  https://lists.openwrt.org/mailman/listinfo/openwrt-announce

• a dedicated "announcements" section in the forum:
  https://forum.openwrt.org/c/announcements/14

• other announcement channels (such as RSS feeds) might be added in the
  future, they will be listed at https://openwrt.org/contact

Hi,

The OpenWrt community is proud to announce the first stable release of the OpenWrt 25.12 stable series.

Download firmware images using the OpenWrt Firmware Selector:

• https://firmware-selector.openwrt.org?version=25.12.0

Download firmware images directly from our download servers:

• https://downloads.openwrt.org/releases/25.12.0/targets/

Highlights in OpenWrt 25.12

OpenWrt 25.12.0 incorporates over 4700 commits since branching the previous OpenWrt 24.10 release and has been under development for over one year.

Only the main changes are listed below. See changelog-25.12.0 for the full changelog.

Honoring Dave Täht

OpenWrt 25.12 is named Dave's Guitar to honor Dave Täht, who sadly passed away on April 1, 2025.

Dave played a key role in reducing bufferbloat and improving network latency in OpenWrt and across the wider internet. His work made networks faster, more responsive, and more reliable for millions of users.

This release is dedicated to his memory and lasting impact on the networking community.

General changes

The hardware requirements did not change significantly. Most devices supported by OpenWrt 24.10 are also supported in OpenWrt 25.12.

Switch package manager from opkg to apk

OpenWrt has transitioned from the traditional opkg package manager to apk (Alpine Package Keeper).

This change brings several advantages:

• apk is still maintained; the OpenWrt opkg fork is no longer maintained.

apk supports most features of opkg. Only very few package names changed. The command line arguments of apk are different from the command line arguments of opkg.

For users migrating existing systems, an official opkg to apk cheatsheet is available to ease the transition and map common workflows.

Integration of attended sysupgrade

The attended sysupgrade LuCI application is now installed by default.
owut is included by default in images for devices with larger flash storage.

ASU allows devices to:

• Upgrade to new OpenWrt firmware versions
• Automatically rebuild firmware images with all currently installed packages
• Preserve system configuration during upgrades
• ASU allows integrating additional installed packages directly into the SquashFS filesystem, which stores packages more efficiently than the overlay filesystem.

This dramatically simplifies upgrades: with just a few clicks in LuCI and a short wait, a custom firmware image is built and installed without manual intervention.

Shell history is preserved

Shell command history is now preserved across sessions by storing it in a RAM-backed filesystem.

Benefits:

• Command history is no longer lost between logins
• No unnecessary writes to flash storage by default

For users who prefer persistent history storage, this behavior can be changed by editing: ''/etc/profile.d/busybox-history-file.sh''

⚠️ Note: Storing history on flash will increase write cycles and may impact flash endurance over time.

Integration of video feed

The OpenWrt video feed with Qt5 and UI applications is integrated by default.

Wi-Fi scripts in ucode

The Wi-Fi scripts were rewritten in ucode.
This is part of the rewrite of the management scripts from shell scripts to ucode.

uCode is used for system scripts because it is faster and safer than shell scripts, and integrates directly with ubus and UCI.

Wi-Fi and network management scripts rewritten in uCode run faster, have fewer errors, and are easier to maintain.

Target changes

• Extend the realtek target with support for more switch SoCs like 10G Ethernet switches.
• Extend the qualcommax target with support for ipq50xx and ipq60xx SoCs.
• Added the siflower target for Siflower SF21A6826/SF21H8898 SoCs
• Added the sunxi/arm926ejs subtarget for Allwinner F1C100/200s SoCs
• Added the microchipsw/lan969x target with support for Microchip LAN969x switches.

Many new devices added

OpenWrt 25.12 supports over 2200 devices. Support for over 180 new devices was added in addition to the devices already supported in OpenWrt 24.10.
Most devices already supported by OpenWrt 24.10 are still supported.

Core components update

Core components have the following versions in 25.12.0:

• Updated toolchain:
  • musl libc 1.2.5
  • glibc 2.41
  • gcc 14.3.0
  • binutils 2.44
• Updated Linux kernel
  • 6.12.71 for all targets
• main packages:
  • cfg80211/mac80211 from kernel 6.18.7
  • hostapd master snapshot from August 2025
  • dnsmasq 2.91
  • dropbear 2025.89
  • busybox 1.37.0

In addition to the listed applications, many others were also updated.

OpenWrt 24.10 end of life

With the release of OpenWrt 25.12 stable series, the OpenWrt 24.10 stable series will go end of life in 6 months. We will not provide security updates for OpenWrt 24.10 after September 2026. We encourage everyone to upgrade to OpenWrt 25.12 before September 2026.

Upgrading to 25.12

Upgrading from 24.10 to 25.12 should be transparent on most devices, as most configuration data has either remained the same or will be translated correctly on first boot by the package init scripts.

• Sysupgrade from 23.05 to 25.12 is not officially supported.

• Cron log level was fixed in busybox. system.@system[0].cronloglevel should be set to 7 for normal logging. 7 is the default now. If this option is not set, the default is used and no manual action is needed.

• Bananapi BPI-R4: Interfaces ''eth1'' was renamed to ''sfp-lan'' or ''lan4'', and interface ''eth2'' was renamed to ''sfp-wan'' to match the labels. You have to upgrade without saving the configuration.

Scratch installs/upgrades

If you wish to start from scratch (always the safest, but also the most work), simply download the pre-built image from the downloads site or from the Firmware Selector to your device. Make sure to create and save a backup, then install the image using sysupgrade -n /tmp/firmware.bin or the LuCI Backup/Flash Firmware, being sure to set "Keep settings and retain the current configuration" to its off position. Restore or reconstruct your configuration using the contents of the backup as a template.

Attended Sysupgrade options

Attended Sysupgrade (ASU) allows you to build a custom image that retains all of your installed packages and their configuration transparently. You need to use one of the three ASU clients that interface with the ASU server to produce this custom image:

• Firmware Selector - an online builder that requires you to manually supply it with the packages you wish to have installed. This package list is sent to the ASU server, and a new custom device image is created containing those packages. You may then download and install the image in LuCI Backup/Flash Firmware, but for this you would enable "Keep settings..."
• Luci Attended Sysupgrade - the web interface to the ASU server. This tool allows you to choose a new OpenWrt version, then collects the names of the packages on your device and sends them up to the ASU server. LuCI ASU then downloads the created image directly to your device and allows you to install it, without having to do any of the bookkeeping tasks involved with using the Firmware Selector.
• owut - a command line package that does the same job as LuCI ASU, but provides more diagnostics and better visibility into what's happening at the various steps before and during the build process.

Both the LuCI ASU app and owut are optional packages in 24.10, so if you have not installed them, they won't be there by default. Use either the LuCI Package Manager to install them, or you can do it from the command line with opkg:

$ opkg update
$ opkg install luci-app-attendedsysupgrade
$ opkg install owut

Note that you can install one or the other, or both together, they are completely independent packages.

Upgrades with Firmware Selector

The Firmware Selector does an excellent job of searching through the thousands of available device configurations and getting you to the right place. But, some devices have several variants and possibly different image formats, so if you're unsure about which one you need or which device you're dealing with or anything else, go to the |Firmware Selector support thread and ask away.

Upgrades with LuCI Attended Sysupgrade

The LuCI web interface is fairly self-explanatory. If anything is unclear, please refer to the LuCI Attended Sysupgrade support thread for guidance.

Upgrades with owut

If you choose to use owut, the fact that it's a command line program means you'll need a little more explanation regarding best practices. In any situation, it's always safe to do a check to see what's going on.

$ owut check --verbose --version-to 25.12
... a lot of output ...

This check should show you all the details of what this upgrade entails with regards to the packages available, and will point out any issues with package versions and so on.

Assuming the results of the check look good, you can simply do an upgrade next.

$ owut upgrade --verbose --version-to 25.12
... even more output ...

If you are unsure of anything you see in the check, during the upgrade, or simply have questions, jump on over to the owut support thread on the forum and ask.

Known issues

• Users of Zyxel EX5601-T0 devices need to check their WAN interfaces as the port was renamed from eth1 to wan.
• Pixel 10 phones have problems connecting to WPA3 protected WiFi 6 APs. #21486
• 802.11r Fast Transition (FT) causes problems with some WiFi clients when WPA3 is used. #22200

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/25.12/notes-25.12.0

In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/25.12/notes-25.12.0#known_issues

For a detailed list of all changes since branching of 24.10, refer to
https://openwrt.org/releases/25.12/changelog-25.12.0

To download the 25.12.0 images, navigate to:
https://downloads.openwrt.org/releases/25.12.0/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org?version=25.12.0

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

To stay informed of new OpenWrt releases and security advisories, there
are new channels available:

• a low-volume mailing list for important announcements:
  https://lists.openwrt.org/mailman/listinfo/openwrt-announce

• a dedicated "announcements" section in the forum:
  https://forum.openwrt.org/c/announcements/14

• other announcement channels (such as RSS feeds) might be added in the
  future, they will be listed at https://openwrt.org/contact

The OpenWrt community is proud to announce the fifth release candidate of the OpenWrt 25.12 stable series.

Download firmware images using the OpenWrt Firmware Selector:

• https://firmware-selector.openwrt.org?version=25.12.0-rc5

Download firmware images directly from our download servers:

• https://downloads.openwrt.org/releases/25.12.0-rc5/targets/

Please test this version

This is not the final version, this is a test version. Please report problems and bugs in our issue tracker.

Highlights in OpenWrt 25.12

OpenWrt 25.12.0-rc5 incorporates over 4600 commits since branching the previous OpenWrt 24.10 release and has been under development for over one year.

Only the main changes are listed below. See changelog-25.12.0-rc5 for the full changelog.

General changes

The hardware requirements did not change significantly, most devices supported by OpenWrt 24.10 should also work with OpenWrt 25.12.

Switch package manager from opkg to apk

OpenWrt has transitioned from the traditional opkg package manager to apk (Alpine Package Keeper).

This change brings several advantages:

• apk is still maintained, the OpenWrt opkg fork was not maintained any more.

apk supports most features of opkg. Only very few package names changed. The command line arguments of apk are different from the command line arguments of opkg.

For users migrating existing systems, an official opkg to apk cheatsheet is available to ease the transition and map common workflows.

Integration of attended sysupgrade

The attended sysupgrade LuCI application is now installed by default.

ASU allows devices to:

• Upgrade to new OpenWrt firmware versions
• Automatically rebuild firmware images with all currently installed packages
• Preserve system configuration during upgrades

This dramatically simplifies upgrades: with just a few clicks in LuCI and a short wait, a custom firmware image is built and installed without manual intervention.

Shell history is preserved

Shell command history is now preserved across sessions by storing it in a RAM-backed filesystem.

Benefits:

• Command history is no longer lost between logins
• No unnecessary writes to flash storage by default

For users who prefer persistent history storage, this behavior can be changed by editing: /etc/profile.d/busybox-history-file.sh

⚠️ Note: Storing history on flash will increase write cycles and may impact flash endurance over time.

Integration of video feed

The OpenWrt video feed with Qt5 and UI applications is integrated by default.

Wi-Fi scripts in ucode

The wifi scripts were rewritten in ucode.

