5
OpenWRT, like any other operating system, suffers from security issues. OpenSSL, for example, appears to have new bugs every month.
I use my router as the termination point for openvpn
(one of the few external points that terminate on the router, rather than forward to another machine). This has package dependencies (eg on openssl
).
Are there patches available? I can run
opkg update
opkg list-upgradable
and get zero results. I'm assuming this is because the default repo's are static and don't get updated.
So, finally, the question:
Are updates available for OpenWRT, without needing to reflash the whole machine to the latest/greatest (beta?) version?
OK, thanks. The "security" side of me isn't happy and I may need to find an alternative firmware. Ah well. – Stephen Harris – 2016-09-06T18:12:14.803
There is no alternative firmware that will do what you seem to want. This is just a fact of life for embedded devices. – Michael Hampton – 2016-09-06T20:09:51.133
LEDE seems to do that. Though, I never used it myself. – Konrad – 2017-07-13T16:52:22.700
@MichaelHampton This is incorrect. OpenWrt uses the JFFS2 filesystem which allows modifying the root filesystem indirectly, even without an external USB device. Data can never be truly deleted, so each write (whether creating or deleting files) fills it up a little more. – forest – 2018-04-14T02:41:08.910
@forest that's entirely true, but it's also entirely irrelevant. – Michael Hampton – 2018-04-14T02:52:06.363
How is it irrelevant? Your statement that OpenWrt requires reflashing for every update is incorrect. – forest – 2018-04-14T02:54:31.503