9.2.5.2.48SF-HW:

1. Toolchain: binutils is upgraded 2.43.1->2.44.
2. Toolchain: Go is upgraded 1.23.3->1.23.6.
3. OpenVPN is upgraded 2.6.12->2.6.13.
4. lighttpd package is upgraded 1.4.76->1.4.77.
5. DNSCrypt Proxy v.2 is upgraded 2.1.5->2.1.7.
6. util-linux package is upgraded 2.40.2->2.40.4.
7. e2fsprogs package is upgraded 1.47.1->1.47.2.
8. curl package is upgraded 8.11.0->8.12.0.
9. bind package is upgraded 9.18.31->9.18.33.
10. proftpd package is upgraded 1.3.8b->1.3.8c.
11. ca-certificates package is upgraded 20240203->20241223.
12. sysstat package is upgraded 12.7.6->12.7.7.
13. pcre2 package is upgraded 10.44->10.45.
14. libtalloc package is upgraded 2.4.2->2.4.3.
15. gettext-full package is upgraded 0.23->0.23.1.
16. iperf3 package is upgraded 3.17.1->3.18.
17. nano package is upgraded 8.2->8.3.
18. lighttpd: fix '/etc/lighttpd/conf.d/30-cgi.conf' to display SMS Information (WebGUI).
19. Host tools: upgrade mkimage/u-boot to 2025.01.
21. Host tools: upgrade e2fsprogs to 1.47.2.
21. Host tools: upgrade xz to 5.6.4.
22. Host tools: upgrade quilt to 0.68.

9.2.5.2.47SF-HW:

1. Toolchain: Go is upgraded 1.22.6->1.23.3.
2. expat package is upgraded 2.6.3->2.6.4 (fixing CVE-2024-50602).
3. dropbear package is upgraded 2024.85->2024.86.
4. curl package is upgraded 8.9.1->8.11.0.
5. cifs-utils package is upgraded 7.0->7.1.
6. wget package is upgraded 1.24.5->1.25.0.
7. bind package is upgraded 9.18.29->9.18.31.
8. ethtool package is upgraded 6.10->6.11.
9. haveged package is upgraded 1.9.18->1.9.19.
10. less package is upgraded 661->668.
11. unbound package (used in stubby) is upgraded 1.21.0->1.22.0.
12. nghttp2 package is upgraded 1.63.0->1.64.0.
13. libjson-c package is upgraded 0.17->0.18.
14. gettext-full package is upgraded 0.22.5->0.23.
15. Add 'libtalloc' package.
16. samba36: add a dependency on libtalloc.
17. tcpdump: add patches to support tcpdump-mini and to remove pcap debug.
18. Host tools: upgrade mtd-utils to 2.2.1.
19. Host tools: upgrade xz to 5.6.3. 

9.2.5.2.46SF-HW:

1. Toolchain: binutils is upgraded 2.42->2.43.1.
2. Toolchain: Go is upgraded 1.22.5->1.22.7.
3. OpenSSL v. 3.0.x package is upgraded 3.0.14->3.0.15 (fixing CVE-2024-6119, CVE-2024-5535).
4. OpenVPN is upgraded 2.6.11->2.6.12 (fixing CVE-2024-5594).
5. expat package is upgraded 2.6.2->2.6.3 (fixing CVE-2024-45490, CVE-2024-45491, CVE-2024-45492).
6. libpcap package is upgraded 1.10.4->1.10.5 (fixing CVE-2023-7256, CVE-2024-8006).
7. tcpdump package is upgraded 4.99.4->4.99.5.
8. curl package is upgraded 8.8.0->8.9.1.
9. ethtool package is upgraded 6.9->6.10.
10. nano package is upgraded 8.0->8.2.
11. bind package is upgraded 9.18.27->9.18.29.
12. nghttp2 package is upgraded 1.62.1->1.63.0.
13. unbound package (used in stubby) is upgraded 1.20.0->1.21.0.
14. lz4 package is upgraded 1.9.1->1.10.0 (multithreading support).
15. libreadline package is upgraded 8.2->8.2.13.
16. sms-tool package is upgraded 2023-09-21->2024-07-25.
17. Host tools: upgrade mtd-utils to 2.2.0.
18. Host tools: upgrade xz to 5.6.2.