Target changes

• Extend realtek target with support for more switch SoCs like 10G Ethernet switches.
• Extend qualcommax target with support for ipq50xx and ipq60xx SoCs.
• Added siflower target for Siflower SF21A6826/SF21H8898 SoCs
• Added sunxi/arm926ejs subtarget for Allwinner F1C100/200s SoCs

Many new devices added

OpenWrt 25.12 supports over 2240 devices. Support for over 220 new devices was added in addition to the device support by OpenWrt 24.10.

Core components update

Core components have the following versions in 25.12.0-rc5:

• Updated toolchain:
  • musl libc 1.2.5
  • glibc 2.41
  • gcc 14.3.0
  • binutils 2.44
• Updated Linux kernel
  • 6.12.71 for all targets
• main packages:
  • cfg80211/mac80211 from kernel 6.18.7
  • hostapd master snapshot from August 2025
  • dnsmasq 2.91
  • dropbear 2025.89
  • busybox 1.37.0

In addition to the listed applications, many others were also updated.

Upgrading to 25.12

Upgrading from 24.10 to 25.12 should be transparent on most devices, as most configuration data has either remained the same or will be translated correctly on first boot by the package init scripts.

• Sysupgrade from 23.05 to 25.12 is not officially supported.

• Cron log level was fixed in busybox. system.@system[0].cronloglevel should be set to 7 for normal logging. 7 is the default now. If this option is not set, the default is used and no manual action is needed.

• Bananapi BPI-R4: Interfaces eth1 was renamed to sfp-lan or lan4 and the interface eth2 was renamed to sfp-wan to match the labels. You have to upgrade without saving the configuration.

Scratch installs/upgrades

If you wish to start from scratch (always the safest, but also the most work), simply download the pre-built image from the downloads site or from the Firmware Selector to your device. Make sure to create and save a backup, then install the image using sysupgrade -n /tmp/firmware.bin or the LuCI Backup/Flash Firmware, being sure to set "Keep settings and retain the current configuration" to its off position. Restore or reconstruct your configuration using the contents of the backup as a template.

Attended Sysupgrade options

Attended Sysupgrade (ASU) allows you to build a custom image that retains all of your installed packages and their configuration transparently. You need to use one of the three ASU clients that interface with the ASU server to produce this custom image:

• Firmware Selector - an online builder that requires you to manually supply it with the packages you wish to have installed. This package list is sent to the ASU server, and a new custom device image is created containing those packages. You may then download and install the image in LuCI Backup/Flash Firmware, but for this you would enable "Keep settings..."
• Luci Attended Sysupgrade - the web interface to the ASU server. This tool allows you to choose a new OpenWrt version, then collects the names of the packages on your device and sends them up to the ASU server. LuCI ASU then downloads the created image directly to your device and allows you to install it, without having to do any of the bookkeeping tasks involved with using the Firmware Selector.
• owut - a command line package that does the same job as LuCI ASU, but provides more diagnostics and better visibility into what's happening at the various steps before and during the build process.

Both the LuCI ASU app and owut are optional packages in 24.10, so if you have not installed them, they won't be there by default. Use either the LuCI Package Manager to install them, or you can do it from the command line with opkg:

$ opkg update
$ opkg install luci-app-attendedsysupgrade
$ opkg install owut

Note that you can install one or the other, or both together, they are completely independent packages.

Upgrades with Firmware Selector

The Firmware Selector does an excellent job of searching through the thousands of available device configurations and getting you to the right place. But, some devices have several variants and possibly different image formats, so if you're unsure about which one you need or which device you're dealing with or anything else, go to the |Firmware Selector support thread and ask away.

Upgrades with LuCI Attended Sysupgrade

The LuCI web interface should be fairly self explanatory. Since you have fairly limited options there that should be pretty obvious, but if anything is unclear or you're unsure about something, go to the LuCI Attended Sysupgrade support thread and ask.

Upgrades with owut

If you choose to use owut, the fact that it's a command line program means you'll need a little more explanation regarding best practices. In any situation, it's always safe to do a check to see what's going on.

$ owut check --verbose --version-to 25.12
... a lot of output ...

This check should show you all the details of what this upgrade entails with regards to the packages available, and will point out any issues with package versions and so on.

Assuming the results of the check look good, you can simply do an upgrade next.

$ owut upgrade --verbose --version-to 25.12
... even more output ...

If you are unsure of anything you see in the check, during the upgrade, or simply have questions, jump on over to the owut support thread on the forum and ask.

Known issues

• Users of Zyxel EX5601-T0 devices need to check their WAN interfaces as port was renamed from eth1 to wan.

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/25.12/notes-25.12.0-rc5

In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/25.12/notes-25.12.0-rc5#known_issues

For a detailed list of all changes since 25.12.0-rc4, refer to
https://openwrt.org/releases/25.12/changelog-25.12.0-rc5

To download the 25.12.0-rc5 images, navigate to:
https://downloads.openwrt.org/releases/25.12.0-rc5/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org?version=25.12.0-rc5

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

To stay informed of new OpenWrt releases and security advisories, there
are new channels available:

• a low-volume mailing list for important announcements:
  https://lists.openwrt.org/mailman/listinfo/openwrt-announce

• a dedicated "announcements" section in the forum:
  https://forum.openwrt.org/c/announcements/14

• other announcement channels (such as RSS feeds) might be added in the
  future, they will be listed at https://openwrt.org/contact

Hi,

The OpenWrt community is proud to announce the fourth release candidate of the OpenWrt 25.12 stable series.

Download firmware images using the OpenWrt Firmware Selector:

• https://firmware-selector.openwrt.org?version=25.12.0-rc4

Download firmware images directly from our download servers:

• https://downloads.openwrt.org/releases/25.12.0-rc4/targets/

Please test this version

This is not the final version, this is a test version. Please report problems and bugs in our issue tracker.

Highlights in OpenWrt 25.12

OpenWrt 25.12.0-rc4 incorporates over 4300 commits since branching the previous OpenWrt 24.10 release and has been under development for over one year.

Only the main changes are listed below. See changelog-25.12.0-rc4 for the full changelog.

General changes

The hardware requirements did not change significantly, most devices supported by OpenWrt 24.10 should also work with OpenWrt 25.12.

Switch package manager from opkg to apk

OpenWrt has transitioned from the traditional opkg package manager to apk (Alpine Package Keeper).

This change brings several advantages:

• apk is still maintained, the OpenWrt opkg fork was not maintained any more.

apk supports most features of opkg. Only very few package names changed. The command line arguments of apk are different from the command line arguments of opkg.

For users migrating existing systems, an official opkg to apk cheatsheet is available to ease the transition and map common workflows.

Integration of attended sysupgrade

The attended sysupgrade LuCI application is now installed by default.

ASU allows devices to:

• Upgrade to new OpenWrt firmware versions
• Automatically rebuild firmware images with all currently installed packages
• Preserve system configuration during upgrades

This dramatically simplifies upgrades: with just a few clicks in LuCI and a short wait, a custom firmware image is built and installed without manual intervention.

Shell history is preserved

Shell command history is now preserved across sessions by storing it in a RAM-backed filesystem.

Benefits:

• Command history is no longer lost between logins
• No unnecessary writes to flash storage by default

For users who prefer persistent history storage, this behavior can be changed by editing: /etc/profile.d/busybox-history-file.sh

⚠️ Note: Storing history on flash will increase write cycles and may impact flash endurance over time.

Integration of video feed

The OpenWrt video feed with Qt5 and UI applications is integrated by default.

Wi-Fi scripts in ucode

The wifi scripts were rewritten in ucode.

Target changes

• Extend realtek target with support for more switch SoCs like 10G Ethernet switches.
• Extend qualcommax target with support for ipq50xx and ipq60xx SoCs.
• Added siflower target for Siflower SF21A6826/SF21H8898 SoCs
• Added sunxi/arm926ejs subtarget for Allwinner F1C100/200s SoCs

Many new devices added

OpenWrt 25.12 supports over 2180 devices. Support for over 160 new devices was added in addition to the device support by OpenWrt 24.10.

Core components update

Core components have the following versions in 25.12.0-rc4:

• Updated toolchain:
  • musl libc 1.2.5
  • glibc 2.41
  • gcc 14.3.0
  • binutils 2.44
• Updated Linux kernel
  • 6.12.66 for all targets
• main packages:
  • cfg80211/mac80211 from kernel 6.18.7
  • hostapd master snapshot from August 2025
  • dnsmasq 2.91
  • dropbear 2025.89
  • busybox 1.37.0

In addition to the listed applications, many others were also updated.

Upgrading to 25.12

Upgrading from 24.10 to 25.12 should be transparent on most devices, as most configuration data has either remained the same or will be translated correctly on first boot by the package init scripts.

• Sysupgrade from 23.05 to 25.12 is not officially supported.

• Cron log level was fixed in busybox. system.@system[0].cronloglevel should be set to 7 for normal logging. 7 is the default now. If this option is not set, the default is used and no manual action is needed.

• Bananapi BPI-R4: Interfaces eth1 was renamed to sfp-lan or lan4 and the interface eth2 was renamed to sfp-wan to match the labels. You have to upgrade without saving the configuration.

Scratch installs/upgrades

If you wish to start from scratch (always the safest, but also the most work), simply download the pre-built image from the downloads site or from the Firmware Selector to your device. Make sure to create and save a backup, then install the image using sysupgrade -n /tmp/firmware.bin or the LuCI Backup/Flash Firmware, being sure to set "Keep settings and retain the current configuration" to its off position. Restore or reconstruct your configuration using the contents of the backup as a template.

Attended Sysupgrade options

Attended Sysupgrade (ASU) allows you to build a custom image that retains all of your installed packages and their configuration transparently. You need to use one of the three ASU clients that interface with the ASU server to produce this custom image:

• Firmware Selector - an online builder that requires you to manually supply it with the packages you wish to have installed. This package list is sent to the ASU server, and a new custom device image is created containing those packages. You may then download and install the image in LuCI Backup/Flash Firmware, but for this you would enable "Keep settings..."
• Luci Attended Sysupgrade - the web interface to the ASU server. This tool allows you to choose a new OpenWrt version, then collects the names of the packages on your device and sends them up to the ASU server. LuCI ASU then downloads the created image directly to your device and allows you to install it, without having to do any of the bookkeeping tasks involved with using the Firmware Selector.
• owut - a command line package that does the same job as LuCI ASU, but provides more diagnostics and better visibility into what's happening at the various steps before and during the build process.

Both the LuCI ASU app and owut are optional packages in 24.10, so if you have not installed them, they won't be there by default. Use either the LuCI Package Manager to install them, or you can do it from the command line with opkg:

$ opkg update
$ opkg install luci-app-attendedsysupgrade
$ opkg install owut

Note that you can install one or the other, or both together, they are completely independent packages.

Upgrades with Firmware Selector

The Firmware Selector does an excellent job of searching through the thousands of available device configurations and getting you to the right place. But, some devices have several variants and possibly different image formats, so if you're unsure about which one you need or which device you're dealing with or anything else, go to the |Firmware Selector support thread and ask away.

Upgrades with LuCI Attended Sysupgrade

The LuCI web interface should be fairly self explanatory. Since you have fairly limited options there that should be pretty obvious, but if anything is unclear or you're unsure about something, go to the LuCI Attended Sysupgrade support thread and ask.

Upgrades with owut

If you choose to use owut, the fact that it's a command line program means you'll need a little more explanation regarding best practices. In any situation, it's always safe to do a check to see what's going on.

$ owut check --verbose --version-to 25.12
... a lot of output ...

This check should show you all the details of what this upgrade entails with regards to the packages available, and will point out any issues with package versions and so on.

Assuming the results of the check look good, you can simply do an upgrade next.

$ owut upgrade --verbose --version-to 25.12
... even more output ...

If you are unsure of anything you see in the check, during the upgrade, or simply have questions, jump on over to the owut support thread on the forum and ask.

Known issues

• Users of Zyxel EX5601-T0 devices need to check their WAN interfaces as port was renamed from eth1 to wan.
• The rockchip target does not build. rockchip will be included in the next release candidate again.

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/25.12/notes-25.12.0-rc4

In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/25.12/notes-25.12.0-rc4#known_issues

For a detailed list of all changes since 25.12.0-rc3, refer to
https://openwrt.org/releases/25.12/changelog-25.12.0-rc4

To download the 25.12.0-rc4 images, navigate to:
https://downloads.openwrt.org/releases/25.12.0-rc4/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org?version=25.12.0-rc4

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

To stay informed of new OpenWrt releases and security advisories, there
are new channels available:

• a low-volume mailing list for important announcements:
  https://lists.openwrt.org/mailman/listinfo/openwrt-announce

• a dedicated "announcements" section in the forum:
  https://forum.openwrt.org/c/announcements/14

• other announcement channels (such as RSS feeds) might be added in the
  future, they will be listed at https://openwrt.org/contact

Hi,

The OpenWrt community is proud to announce the third release candidate of the OpenWrt 25.12 stable series.

Download firmware images using the OpenWrt Firmware Selector:

• https://firmware-selector.openwrt.org?version=25.12.0-rc3

Download firmware images directly from our download servers:

• https://downloads.openwrt.org/releases/25.12.0-rc3/targets/

Please test this version

This is not the final version, this is a test version. Please report problems and bugs in our issue tracker.

Highlights in OpenWrt 25.12

OpenWrt 25.12.0-rc3 incorporates over 4300 commits since branching the previous OpenWrt 24.10 release and has been under development for over one year.

Only the main changes are listed below. See changelog-25.12.0-rc3 for the full changelog.

General changes

The hardware requirements did not change significantly, most devices supported by OpenWrt 24.10 should also work with OpenWrt 25.12.

Switch package manager from opkg to apk

OpenWrt has transitioned from the traditional opkg package manager to apk (Alpine Package Keeper).

This change brings several advantages:

• apk is still maintained, the OpenWrt opkg fork was not maintained any more.

apk supports most features of opkg. Only very few package names changed. The command line arguments of apk are different from the command line arguments of opkg.

For users migrating existing systems, an official opkg to apk cheatsheet is available to ease the transition and map common workflows.

Integration of attended sysupgrade

The attended sysupgrade LuCI application is now installed by default.

ASU allows devices to:

• Upgrade to new OpenWrt firmware versions
• Automatically rebuild firmware images with all currently installed packages
• Preserve system configuration during upgrades

This dramatically simplifies upgrades: with just a few clicks in LuCI and a short wait, a custom firmware image is built and installed without manual intervention.

Shell history is preserved

Shell command history is now preserved across sessions by storing it in a RAM-backed filesystem.

Benefits:

• Command history is no longer lost between logins
• No unnecessary writes to flash storage by default

For users who prefer persistent history storage, this behavior can be changed by editing: /etc/profile.d/busybox-history-file.sh

⚠️ Note: Storing history on flash will increase write cycles and may impact flash endurance over time.

Integration of video feed

The OpenWrt video feed with Qt5 and UI applications is integrated by default.

Wi-Fi scripts in ucode

The wifi scripts were rewritten in ucode.

Target changes

• Extend realtek target with support for more switch SoCs like 10G Ethernet switches.
• Extend qualcommax target with support for ipq50xx and ipq60xx SoCs.
• Added siflower target for Siflower SF21A6826/SF21H8898 SoCs
• Added sunxi/arm926ejs subtarget for Allwinner F1C100/200s SoCs

Many new devices added

OpenWrt 25.12 supports over 2180 devices. Support for over 160 new devices was added in addition to the device support by OpenWrt 24.10.

Core components update

Core components have the following versions in 25.12.0-rc3:

• Updated toolchain:
  • musl libc 1.2.5
  • glibc 2.41
  • gcc 14.3.0
  • binutils 2.44
• Updated Linux kernel
  • 6.12.66 for all targets
• main packages:
  • cfg80211/mac80211 from kernel 6.18.0
  • hostapd master snapshot from August 2025
  • dnsmasq 2.91
  • dropbear 2025.89
  • busybox 1.37.0

In addition to the listed applications, many others were also updated.

Upgrading to 25.12

Upgrading from 24.10 to 25.12 should be transparent on most devices, as most configuration data has either remained the same or will be translated correctly on first boot by the package init scripts.

• Sysupgrade from 23.05 to 25.12 is not officially supported.

• Cron log level was fixed in busybox. system.@system[0].cronloglevel should be set to 7 for normal logging. 7 is the default now. If this option is not set, the default is used and no manual action is needed.

• Bananapi BPI-R4: Interfaces eth1 was renamed to sfp-lan or lan4 and the interface eth2 was renamed to sfp-wan to match the labels. You have to upgrade without saving the configuration.

Scratch installs/upgrades

If you wish to start from scratch (always the safest, but also the most work), simply download the pre-built image from the downloads site or from the Firmware Selector to your device. Make sure to create and save a backup, then install the image using sysupgrade -n /tmp/firmware.bin or the LuCI Backup/Flash Firmware, being sure to set "Keep settings and retain the current configuration" to its off position. Restore or reconstruct your configuration using the contents of the backup as a template.

Attended Sysupgrade options

Attended Sysupgrade (ASU) allows you to build a custom image that retains all of your installed packages and their configuration transparently. You need to use one of the three ASU clients that interface with the ASU server to produce this custom image:

• Firmware Selector - an online builder that requires you to manually supply it with the packages you wish to have installed. This package list is sent to the ASU server, and a new custom device image is created containing those packages. You may then download and install the image in LuCI Backup/Flash Firmware, but for this you would enable "Keep settings..."
• Luci Attended Sysupgrade - the web interface to the ASU server. This tool allows you to choose a new OpenWrt version, then collects the names of the packages on your device and sends them up to the ASU server. LuCI ASU then downloads the created image directly to your device and allows you to install it, without having to do any of the bookkeeping tasks involved with using the Firmware Selector.
• owut - a command line package that does the same job as LuCI ASU, but provides more diagnostics and better visibility into what's happening at the various steps before and during the build process.

Both the LuCI ASU app and owut are optional packages in 24.10, so if you have not installed them, they won't be there by default. Use either the LuCI Package Manager to install them, or you can do it from the command line with opkg:

$ opkg update
$ opkg install luci-app-attendedsysupgrade
$ opkg install owut

Note that you can install one or the other, or both together, they are completely independent packages.

Upgrades with Firmware Selector

The Firmware Selector does an excellent job of searching through the thousands of available device configurations and getting you to the right place. But, some devices have several variants and possibly different image formats, so if you're unsure about which one you need or which device you're dealing with or anything else, go to the |Firmware Selector support thread and ask away.

Upgrades with LuCI Attended Sysupgrade

The LuCI web interface should be fairly self explanatory. Since you have fairly limited options there that should be pretty obvious, but if anything is unclear or you're unsure about something, go to the LuCI Attended Sysupgrade support thread and ask.

Upgrades with owut

If you choose to use owut, the fact that it's a command line program means you'll need a little more explanation regarding best practices. In any situation, it's always safe to do a check to see what's going on.

$ owut check --verbose --version-to 25.12
... a lot of output ...

This check should show you all the details of what this upgrade entails with regards to the packages available, and will point out any issues with package versions and so on.

Assuming the results of the check look good, you can simply do an upgrade next.

$ owut upgrade --verbose --version-to 25.12
... even more output ...

If you are unsure of anything you see in the check, during the upgrade, or simply have questions, jump on over to the owut support thread on the forum and ask.

Known issues

• Users of Zyxel EX5601-T0 devices need to check their WAN interfaces as port was renamed from eth1 to wan.
• Microchip LAN969x devices are missing the network driver, so no network ports work.

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/25.12/notes-25.12.0-rc3

In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/25.12/notes-25.12.0-rc3#known_issues

For a detailed list of all changes since 25.12.0-rc2, refer to
https://openwrt.org/releases/25.12/changelog-25.12.0-rc3

To download the 25.12.0-rc3 images, navigate to:
https://downloads.openwrt.org/releases/25.12.0-rc3/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org?version=25.12.0-rc3

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

To stay informed of new OpenWrt releases and security advisories, there
are new channels available:

• a low-volume mailing list for important announcements:
  https://lists.openwrt.org/mailman/listinfo/openwrt-announce

• a dedicated "announcements" section in the forum:
  https://forum.openwrt.org/c/announcements/14

• other announcement channels (such as RSS feeds) might be added in the
  future, they will be listed at https://openwrt.org/contact

The OpenWrt community is proud to announce the second release candidate of the OpenWrt 25.12 stable series.

Download firmware images using the OpenWrt Firmware Selector:

• https://firmware-selector.openwrt.org?version=25.12.0-rc2

Download firmware images directly from our download servers:

• https://downloads.openwrt.org/releases/25.12.0-rc2/targets/

Please test this version

This is not the final version, this is a test version. Please report problems and bugs in our issue tracker.

Highlights in OpenWrt 25.12

OpenWrt 25.12.0-rc2 incorporates over 4300 commits since branching the previous OpenWrt 24.10 release and has been under development for over one year.

Only the main changes are listed below. See changelog-25.12.0-rc2 for the full changelog.

General changes

The hardware requirements did not change significantly, most devices supported by OpenWrt 24.10 should also work with OpenWrt 25.12.

Switch package manager from opkg to apk

OpenWrt has transitioned from the traditional opkg package manager to apk (Alpine Package Keeper).

This change brings several advantages:

• apk is still maintained, the OpenWrt opkg fork was not maintained any more.

apk supports most features of opkg. Only very few package names changed. The command line arguments of apk are different from the command line arguments of opkg.

For users migrating existing systems, an official opkg to apk cheatsheet is available to ease the transition and map common workflows.

Integration of attended sysupgrade

The attended sysupgrade LuCI application is now installed by default.

ASU allows devices to:

• Upgrade to new OpenWrt firmware versions
• Automatically rebuild firmware images with all currently installed packages
• Preserve system configuration during upgrades

This dramatically simplifies upgrades: with just a few clicks in LuCI and a short wait, a custom firmware image is built and installed without manual intervention.

Shell history is preserved

Shell command history is now preserved across sessions by storing it in a RAM-backed filesystem.

Benefits:

• Command history is no longer lost between logins
• No unnecessary writes to flash storage by default

For users who prefer persistent history storage, this behavior can be changed by editing: /etc/profile.d/busybox-history-file.sh

⚠️ Note: Storing history on flash will increase write cycles and may impact flash endurance over time.

Integration of video feed

The OpenWrt video feed with Qt5 and UI applications is integrated by default.

Wi-Fi scripts in ucode

The wifi scripts were rewritten in ucode.