9.2.5.2.45SF-HW:

1. Toolchain: Go is upgraded 1.22.3->1.22.5.
2. OpenVPN is upgraded 2.6.10->2.6.11 (fixing CVE-2024-4877, CVE-2024-5594, CVE-2024-28882).
3. OpenSSL v. 3.0.x package is upgraded 3.0.13->3.0.14 (fixing CVE-2024-4741, CVE-2024-2511).
4. util-linux package is upgraded 2.39.4->2.40.2.
5. ethtool package is upgraded 6.7->6.9.
6. pcre2 package is upgraded 10.43->10.44.
7. gdbm package is upgraded 1.23->1.24.
8. sysstat package is upgraded 12.7.5->12.7.6.
9. logrotate package is upgraded 3.21.0->3.22.0.
10. less package is upgraded 643->661.
11. ipset: add patch to fix json output format for IPSET_OPT_IP.
12. Host tools: upgrade mkimage/u-boot to 2024.07.
13. Host tools: upgrade mtd-utils to 2.2.0.

9.2.5.2.44SF-HW:

1. Toolchain: Go is upgraded 1.22.2->1.22.3.
2. unbound package (used in stubby) is upgraded 1.19.3->1.20.0 (fixing CVE-2024-33655).
	https://access.redhat.com/security/cve/CVE-2024-33655
	(score 3.7, Low)
3. lighttpd package is upgraded 1.4.75->1.4.76 (to avoid CVE-2024-3094 xz supply chain attack).
	https://nvd.nist.gov/vuln/detail/CVE-2024-3094
	(score 10.0, Critical, but most likely does not apply to this ORBI firmware version)
4. OpenSSL v. 1.1.1 package is upgraded to OpenSSL v. 3.0.x 1.1.1w->3.0.13.
5. dropbear package is upgraded 2024.84->2024.85.
6. e2fsprogs package is upgraded 1.47.0->1.47.1.
7. bind package is upgraded 9.18.25->9.18.27.
8. nghttp2 package is upgraded 1.61.0->1.62.1.
9. curl package is upgraded 8.7.1->8.8.0.
10. nano package is upgraded 7.2->8.0.
11. iperf3 package is upgraded 3.16->3.17.1.
12. Upgrade pcre 8.45 to pcre2 10.43 8.45->10.43.
13. ngrep: disable pcre.
14. wget: replace dependence on pcre with dependence on pcre2.
15. samba36: add patch to undef 'mkdir' macro.
16. hotplug2: fix hotplug2.mount script (minor missprint).
17. OpenVPN: add NG/DNI patches for system logs.
18. Host tools: upgrade e2fsprogs to 1.47.1.
19. Host tools: upgrade UPX to 4.2.4.

9.2.5.2.43SF-HW:

1. Toolchain: Go is upgraded 1.21.6->1.22.2.
2. expat package is upgraded 2.5.0->2.6.2 (fixing CVE-2023-52425, CVE-2023-52426, CVE-2024-28757).
	https://nvd.nist.gov/vuln/detail/CVE-2023-52425
	(score 7.5, High)
	https://nvd.nist.gov/vuln/detail/CVE-2023-52426
	(score 5.5, Medium)
	https://www.suse.com/security/cve/CVE-2024-28757.html
	(score 7.5, High)
3. unbound package (used in stubby) is upgraded 1.19.0->1.19.3 (fixing CVE-2023-50387, CVE-2023-50868, CVE-2024-1931).
	https://nvd.nist.gov/vuln/detail/CVE-2023-50387
	(score 7.5, High)
	https://access.redhat.com/security/cve/CVE-2023-50868
	(score 7.5, High)
	https://nvd.nist.gov/vuln/detail/CVE-2024-1931
	(score 7.5, High)
4. dropbear package is upgraded 2022.83->2024.84 (fixing CVE-2023-48795).
	https://nvd.nist.gov/vuln/detail/CVE-2023-48795
	(score 5.9. Medium)
5. bind package is upgraded 9.18.21->9.18.25 (fixing CVE-2023-4408, CVE-2023-5517, CVE-2023-5679, CVE-2023-50387, CVE-2023-50868, CVE-2023-50387).
	https://nvd.nist.gov/vuln/detail/CVE-2023-4408
	(score 7.5, High)
	https://nvd.nist.gov/vuln/detail/CVE-2023-5517
	(score 7.5, High)
	https://nvd.nist.gov/vuln/detail/CVE-2023-5679
	(score 7.5, High)
	https://nvd.nist.gov/vuln/detail/CVE-2023-50387
	(score 7.5, High)
	https://access.redhat.com/security/cve/CVE-2023-50868
	(score 7.5, High)
	https://nvd.nist.gov/vuln/detail/CVE-2023-50387
	(score 7.5, High)
6. libuv: add patch to fix CVE-2024-24806.
	https://nvd.nist.gov/vuln/detail/CVE-2024-24806
	(score 7.3, High)
7. nghttp2 package is upgraded 1.59.0->1.61.0.
	https://nvd.nist.gov/vuln/detail/CVE-2024-28182
	(score 5.3, Medium)
8. lua: add patch to fix CVE-2014-5461.
	https://www.suse.com/security/cve/CVE-2014-5461.html
	(score 5.0. Medium)
9. OpenVPN is upgraded 2.6.8->2.6.10.
10. lighttpd package is upgraded 1.4.73->1.4.75.
11. curl package is upgraded 8.6.0->8.7.1.
12. ipset package is upgraded 7.19->7.21.
13. wget package is upgraded 1.21.4->1.24.5.
14. util-linux package is upgraded 2.39.3->2.39.4.
15. coreutils package is upgraded 9.4->9.5.
16. gettext-full package is upgraded 0.22.4->0.22.5.
17. libcap-ng package is upgraded 0.8.4->0.8.5.
18. ca-certificates package is upgraded 20230311->20240203.
19. Host tools: upgrade UPX to 4.2.3.