Target changes

• Extend realtek target with support for more switch SoCs like 10G Ethernet switches.
• Extend qualcommax target with support for ipq50xx and ipq60xx SoCs.
• Added siflower target for Siflower SF21A6826/SF21H8898 SoCs
• Added sunxi/arm926ejs subtarget for Allwinner F1C100/200s SoCs

Many new devices added

OpenWrt 25.12 supports over 2180 devices. Support for over 160 new devices was added in addition to the device support by OpenWrt 24.10.

Core components update

Core components have the following versions in 25.12.0-rc1:

• Updated toolchain:
  • musl libc 1.2.5
  • glibc 2.41
  • gcc 14.3.0
  • binutils 2.44
• Updated Linux kernel
  • 6.12.63 for all targets
• main packages:
  • cfg80211/mac80211 from kernel 6.18.0
  • hostapd master snapshot from August 2025
  • dnsmasq 2.91
  • dropbear 2025.89
  • busybox 1.37.0

In addition to the listed applications, many others were also updated.

Upgrading to 25.12

Upgrading from 24.10 to 25.12 should be transparent on most devices, as most configuration data has either remained the same or will be translated correctly on first boot by the package init scripts.

• Sysupgrade from 23.05 to 25.12 is not officially supported.

• Cron log level was fixed in busybox. system.@system[0].cronloglevel should be set to 7 for normal logging. 7 is the default now. If this option is not set, the default is used and no manual action is needed.

• Bananapi BPI-R4: Interfaces eth1 was renamed to sfp-lan or lan4 and the interface eth2 was renamed to sfp-wan to match the labels. You have to upgrade without saving the configuration.

Scratch installs/upgrades

If you wish to start from scratch (always the safest, but also the most work), simply download the pre-built image from the downloads site or from the Firmware Selector to your device. Make sure to create and save a backup, then install the image using sysupgrade -n /tmp/firmware.bin or the LuCI Backup/Flash Firmware, being sure to set "Keep settings and retain the current configuration" to its off position. Restore or reconstruct your configuration using the contents of the backup as a template.

Attended Sysupgrade options

Attended Sysupgrade (ASU) allows you to build a custom image that retains all of your installed packages and their configuration transparently. You need to use one of the three ASU clients that interface with the ASU server to produce this custom image:

• Firmware Selector - an online builder that requires you to manually supply it with the packages you wish to have installed. This package list is sent to the ASU server, and a new custom device image is created containing those packages. You may then download and install the image in LuCI Backup/Flash Firmware, but for this you would enable "Keep settings..."
• Luci Attended Sysupgrade - the web interface to the ASU server. This tool allows you to choose a new OpenWrt version, then collects the names of the packages on your device and sends them up to the ASU server. LuCI ASU then downloads the created image directly to your device and allows you to install it, without having to do any of the bookkeeping tasks involved with using the Firmware Selector.
• owut - a command line package that does the same job as LuCI ASU, but provides more diagnostics and better visibility into what's happening at the various steps before and during the build process.

Both the LuCI ASU app and owut are optional packages in 24.10, so if you have not installed them, they won't be there by default. Use either the LuCI Package Manager to install them, or you can do it from the command line with opkg:

$ opkg update
$ opkg install luci-app-attendedsysupgrade
$ opkg install owut

Note that you can install one or the other, or both together, they are completely independent packages.

Upgrades with Firmware Selector

The Firmware Selector does an excellent job of searching through the thousands of available device configurations and getting you to the right place. But, some devices have several variants and possibly different image formats, so if you're unsure about which one you need or which device you're dealing with or anything else, go to the |Firmware Selector support thread and ask away.

Upgrades with LuCI Attended Sysupgrade

The LuCI web interface should be fairly self explanatory. Since you have fairly limited options there that should be pretty obvious, but if anything is unclear or you're unsure about something, go to the LuCI Attended Sysupgrade support thread and ask.

Upgrades with owut

If you choose to use owut, the fact that it's a command line program means you'll need a little more explanation regarding best practices. In any situation, it's always safe to do a check to see what's going on.

$ owut check --verbose --version-to 25.12
... a lot of output ...

This check should show you all the details of what this upgrade entails with regards to the packages available, and will point out any issues with package versions and so on.

Assuming the results of the check look good, you can simply do an upgrade next.

$ owut upgrade --verbose --version-to 25.12
... even more output ...

If you are unsure of anything you see in the check, during the upgrade, or simply have questions, jump on over to the owut support thread on the forum and ask.

Known issues

• Users of Zyxel EX5601-T0 devices need to check their WAN interfaces as port was renamed from eth1 to wan.

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/25.12/notes-25.12.0-rc2

In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/25.12/notes-25.12.0-rc2#known_issues

For a detailed list of all changes since 25.12.0-rc1, refer to
https://openwrt.org/releases/25.12/changelog-25.12.0-rc2

To download the 25.12.0-rc2 images, navigate to:
https://downloads.openwrt.org/releases/25.12.0-rc2/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org?version=25.12.0-rc2

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

To stay informed of new OpenWrt releases and security advisories, there
are new channels available:

• a low-volume mailing list for important announcements:
  https://lists.openwrt.org/mailman/listinfo/openwrt-announce

• a dedicated "announcements" section in the forum:
  https://forum.openwrt.org/c/announcements/14

• other announcement channels (such as RSS feeds) might be added in the
  future, they will be listed at https://openwrt.org/contact

Hi,

The OpenWrt community is proud to announce the first release candidate of the OpenWrt 25.12 stable series.

Download firmware images using the OpenWrt Firmware Selector:

• https://firmware-selector.openwrt.org?version=25.12.0-rc1

Download firmware images directly from our download servers:

• https://downloads.openwrt.org/releases/25.12.0-rc1/targets/

Please test this version

This is not the final version, this is a test version. Please report problems and bugs in our issue tracker.

Highlights in OpenWrt 25.12

OpenWrt 25.12.0-rc1 incorporates over 4300 commits since branching the previous OpenWrt 24.10 release and has been under development for over one year.

Only the main changes are listed below. See changelog-25.12.0-rc1 for the full changelog.

General changes

• Switch package manager from opkg to apk
• Integration of attended Sysupgrade into default LuCI installation
• The shell history is stored in RAM till the next reboot
• Integration of video feed
• Wi-Fi scripts converted to ucode

Target changes

• Extend realtek target with support for more switch SoCs like 10G Ethernet switches.
• Extend qualcommax target with support for ipq50xx and ipq60xx SoCs.
• Added siflower target for Siflower SF21A6826/SF21H8898 SoCs
• Added sunxi/arm926ejs subtarget for Allwinner F1C100/200s SoCs

Many new devices added

OpenWrt 25.12 supports over 2180 devices. Support for over 160 new devices was added in addition to the device support by OpenWrt 24.10.

Core components update

Core components have the following versions in 23.05.0-rc1:

• Updated toolchain:
  • musl libc 1.2.5
  • glibc 2.41
  • gcc 14.3.0
  • binutils 2.44
• Updated Linux kernel
  • 6.12.62 for all targets
• main packages:
  • cfg80211/mac80211 from kernel 6.18.0
  • hostapd master snapshot from August 2025
  • dnsmasq 2.91
  • dropbear 2025.89
  • busybox 1.37.0

In addition to the listed applications, many others were also updated.

Upgrading to 25.12

Sysupgrade can be used to upgrade a device from 24.10 to 25.12, and configuration will be preserved in most cases.

:!: Sysupgrade from 23.05 to 25.12 is not officially supported.

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/25.12/notes-25.12.0-rc1

In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/25.12/notes-25.12.0-rc1#known_issues

For a detailed list of all changes since 24.10 branching, refer to
https://openwrt.org/releases/25.12/changelog-25.12.0-rc1

To download the 25.12.0-rc1 images, navigate to:
https://downloads.openwrt.org/releases/25.12.0-rc1/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org?version=25.12.0-rc1

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

Hi,

The OpenWrt community is proud to announce the newest stable release of the OpenWrt 24.10 stable series.

Download firmware images using the OpenWrt Firmware Selector:

• https://firmware-selector.openwrt.org?version=24.10.5

Download firmware images directly from our download servers:

• https://downloads.openwrt.org/releases/24.10.5/targets/

Main changes between OpenWrt 24.10.4 and OpenWrt 24.10.5

Only the main changes are listed below. See changelog-24.10.5 for the full changelog.

Security fixes

• CVE-2025-14282: Dropbear privilege escalation via Unix domain socket forwarding

Device support

• Added new devices:
  • mediatek: ASUS TUF-AX4200Q
  • mediatek: Cudy WR3000P v1
  • mediatek: ipTIME AX7800M-6E
  • mediatek: Konka KOMI A31
  • mediatek: Totolink X6000R
  • mediatek: WAVLINK WL-WN536AX6 Rev a
  • ramips: Cudy AP1300 Outdoor v1
  • ramips: Cudy C200P
  • ramips: Cudy R700
  • ramips: Cudy RE1200 Outdoor v1
  • ramips: Hongdian H8850 v20
  • rockchip: LinkEase EasePi R1
  • rockchip: Lunzn FastRhino R66S
• airoha: Many improvements
• ath79: TP-Link Archer C60 v2: fix 5GHz Wifi
• bmips: Sagem @ST3864OP: fix LEDs
• ipq4019: AVM FritzBox 7530: fix RX frame length on DSL interface
• ipq806x: migrate wifi configuration when downgrading from
  kernel 6.12
• mediatek: Cudy AP3000 v1: fix IPv4 address missing on interface
  in failsafe mode
• mediatek: Cudy WR3000H: fix Ethernet port order
• mediatek: Zbtlink ZBT Z8102AX V2: fix ubi size
• mpc85xx: p1010: Sophos RED 15w : Fix NAND partitions
• mpc85xx: p1010: Watchguard Firebox T10: fix boot
• mvebu: GL.iNet GL-MV1000: fix sdhci1 controller
• ramips: Improve eMMC and SD Card support

Various fixes and improvements

• ath11k: fix transmit queue flushing
• dropbear: backport security fixes
• dropbear: enable configurable port forwarding options
• imagebuilder: fix image generation for some devices
• kernel: add support for ESMT F50L1G41LC flash chip (found on recent Cudy boards)
• kernel: add support for Fudan Micro FM25S01BI3 flash chip
• mwl8k: improve stability of AP mode
• odhcpd: fix memory leaks
• ppp: add reqprefix, norelease and ac_mac options

Core components update

• Linux kernel: update from 6.6.110 to 6.6.119
• mac80211: update from 6.12.52 to 6.12.61
• mt76: update from 2025-09-15 to 2025-11-06
• wireless-regdb: update from 2025.07.10 to 2025.10.07

Upgrading to 24.10

Sysupgrade can be used to upgrade a device from 23.05 to 24.10, and configuration will be preserved in most cases.

For for upgrades inside the OpenWrt 24.10 stable series for example from a OpenWrt 24.10 release candidate Attended Sysupgrade is supported in addition which allows preserving the installed packages too.

• Sysupgrade from 22.03 to 24.10 is not officially supported.

• There is no configuration migration path for users of the ipq806x target for Qualcomm Atheros IPQ806X SoCs because it switched to DSA. You have to upgrade without saving the configuration.
  ''Image version mismatch. image 1.1 device 1.0 Please wipe config during upgrade (force required) or reinstall. Config cannot be migrated from swconfig to DSA Image check failed''

• User of the Linksys E8450 aka. Belkin RT3200 running OpenWrt 23.05 or earlier will need to run installer version v1.1.3 or later in order to reorganize the UBI layout for the 24.10 release. A detailed description is in the OpenWrt wiki. Updating without using the installer will break the device. Sysupgrade will show a warning before doing an incompatible upgrade.

• Users of the Xiaomi AX3200 aka. Redmi AX6S running OpenWrt 23.05 or earlier have to follow a special upgrade procedure described in the wiki. This will increase the flash memory available for OpenWrt. Updating without following the guide in the wiki break the device. Sysupgrade will show a warning before doing an incompatible upgrade.

• Users of Zyxel GS1900 series switches running OpenWrt 23.05 or earlier have to perform a new factory install with the initramfs image due to a changed partition layout. Sysupgrade will show a warning before doing an incompatible upgrade and is not possible.

Known issues

• LEDs for Airoha AN8855 are not yet supported. Devices like the Xiaomi AX3000T with an Airoha switch will have their switch LEDs powered off. This issue will be addressed in an upcoming OpenWrt SNAPSHOT and the OpenWrt 24.10 minor release.
• 5GHz WiFi is non-functional on certain devices with ath10k chipsets. Affected models include the Phicomm K2T, TP-Link Archer C60 v3 and possibly others. For details, see issue #14541.

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/24.10/notes-24.10.5

In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/24.10/notes-24.10.5#known_issues

For a detailed list of all changes since 24.10.4, refer to
https://openwrt.org/releases/24.10/changelog-24.10.5

To download the 24.10.5 images, navigate to:
https://downloads.openwrt.org/releases/24.10.5/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org?version=24.10.5

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

To stay informed of new OpenWrt releases and security advisories, there
are new channels available:

• a low-volume mailing list for important announcements:
  https://lists.openwrt.org/mailman/listinfo/openwrt-announce

• a dedicated "announcements" section in the forum:
  https://forum.openwrt.org/c/announcements/14

• other announcement channels (such as RSS feeds) might be added in the
  future, they will be listed at https://openwrt.org/contact

Hi,

The OpenWrt community is proud to announce the newest stable release of the OpenWrt 24.10 stable series.

Download firmware images using the OpenWrt Firmware Selector:

• https://firmware-selector.openwrt.org?version=24.10.4

Download firmware images directly from our download servers:

• https://downloads.openwrt.org/releases/24.10.4/targets/

Main changes between OpenWrt 24.10.3 and OpenWrt 24.10.4

Only the main changes are listed below. See changelog-24.10.4 for the full changelog.

Security fixes

• CVE-2025-62525: ltq-ptm: local privilege escalation
• CVE-2025-62526: ubusd: heap buffer overflow

Device support

• Added new devices:
  • ramips: Qding QC202
  • ramips: Zbtlink ZBT-WG108
• ath79: TP-Link Archer C59 v1: Fix 5 GHz Wifi
• ath79: TP-Link Archer C60 v1: Fix 5 GHz Wifi
• ipq40xx: Linksys WHW01: Improve MAC address and LED configuration
• mediatek: filogic: GL.iNet GL-MT2500/GL-MT2500A: Add support for new hardware revision
• mpc85xx: Aerohive BR200-WP: Fix flash usage
• qualcommax: ipq807x: Linksys MX4200/MX4300/MX5300/MX8500: Improve upgrade stability
• ramips: Hongdian H7920: Fix pin configuration and MAC addresses

Various fixes and improvements

• mac80211: ath10k: improve "failed to flush transmit queue" errors
• rockchip: rk3399: Fix PCIe
• kernel: ksmbd: Fix SMB access from Linux clients
• bcm53xx: Fix bootup of devices

Core components update

• Linux kernel: update from 6.6.104 to 6.6.110
• mac80211: update from 6.12.44 to 6.12.52
• odhcpd: update from 2024-05-08 to 2025-10-02
• ubus: update from 2025-07-02 to 2025-10-17
• mbedtls: update from 3.6.4 to 3.6.5
• openssl: update from 3.0.17 to 3.0.18

Upgrading to 24.10

Sysupgrade can be used to upgrade a device from 23.05 to 24.10, and configuration will be preserved in most cases.

For for upgrades inside the OpenWrt 24.10 stable series for example from a OpenWrt 24.10 release candidate Attended Sysupgrade is supported in addition which allows preserving the installed packages too.

• Sysupgrade from 22.03 to 24.10 is not officially supported.

• There is no configuration migration path for users of the ipq806x target for Qualcomm Atheros IPQ806X SoCs because it switched to DSA. You have to upgrade without saving the configuration.
  ''Image version mismatch. image 1.1 device 1.0 Please wipe config during upgrade (force required) or reinstall. Config cannot be migrated from swconfig to DSA Image check failed''

• User of the Linksys E8450 aka. Belkin RT3200 running OpenWrt 23.05 or earlier will need to run installer version v1.1.3 or later in order to reorganize the UBI layout for the 24.10 release. A detailed description is in the OpenWrt wiki. Updating without using the installer will break the device. Sysupgrade will show a warning before doing an incompatible upgrade.

• Users of the Xiaomi AX3200 aka. Redmi AX6S running OpenWrt 23.05 or earlier have to follow a special upgrade procedure described in the wiki. This will increase the flash memory available for OpenWrt. Updating without following the guide in the wiki break the device. Sysupgrade will show a warning before doing an incompatible upgrade.

• Users of Zyxel GS1900 series switches running OpenWrt 23.05 or earlier have to perform a new factory install with the initramfs image due to a changed partition layout. Sysupgrade will show a warning before doing an incompatible upgrade and is not possible.

Known issues

• LEDs for Airoha AN8855 are not yet supported. Devices like the Xiaomi AX3000T with an Airoha switch will have their switch LEDs powered off. This issue will be addressed in an upcoming OpenWrt SNAPSHOT and the OpenWrt 24.10 minor release.
• 5GHz WiFi is non-functional on certain devices with ath10k chipsets. Affected models include the Phicomm K2T, TP-Link Archer C60 v2, TP-Link Archer C60 v3 and possibly others. For details, see issue #14541.

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/24.10/notes-24.10.4

In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/24.10/notes-24.10.4#known_issues

For a detailed list of all changes since 24.10.3, refer to
https://openwrt.org/releases/24.10/changelog-24.10.4

To download the 24.10.4 images, navigate to:
https://downloads.openwrt.org/releases/24.10.4/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org?version=24.10.4

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

To stay informed of new OpenWrt releases and security advisories, there
are new channels available:

• a low-volume mailing list for important announcements:
  https://lists.openwrt.org/mailman/listinfo/openwrt-announce

• a dedicated "announcements" section in the forum:
  https://forum.openwrt.org/c/announcements/14

• other announcement channels (such as RSS feeds) might be added in the
  future, they will be listed at https://openwrt.org/contact

Hi,

The OpenWrt community is proud to announce the newest stable release of
the OpenWrt 23.05 stable series. It improves device support and brings a
few bug fixes including security fixes.

Download firmware images using the OpenWrt Firmware Selector:

• https://firmware-selector.openwrt.org/?version=23.05.6

Download firmware images directly from our download servers:

• https://downloads.openwrt.org/releases/23.05.6/targets/

Main changes between OpenWrt 23.05.5 and OpenWrt 23.05.6

Device support

• Added devices:
  • ath79: Huawei AP6010DN
  • ath79: MikroTik RouterBOARD 750 r2 (hEX lite)
  • ath79: Sophos AP15C
  • ramips: netis N6
• ath79: ZTE MF286: fix 5GHz on QCA9886
• ath79: add extended AR9344 reset sequence
• ipq40xx: Aruba AP-303H: Fix PSE GPIO pin
• ipq40xx: Meraki MR33 and MR74: fix MAC address
• mediatek: Xiaomi Router AX3000T: Add support for Winbond
  W25N01KV flash
• ramips: TP-Link RE200 v1 and RE210 v1: Fix booting stuck issue
• octeon: ubnt-edgerouter: fix sysupgrade config backup/restore

Various fixes and improvements

• iptables: backport "nft: track each register individually" from 1.9
• wifi-scripts: Fix parsing of Capabilities

Core components update

• Update Linux from 5.15.167 to 5.15.189
• Update mac80211 from 6.1.110-1 to 6.1.145-1
• Update wireless-regdb from 2024.07.04 to 2025.07.10
• Update openssl from 3.0.15 to 3.0.16
• Update mbedtls from 2.28.9 to 2.28.10
• Update wolfssl from 5.7.2 to 5.7.6
• Update ca-certificates from 20230311 to 20241223
• Update jsonfilter from 2024-01-23 to 2025-04-18
• Update libxml from 2.12.5 to 2.14.5

Upgrading to 23.05.6

Sysupgrade can be used to upgrade a device from 22.03 to 23.05, and
configuration will be preserved in most cases.

• Sysupgrade from 21.02 to 23.05 is not officially supported.
• ipq40xx EA6350v3, EA8300, MR8300 and WHW01 require tweak to the
  U-Boot environment on update from 22.03 to 23.05. Refer to the Device
  wiki or the instruction on sysupgrade on how to do this change.
  Config needs to be reset on sysupgrade.

Known issues

• lantiq/xrx200 target shows error messages in DSA switch
  configuration of the integrated GSWIP switch. (see:
  #13200)
• OpenWrt 23.05.6 was signed with the wrong signing keys. The keys from
  OpenWrt snapshot were used for OpenWrt 23.05.6, OpenWrt 23.05.5,
  OpenWrt 23.05.4, OpenWrt 23.05.3, OpenWrt 23.05.2, OpenWrt 23.05.0 and
  the release candidates. A later OpenWrt 23.05 service release will use
  a different key.

See up to date information here:
https://openwrt.org/releases/23.05/notes-23.05.6#known_issues

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/23.05/notes-23.05.6

In particular, make sure to read the regressions and known issues before
upgrading:
https://openwrt.org/releases/23.05/notes-23.05.6#known_issues

For a detailed list of all changes since 23.05.5, refer to
https://openwrt.org/releases/23.05/changelog-23.05.6

To download the 23.05.6 images, navigate to:
https://downloads.openwrt.org/releases/23.05.6/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org/?version=23.05.6

As always, a big thank you goes to all our active package maintainers,
testers, documenters and supporters.

Have fun!

The OpenWrt Community

Hi,

The OpenWrt community is proud to announce the newest stable release of the OpenWrt 24.10 stable series.

Download firmware images using the OpenWrt Firmware Selector:

• https://firmware-selector.openwrt.org?version=24.10.3

Download firmware images directly from our download servers:

• https://downloads.openwrt.org/releases/24.10.3/targets/

Main changes between OpenWrt 24.10.2 and OpenWrt 24.10.3

Only the main changes are listed below. See changelog-24.10.3 for the full changelog.

Device support

• Added new devices:
  • mediatek: Cudy TR3000 256MB v1 flash version
  • mediatek: Huasifei WH3000 Pro
  • mediatek: ipTIME AX3000Q
  • mediatek: ipTIME AX3000SM
  • mediatek: OpenFi 6C
  • mediatek: Zbtlink ZBT-Z8102AX v2
  • qualcommax: ipq807x: Linksys HomeWRK
  • ramips: Hongdian H7920 v40
  • rockchip: Radxa ROCK 4C+
  • rockchip: Radxa ROCK 4SE
• armsr: Fix problem creating kthread in boot up on qemu
• armsr: Fix serial console regression on device tree systems
• ath79: COMFAST CF-EW71 v2: Fix LED GPIOs
• ath79: MikroTik hAP ac: Enable USB by default
• ath79: Ubiquiti: Fix flash write unlock on multiple devices
• ath79: Xiaomi AIoT AC2350: Fix 5GHz Wifi
• imx: Add device tree overlay support
• ipq40xx: Reduce SPI clock frequency to 24MHz
• lantiq: DSL: Fix reading downstream band borders
• lantiq: Fix occasional kernel panic in ltq-adsl driver
• mediatek: Cudy tr3000 v1: Add ubootmod layout
• mediatek: Fix tx vlan tag for llc packets
• mediatek: mt7981: Reduce DMA memory usage regression
• mediatek: mt7986: Reduce DMA memory usage regression
• mediatek: Prevent PPE flow tables to leak across reboots
• mediatek: Ruijie RG-X60 Pro: Fix LAN port status light
• mediatek: Xiaomi AX3000T: Fix Foresee NAND
• mpc85xx: TP-Link: TL-WDR4900: Add back 5ghz LED
• ramips: mt7621: Reduce DMA memory usage regression
• ramips: rt5350: Reduce DMA memory usage regression
• ramips: TP-Link mr600: Fix 5 GHz Wifi
• realtek: Avoid interrupt storm on mass packet receive
• realtek: Fix stall after restart of otto timer
• rockchip: Fix for MSI/MSI-X bug: no MSI/MSI-X, Back to INTx.
• rockchip: NanoPC-T6 with A3A444 chips: Fix eMMC corruption
• rockchip: rk35xx: Increase the number of serial ports
• tegra: Bring back workaround for spurious interrupts
• x86: Fix boot problems by activating CONFIG_PCI_MMCONFIG

Various fixes and improvements

• busybox: Fix login applet on selinux
• hostapd: Reduce debug logging
• kernel: Add support for FudanMicro FM25S01A SPI-NAND
• kernel: Fix netdev trigger for PHY LEDs
• mac80211: Improve WiFi-7 TX performance
• mt76: Improve system recovery routine for MT7915
• wifi-scripts: Correctly set basic-rates with wpa_supplicant

Core components update

• Linux kernel: update from 6.6.93 to 6.6.104
• mac80211: update from 6.12.6 to 6.12.44
• mt76: update from 2025-02-14 to 2025-09-15
• kmod-r8125: update from 9.016.00 to 9.016.01
• kmod-r8126: update from 10.015.00 to 10.016.00
• kmod-r8127: update from 11.014.00 to 11.015.00
• libubox: update from 2024-12-19 to 2025-07-23
• udebug: update from 2023-12-06 to 2025-08-24
• ucode: update from 2025-05-11 to 2025-07-18
• uhttpd: update from 2023-06-25 to 2025-07-06
• uqmi: update from 2024-08-25 to 2025-07-30
• rpcd: update from 2024-09-17 to 2025-09-01
• ubus: update from 2025-05-16 to 2025-07-02
• libxml2: update from 2.13.6 to 2.14.5
• mbedtls: update from 3.6.3 to 3.6.4
• openssl: update from 3.0.16 to 3.0.17
• ca-certificates: update from 20241223 to 20250419
• wireless-regdb: update from 2025.02.20 to 2025.07.10

Upgrading to 24.10

Sysupgrade can be used to upgrade a device from 23.05 to 24.10, and configuration will be preserved in most cases.

For for upgrades inside the OpenWrt 24.10 stable series for example from a OpenWrt 24.10 release candidate Attended Sysupgrade is supported in addition which allows preserving the installed packages too.

• Sysupgrade from 22.03 to 24.10 is not officially supported.

• There is no configuration migration path for users of the ipq806x target for Qualcomm Atheros IPQ806X SoCs because it switched to DSA. You have to upgrade without saving the configuration.
  ''Image version mismatch. image 1.1 device 1.0 Please wipe config during upgrade (force required) or reinstall. Config cannot be migrated from swconfig to DSA Image check failed''

• User of the Linksys E8450 aka. Belkin RT3200 running OpenWrt 23.05 or earlier will need to run installer version v1.1.3 or later in order to reorganize the UBI layout for the 24.10 release. A detailed description is in the OpenWrt wiki. Updating without using the installer will break the device. Sysupgrade will show a warning before doing an incompatible upgrade.

• Users of the Xiaomi AX3200 aka. Redmi AX6S running OpenWrt 23.05 or earlier have to follow a special upgrade procedure described in the wiki. This will increase the flash memory available for OpenWrt. Updating without following the guide in the wiki break the device. Sysupgrade will show a warning before doing an incompatible upgrade.

• Users of Zyxel GS1900 series switches running OpenWrt 23.05 or earlier have to perform a new factory install with the initramfs image due to a changed partition layout. Sysupgrade will show a warning before doing an incompatible upgrade and is not possible.

Known issues

• LEDs for Airoha AN8855 are not yet supported. Devices like the Xiaomi AX3000T with an Airoha switch will have their switch LEDs powered off. This issue will be addressed in an upcoming OpenWrt SNAPSHOT and the OpenWrt 24.10 minor release.
• 5GHz WiFi is non-functional on certain devices with ath10k chipsets. Affected models include the TP-Link Archer C60 v1, and possibly others. For details, see issue #14541.

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/24.10/notes-24.10.3

In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/24.10/notes-24.10.3#known_issues

For a detailed list of all changes since 24.10.2, refer to
https://openwrt.org/releases/24.10/changelog-24.10.3

To download the 24.10.3 images, navigate to:
https://downloads.openwrt.org/releases/24.10.3/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org?version=24.10.3

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

To stay informed of new OpenWrt releases and security advisories, there
are new channels available:

• a low-volume mailing list for important announcements:
  https://lists.openwrt.org/mailman/listinfo/openwrt-announce

• a dedicated "announcements" section in the forum:
  https://forum.openwrt.org/c/announcements/14

• other announcement channels (such as RSS feeds) might be added in the
  future, they will be listed at https://openwrt.org/contact

Hi,

The OpenWrt community is proud to announce the newest stable release of the OpenWrt 24.10 stable series.

Download firmware images using the OpenWrt Firmware Selector:

• https://firmware-selector.openwrt.org?version=24.10.2

Download firmware images directly from our download servers:

• https://downloads.openwrt.org/releases/24.10.2/targets/

Main changes between OpenWrt 24.10.1 and OpenWrt 24.10.2

Only the main changes are listed below. See changelog-24.10.2 for the full changelog.

Device support

• Added new devices:
  • bcm27xx: bcm2712: RPi 5 (d0 rev)
  • bcm27xx: bcm2712: RPi 500
  • bcm27xx: bcm2712: RPi CM5
  • mediatek: filogic: ASUS RT-AX52
  • mediatek: filogic: Cudy WR3000E
  • mediatek: filogic: Cudy WR3000H
  • mediatek: filogic: Mercusys MR80X v3
  • mediatek: filogic: Routerich AX3000 v1
  • mediatek: filogic: TP-Link Archer AX80v1(US/RU/CA)
  • mediatek: filogic: WAVLINK WL-WN573HX3
  • ramips: mt7621: Arcadyan WE410443
  • ramips: mt76x8: Xiaomi MiWiFi 3A
• ath79: TP-Link Archer C6 v2: fix 5GHz Wifi
• bcm27xx: add BRCMSTB I2C driver
• bcm27xx: select I2C and SPI packages by default
• bcm27xx: switch to upstream SDHOST driver
• bmips: backport bcm63xx SPI reset fix
• bmips: backport brcm legacy dsa tag fix
• ipq40xx: Teltonika RUTX50: turn on modem by default
• ipq40xx: Teltonika RUTX50: use correct wired MAC-addresses
• ipq806x: Extreme Networks AP3935: fix LAN/WAN ports
• ramips: Genexis EX400: add touch controller
• ramips: mt7621: fix Ethernet stability (deactivate EEE)
• realtek: fix mdio parent/child locking issues
• realtek: proper RTL8214FC fibre/copper detection
• rockchip: NanoPi R6C/R6S: fix SD card detection

Various fixes and improvements

• GCC 15: multiple fixes to allow building with host GCC 15
• kernel: generic: add Broadcom NetXtreme-C/E driver
• kernel: generic: add DesignWare I2C driver
• kernel: generic: add DesignWare SPI driver
• kernel: generic: add Huawei HINIC driver
• kernel: generic: add Microchip ENC28J60 SPI ethernet driver
• kernel: generic: fix UDPv6 GSO segmentation with NAT
• kernel: generic: net: phy: sfp: backport some FS copper SFP fixes
• kmod-r8101: load module at boot time
• kmod-r8125: load module at boot time, disable ASPM
• kmod-r8125-rss: enable ENABLE_MULTIPLE_TX_QUEUE
• kmod-r8126: load module at boot time
• kmod-r8126-rss: enable ENABLE_MULTIPLE_TX_QUEUE
• kmod-r8127: load module at boot time
• kmod-r8127-rss: enable ENABLE_MULTIPLE_TX_QUEUE
• kmod-r8168: load module at boot time
• kmod-r8168-rss: add variant
• lldpd: enable hardware inventory information (TLV) management
• mac80211: add patch to suppress PREP when mesh forwarding is disabled
• mac80211: ath11k: fix broadcast failures during GTK rekeying
• qmi: increase SIM power-cycle timeouts

Core components update

• Linux kernel: update from 6.6.86 to 6.6.93
• ucode: update from 2025-02-10 to 2025-05-11
• netifd: update from 2024-12-17 to 2025-05-23
• bcm27xx-gpu-fw: update to v1.20250430
• kmod-phy-realtek: backport upstream v6.15 patches
• kmod-phy-realtek: backport upstream v6.16 patches
• kmod-r8125: update to v9.016.00
• kmod-r8169: backport upstream v6.15 patches
• kmod-r8169: backport upstream v6.16 patches

Upgrading to 24.10

Sysupgrade can be used to upgrade a device from 23.05 to 24.10, and configuration will be preserved in most cases.

For for upgrades inside the OpenWrt 24.10 stable series for example from a OpenWrt 24.10 release candidate Attended Sysupgrade is supported in addition which allows preserving the installed packages too.

• Sysupgrade from 22.03 to 24.10 is not officially supported.

• There is no configuration migration path for users of the ipq806x target for Qualcomm Atheros IPQ806X SoCs because it switched to DSA. You have to upgrade without saving the configuration.
  ''Image version mismatch. image 1.1 device 1.0 Please wipe config during upgrade (force required) or reinstall. Config cannot be migrated from swconfig to DSA Image check failed''

• User of the Linksys E8450 aka. Belkin RT3200 running OpenWrt 23.05 or earlier will need to run installer version v1.1.3 or later in order to reorganize the UBI layout for the 24.10 release. A detailed description is in the OpenWrt wiki. Updating without using the installer will break the device. Sysupgrade will show a warning before doing an incompatible upgrade.

• Users of the Xiaomi AX3200 aka. Redmi AX6S running OpenWrt 23.05 or earlier have to follow a special upgrade procedure described in the wiki. This will increase the flash memory available for OpenWrt. Updating without following the guide in the wiki break the device. Sysupgrade will show a warning before doing an incompatible upgrade.

• Users of Zyxel GS1900 series switches running OpenWrt 23.05 or earlier have to perform a new factory install with the initramfs image due to a changed partition layout. Sysupgrade will show a warning before doing an incompatible upgrade and is not possible.

Known issues

• LEDs for Airoha AN8855 are not yet supported. Devices like the Xiaomi AX3000T with an Airoha switch will have their switch LEDs powered off. This issue will be addressed in an upcoming OpenWrt SNAPSHOT and the OpenWrt 24.10 minor release.
• 5GHz WiFi is non-functional on certain devices with ath10k chipsets. Affected models include the TP-Link Archer C60 v1, and possibly others. For details, see issue #14541.

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/24.10/notes-24.10.2

In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/24.10/notes-24.10.2#known_issues

For a detailed list of all changes since 24.10.1, refer to
https://openwrt.org/releases/24.10/changelog-24.10.2

To download the 24.10.2 images, navigate to:
https://downloads.openwrt.org/releases/24.10.2/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org?version=24.10.2

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

To stay informed of new OpenWrt releases and security advisories, there
are new channels available:

• a low-volume mailing list for important announcements:
  https://lists.openwrt.org/mailman/listinfo/openwrt-announce

• a dedicated "announcements" section in the forum:
  https://forum.openwrt.org/c/announcements/14

• other announcement channels (such as RSS feeds) might be added in the
  future, they will be listed at https://openwrt.org/contact

Hi,

The OpenWrt community is proud to announce the newest stable release of the OpenWrt 24.10 stable series.

Download firmware images using the OpenWrt Firmware Selector:

• https://firmware-selector.openwrt.org?version=24.10.1

Download firmware images directly from our download servers:

• https://downloads.openwrt.org/releases/24.10.1/targets/

Main changes between OpenWrt 24.10.0 and OpenWrt 24.10.1

Only the main changes are listed below. See changelog-24.10.1 for the full changelog.

Device support

• Added new devices:
  • bmips: Actiontec T1200H
  • mediatek: CMCC A10
  • mediatek: Huasifei WH3000
  • mediatek: Keenetic KN-3811
  • mediatek: Keenetic KN-3911
  • mediatek: netis NX31
  • qualcommax: Linksys MX4300 (LN1301)
  • ramips: Cudy M1200 v1
  • ramips: Cudy M1300 v2
  • ramips: Genexis / Inteno Pulse EX400
  • ramips: Hongdian H8922 v30
• ath79: mikrotik Routerboard 911G: Fix clock speed
• ath79: NEC Aterm: Fix initramfs execution
• bcm27xx: Raspberry Pi: Fixes for r8169 Ethernet driver
• bcm27xx: Raspberry Pi: Update GPU firmware and drivers
• imx: Gateworks boards: Misc fixes
• mediatek: ASUS: RT-AX59U/TUF-AX4200/TUF-AX6000: Fix boot problems with recent bootloader
• mediatek: Xiaomi AX3000t: Fix NMBM handling for devices with Winbond W25N01KVZEIR flash
• mediatek: Zyxel EX5601-T0: Fix eth1 wan configuration
• ramips: Dovado Tiny AC: Fix wifi MAC addresses
• ramips: hiwifi hc5962: Fix reading MAC address
• ramips: LAVA LR-25G001: Fix wifi MAC address
• ramips: MT7621: Improve MT7621S core detection
• ramips: TP-Link Deco M4R v4: Fix port name conflict
• realtek: Add new auxiliary MDIO driver and switch devices to it
• realtek: HPE 1920: Fix FAN configuration
• realtek: Zyxel GS1900-8: Split into v1 and v2

Various fixes and improvements

• ath10k-ct: Silence some harmless noisy logs
• build: build LLVM toolchain for BPF when packet selects it
• dnsmasq: Fix handlers for options filter_rr and cache_rr
• kernel: Fix IPv6 TCP GSO segmentation with NAT
• kernel: Globally enable CONFIG_PCPU_DEV_REFCNT
• kernel: usbnet: Restore usb%d naming for cdc-ethernet devices with local MAC
• mac80211: rt2x00: Fix loading EEPROM from card
• odhcpd: Fix missed packets in relay mode
• umdns: Automatically configure firewall for umdns when needed

Core components update

• Update Linux from 6.6.73 to 6.6.86
• Update mt76 from 2025-01-14 to 2025-02-14
• Update mwlwifi from 2024-04-19 to 2025-02-06
• Update wireless-regdb from 2024.10.07 to 2025.02.20
• Update ucode from 2024-07-22 to 2025-02-10
• Update unetd from 2024-12-17 to 2025-03-09
• Update umdns from 2024-09-17 to 2025-02-10
• Update omcproxy from 2021-11-04 to 2025-02-27
• Update libnl-tiny from 2023-12-05 to 2025-03-19
• Update ethtool from 6.10 to 6.11
• Update openssl from 3.0.15 to 3.0.16
• Update mbedtls from 3.6.2 to 3.6.3
• Update ca-certificates from 20240203 to 20241223
• Update bcm27xx-gpu-fw from 2024.11.26 to 2025.03.05
• Update bcm27xx-utils from 2024.12.19 to 2025.03.14
• Update r8125 from 9.014.01 to 9.015.00
• Update r8126 from 10.014.01 to 10.015.00
• Update r8168 from 8.054.00 to 8.055.00
• Update bcm63xx-cfe from 2024-06-25 to 2025-04-02
• Update intel-microcode from 20240531 to 20250211
• Update firmware-utils from 2024-10-20 to 2025-02-16

Upgrading to 24.10

Sysupgrade can be used to upgrade a device from 23.05 to 24.10, and configuration will be preserved in most cases.

For for upgrades inside the OpenWrt 24.10 stable series for example from a OpenWrt 24.10 release candidate Attended Sysupgrade is supported in addition which allows preserving the installed packages too.

• Sysupgrade from 22.03 to 24.10 is not officially supported.

• There is no configuration migration path for users of the ipq806x target for Qualcomm Atheros IPQ806X SoCs because it switched to DSA. You have to upgrade without saving the configuration.
  ''Image version mismatch. image 1.1 device 1.0 Please wipe config during upgrade (force required) or reinstall. Config cannot be migrated from swconfig to DSA Image check failed''

• User of the Linksys E8450 aka. Belkin RT3200 running OpenWrt 23.05 or earlier will need to run installer version v1.1.3 or later in order to reorganize the UBI layout for the 24.10 release. A detailed description is in the OpenWrt wiki. Updating without using the installer will break the device. Sysupgrade will show a warning before doing an incompatible upgrade.

• Users of the Xiaomi AX3200 aka. Redmi AX6S running OpenWrt 23.05 or earlier have to follow a special upgrade procedure described in the wiki. This will increase the flash memory available for OpenWrt. Updating without following the guide in the wiki break the device. Sysupgrade will show a warning before doing an incompatible upgrade.

• Users of Zyxel GS1900 series switches running OpenWrt 23.05 or earlier have to perform a new factory install with the initramfs image due to a changed partition layout. Sysupgrade will show a warning before doing an incompatible upgrade and is not possible.

Known issues

• LEDs for Airoha AN8855 are not yet supported. Devices like the Xiaomi AX3000T with an Airoha switch will have their switch LEDs powered off. This issue will be addressed in an upcoming OpenWrt SNAPSHOT and the OpenWrt 24.10 minor release.
• 5GHz WiFi is non-functional on certain devices with ath10k chipsets. Affected models include the TP-Link Archer C60 v1, TP-Link Archer C6 v2, and possibly others. For details, see issue #14541.
• Ethernet link instability on some MT7530 switches. Users experiencing unstable Ethernet connections should disable Energy-Efficient Ethernet (EEE) as a workaround. See issue #17351 for more information.

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/24.10/notes-24.10.1

In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/24.10/notes-24.10.1#known_issues

For a detailed list of all changes since 24.10.0, refer to
https://openwrt.org/releases/24.10/changelog-24.10.1

To download the 24.10.1 images, navigate to:
https://downloads.openwrt.org/releases/24.10.1/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org?version=24.10.1

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

To stay informed of new OpenWrt releases and security advisories, there
are new channels available:

• a low-volume mailing list for important announcements:
  https://lists.openwrt.org/mailman/listinfo/openwrt-announce

• a dedicated "announcements" section in the forum:
  https://forum.openwrt.org/c/announcements/14

• other announcement channels (such as RSS feeds) might be added in the
  future, they will be listed at https://openwrt.org/contact

Hi,

The OpenWrt community is proud to announce the first stable release of the OpenWrt 24.10 stable series.
OpenWrt 24.10.0 incorporates over 5400 commits since branching the previous OpenWrt 23.05 release and has been under development for over one year.

Download firmware images using the OpenWrt Firmware Selector:

• https://firmware-selector.openwrt.org?version=24.10.0
  Download firmware images directly from our download servers:
• https://downloads.openwrt.org/releases/24.10.0/targets/

Highlights in OpenWrt 24.10

General changes

• Upgrades of many components to new versions like the Linux kernel from version 5.15 to 6.6
• TLS 1.3 support in default images
  • mbedtls was updated to version 3.6 which includes support for TLS 1.3
• Activate POSIX Access Control Lists and file system security attributes for all file systems on devices with big flash sizes. This is needed by docker nowadays.
  • This is activated for all targets which do not have the small_flash feature flag. small_flash is set for the ath79/tiny, bcm47xx/legacy, lantiq/ase, lantiq/xrx200_legacy, lantiq/xway_legacy, ramips/mt76x8, ramips/rt288x, ramips/rt305x and ramips/rt3883 targets.
• Activate kernel support for Multipath TCP on devices with big flash sizes.
• Improved support for WiFi6 (802.11ax) and initial support for WiFi7 (802.11be)
  • Not many Wifi7 devices are supported by OpenWrt yet
• Improved Link Layer Discovery Protocol (LLDP) support
• OpenWrt 24.10 uses OPKG only, APK packages are not supported. Only main branch was changed to APK.

Many new devices added

OpenWrt 24.10 supports over 1970 devices. Support for over 100 new devices was added in addition to the device support by OpenWrt 23.05.

• Added support for OpenWrt One

Target changes

• Added d1 target for AllWinner D1 RISC-V SoC
• Added ixp4xx target for Intel XScale IXP4xx SoCs.
• Added loongarch64 target for SoCs with Loongson LoongArch CPUs.
• Added starfive target for StarFive JH71x0 (7100/7110) SoCs.
• Added stm32 target for STMicroelectronics STM32 SoCs.
• Renamed ipq807x target to qualcommax.
• Removed ath25 target. It supported Atheros ieee80211g devices with maximum 16MB RAM
• Removed bcm63xx target. It supported some Broadcom DSL MIPS SoCs and was replaced by the bmips target. The Broadcom DSL itself was never supported.
• Removed octeontx target. It supported the Octeon-TX CN80XX/CN81XX based boards
• Removed oxnas target. It supported the PLXTECH/Oxford NAS782x/OX8xx
• The qoriq target for the NXP QorIQ (PowerPC) SoCs is built
• The ipq806x target for Qualcomm Atheros IPQ806X SoCs was converted to DSA
• Added support for Airoha AN8855 DSA Switch (Xiaomi AX3000T ship both Mediatek and Airoha Switch in the same revision)
• Added bcm2712 subtarget for Raspberry Pi 5.

Core components update

Core components have the following versions in 24.10.0:

• Updated toolchain:
  • musl libc 1.2.5
  • glibc 2.38
  • gcc 13.3.0
  • binutils 2.42
• Updated Linux kernel
  • 6.6.73 for all targets
• Network:
  • hostapd master snapshot from September 2024, dnsmasq 2.90, dropbear 2024.86
  • cfg80211/mac80211 from kernel 6.12.6

Upgrading to 24.10

Sysupgrade can be used to upgrade a device from 23.05 to 24.10, and configuration will be preserved in most cases.

For for upgrades inside the OpenWrt 24.10 stable series for example from a OpenWrt 24.10 release candidate Attended Sysupgrade is supported in addition which allows preserving the installed packages too.

• Sysupgrade from 22.03 to 24.10 is not officially supported.

• There is no configuration migration path for users of the ipq806x target for Qualcomm Atheros IPQ806X SoCs because it switched to DSA. You have to upgrade without saving the configuration.
  ''Image version mismatch. image 1.1 device 1.0 Please wipe config during upgrade (force required) or reinstall. Config cannot be migrated from swconfig to DSA Image check failed''

• User of the Linksys E8450 aka. Belkin RT3200 running OpenWrt 23.05 or earlier will need to run installer version v1.1.3 or later in order to reorganize the UBI layout for the 24.10 release. A detailed description is in the OpenWrt wiki. Updating without using the installer will break the device. Sysupgrade will show a warning before doing an incompatible upgrade.

• Users of the Xiaomi AX3200 aka. Redmi AX6S running OpenWrt 23.05 or earlier have to follow a special upgrade procedure described in the wiki. This will increase the flash memory available for OpenWrt. Updating without following the guide in the wiki break the device. Sysupgrade will show a warning before doing an incompatible upgrade.

• Users of Zyxel GS1900 series switches running OpenWrt 23.05 or earlier have to perform a new factory install with the initramfs image due to a changed partition layout. Sysupgrade will show a warning before doing an incompatible upgrade and is not possible.

Known issues

• LEDs for Airoha AN8855 are not yet supported. Devices like the Xiaomi AX3000T with an Airoha switch will have their switch LEDs powered off. This issue will be addressed in an upcoming OpenWrt SNAPSHOT and the OpenWrt 24.10 minor release.
• 5GHz WiFi is non-functional on certain devices with ath10k chipsets. Affected models include the TP-Link Archer C60 v1, TP-Link Archer C6 v2, and possibly others. For details, see issue #14541.
• Ethernet link instability on some MT7530 switches. Users experiencing unstable Ethernet connections should disable Energy-Efficient Ethernet (EEE) as a workaround. See issue #17351 for more information.
• Kernel warning in ath10k-ct driver at startup. The warning WARNING: CPU: 3 PID: 1695 at backports-6.9.9/net/mac80211/main.c:270 ieee80211_do_open+0x4e8/0x5e0 [mac80211] appears during boot but is harmless and can be ignored. See issue #15959 for details.

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/24.10/notes-24.10.0

In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/24.10/notes-24.10.0#known_issues

For a detailed list of all changes since 24.10.0-rc7, refer to
https://openwrt.org/releases/24.10/changelog-24.10.0

To download the 24.10.0 images, navigate to:
https://downloads.openwrt.org/releases/24.10.0/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org?version=24.10.0

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

To stay informed of new OpenWrt releases and security advisories, there
are new channels available:

• a low-volume mailing list for important announcements:
  https://lists.openwrt.org/mailman/listinfo/openwrt-announce

• a dedicated "announcements" section in the forum:
  https://forum.openwrt.org/c/announcements/14

• other announcement channels (such as RSS feeds) might be added in the
  future, they will be listed at https://openwrt.org/contact

Hi,

The OpenWrt community is proud to announce the seventh release candidate of the upcoming OpenWrt 24.10 stable series.
OpenWrt 24.10.0-rc7 incorporates over 5300 commits since branching the previous OpenWrt 23.05 release and has been under development for over one year.

This is just a release candidate and not the final release yet.

Download firmware images using the OpenWrt Firmware Selector:

• https://firmware-selector.openwrt.org?version=24.10.0-rc7
  Download firmware images directly from our download servers:
• https://downloads.openwrt.org/releases/24.10.0-rc7/targets/

Please test this version

This is not the final version, this is a test version. Please report problems and bugs in our issue tracker. https://github.com/openwrt/openwrt/issues
If there is already an existing ticket feel free to comment that the problem also occurs with OpenWrt 24.10.0-rc7.

Changes between OpenWrt 24.10.0-rc6 and 24.10.0-rc7

Target changes:

• airoha: multiple fixes
• apm821xx: NETGEAR WNDR4700: fix compat version
• ath79: make kmod-usb-chipidea select kmod-phy-ath79-usb
• ipq40xx: AVM FRITZ!Box 7530: fix ADSL/ATM operation
• mediatek: Cudy M3000 / Cudy TR3000: fixes 2.5G PHY interrupt support
• mediatek: Cudy TR3000: update status led
• mediatek: Netgear wax206: fix wifi leds
• mediatek: Xiaomi AX3000T: add Airoha AN8855 gigabit switch driver
• octeon: ubnt-usg: add board name to supported devices
• qualcommax: Spectrum SAX1V1K: add missing WAN LED support
• ramips: USW-Flex: restore full switch performance
• realtek: HPE 1920-8G PoE: fix old compatible
• stm32: enable CONFIG_SMSC_PHY

Generic changes:

• dnsmasq: add fix related to DNSSEC verification from upstream
• generic: fix probe issues with RealTek RTL8221B PHYs
• unetd: fix interface teardown
• wolfssl: update to version 5.7.6

For a detailed list of changes since OpenWrt 24.10.0-rc7 see the 24.10.0-rc7 changelog.

Highlights in OpenWrt 24.10:

General changes

• TLS 1.3 support in default images
  • mbedtls was updated to version 3.6 which includes support for TLS 1.3
• Activate POSIX Access Control Lists and file system security attributes for all file systems on devices with big flash sizes. This is needed by docker nowadays.
  • This is activated for all targets which do not have the small_flash feature flag. small_flash is set for the ath79/tiny, bcm47xx/legacy, lantiq/ase, lantiq/xrx200_legacy, lantiq/xway_legacy, ramips/mt76x8, ramips/rt288x, ramips/rt305x and ramips/rt3883 targets.
• Activate kernel support for Multipath TCP on devices with big flash sizes.
• Improved support for WiFi6 (802.11ax) and initial support for WiFi7 (802.11be)
  • Not many Wifi7 devices are supported by OpenWrt yet
• Improved Link Layer Discovery Protocol (LLDP) support
• OpenWrt 24.10 uses OPKG only, APK packages are not supported. Only main branch was changed to APK.

Many new devices added

OpenWrt 24.10 supports over 1950 devices. Support for over 100 new devices was added in addition to the device support by OpenWrt 23.05.

• Added support for OpenWrt One

Target changes

• Added d1 target for AllWinner D1 RISC-V SoC
• Added ixp4xx target for Intel XScale IXP4xx SoCs.
• Added loongarch64 target for SoCs with Loongson LoongArch CPUs.
• Added starfive target for StarFive JH71x0 (7100/7110) SoCs.
• Added stm32 target for STMicroelectronics STM32 SoCs.
• Renamed ipq807x target to qualcommax.
• Removed ath25 target. It supported Atheros ieee80211g devices with maximum 16MB RAM
• Removed bcm63xx target. It supported some Broadcom DSL MIPS SoCs and was replaced by the bmips target. The Broadcom DSL itself was never supported.
• Removed octeontx target. It supported the Octeon-TX CN80XX/CN81XX based boards
• Removed oxnas target. It supported the PLXTECH/Oxford NAS782x/OX8xx
• The qoriq target for the NXP QorIQ (PowerPC) SoCs is built
• The ipq806x target for Qualcomm Atheros IPQ806X SoCs was converted to DSA
• Added support for Airoha AN8855 DSA Switch (Xiaomi AX3000T ship both Mediatek and Airoha Switch in the same revision)

Core components update

Core components have the following versions in 24.10.0-rc7:

• Updated toolchain:
  • musl libc 1.2.5
  • glibc 2.38
  • gcc 13.3.0
  • binutils 2.42
• Updated Linux kernel
  • 6.6.73 for all targets
• Network:
  • hostapd master snapshot from September 2024, dnsmasq 2.90, dropbear 2024.86
  • cfg80211/mac80211 from kernel 6.12.6

Upgrading to 24.10

Sysupgrade can be used to upgrade a device from 23.05 to 24.10, and configuration will be preserved in most cases.

• Sysupgrade from 22.03 to 24.10 is not officially supported.

• There is no configuration migration path for users of the ipq806x target for Qualcomm Atheros IPQ806X SoCs because it switched to DSA. You have to upgrade without saving the configuration.
  ''Image version mismatch. image 1.1 device 1.0 Please wipe config during upgrade (force required) or reinstall. Config cannot be migrated from swconfig to DSA Image check failed''

• User of the Linksys E8450 aka. Belkin RT3200 running OpenWrt 23.05 or earlier will need to run installer version v1.1.3 or later in order to reorganize the UBI layout for the 24.10 release. A detailed description is in the OpenWrt wiki. Updating without using the installer will break the device. Sysupgrade will show a warning before doing an incompatible upgrade.

• Users of the Xiaomi AX3200 aka. Redmi AX6S running OpenWrt 23.05 or earlier have to follow a special upgrade procedure described in the wiki. This will increase the flash memory available for OpenWrt. Updating without following the guide in the wiki break the device. Sysupgrade will show a warning before doing an incompatible upgrade.

• Users of Zyxel GS1900 series switches running OpenWrt 23.05 or earlier have to perform a new factory install with the initramfs image due to a changed partition layout. Sysupgrade will show a warning before doing an incompatible upgrade and is not possible.

Known issues

• LEDs handling for Airoha AN8855 is currently not supported. Xiaomi AX3000T with Airoha Switch mounted will have Switch LEDs powered OFF. (problem will be addressed in later OpenWrt SNAPSHOT and later Openwrt 24.10 minor release)
• 5GHz Wifi on TP-Link Archer C60 v1, TP-Link Archer C6 v2 and probably more devices with ath10k Wifi chip does not work, see #14541
• Ethernet link unstable on some mt7530 switches. Deactivate EEE (Energy-Efficient Ethernet) as a workaround, see: #17351

Full release notes and upgrade instructions are available at
https://openwrt.org/releases/24.10/notes-24.10.0-rc7

In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/24.10/notes-24.10.0-rc7#known_issues

For a detailed list of all changes since 24.10.0-rc5, refer to
https://openwrt.org/releases/24.10/changelog-24.10.0-rc7

To download the 24.10.0-rc7 images, navigate to:
https://downloads.openwrt.org/releases/24.10.0-rc7/targets/
Use OpenWrt Firmware Selector to download:
https://firmware-selector.openwrt.org?version=24.10.0-rc7

As always, a big thank you goes to all our active package maintainers, testers, documenters and supporters.

Have fun!

The OpenWrt Community

To stay informed of new OpenWrt releases and security advisories, there
are new channels available:

• a low-volume mailing list for important announcements:
  https://lists.openwrt.org/mailman/listinfo/openwrt-announce

• a dedicated "announcements" section in the forum:
  https://forum.openwrt.org/c/announcements/14

• other announcement channels (such as RSS feeds) might be added in the
  future, they will be listed at https://openwrt.org/contact