9.2.5.2.42SF-HW:

1. Toolchain: binutils is upgraded 2.41->2.42.
3. Toolchain: Go is upgraded 1.21.3->1.21.6.
4. Toolchain: gdb is upgraded to 13.2.
4. dropbear: add patch to fix CVE-2023-48795.
	https://nvd.nist.gov/vuln/detail/CVE-2023-48795
	(score 5.9. Medium)
5. lighttpd package is upgraded 1.4.72->1.4.73.
6. OpenVPN is upgraded 2.5.9->2.6.8.
7. Add 'libcap-ng' package (needed to compile OpenVPN 2.6.x).
8. OpenVPN server: set default cipher to 'CHACHA20-POLY1305' for client config ('download' script).
9. proftpd package is upgraded 1.3.8a->1.3.8b.
10. ethtool package is upgraded 6.5->6.7.
11. curl package is upgraded 8.4.0->8.6.0.
12. bind package is upgraded 9.18.19->9.18.21.
13. iperf3 package is upgraded 3.15->3.16.
14. util-linux package is upgraded 2.39.2->2.39.3.
15. sysstat package is upgraded 12.7.4->12.7.5.
16. zlib package is upgraded 1.3->1.3.1.
17. unbound package (used in stubby) is upgraded 1.18.0->1.19.0.
18. nghttp2 package is upgraded 1.57.0->1.59.0.
19. gettext-full package is upgraded 0.22.3->0.22.4.
20. libnl-tiny package is upgraded 2023-07-27->2023-12-05.
21. cifs-utils: add a dependency on libcap-ng.
22. Host tools: upgrade mkimage/u-boot to 2024.01.
23. Host tools: upgrade zlib to 1.3.1.
24. Host tools: upgrade xz to 5.4.6.
25. Host tools: upgrade UPX to 4.2.2.

9.2.5.2.41SF-HW:

1. Toolchain: binutils is upgraded 2.40->2.41.
2. Toolchain: Go is upgraded 1.21.0->1.21.3.
3. curl package is upgraded 8.2.1->8.4.0 (fixing CVE-2023-38545, CVE-2023-38546).
	https://phoenix.security/vulnerability-curl/
	CVE-2023-38545: high severity vulnerability
	CVE-2023-38546: low severity vulnerability
4. nghttp2 package is upgraded 1.55.1->1.57.0 (fixing CVE-2023-44487).
	https://nvd.nist.gov/vuln/detail/CVE-2023-44487
	(score 7.5. High)
5. OpenSSL v. 1.1.1 package is upgraded 1.1.1v->1.1.1w (fixing CVE-2023-4807).
	https://nvd.nist.gov/vuln/detail/CVE-2023-4807
	(score 7.8, High, but actually is not related to router firmware)
6. samba36: add patches to fix CVE:
	CVE-2015-5330, CVE-2017-11103, CVE-2017-2619, CVE-2018-14629, CVE-2018-16841,
	CVE-2018-16851, CVE-2018-16860, CVE-2019-10218, CVE-2019-3880, CVE-2020-10745,
	CVE-2020-14303
7. lighttpd package is upgraded 1.4.71->1.4.72.
8. ethtool package is upgraded 6.4->6.5.
9. ipset package is upgraded 7.17->7.19.
10. proftpd package is upgraded 1.3.8->1.3.8a.
11. bind package is upgraded 9.18.18->9.18.19.
12. coreutils package is upgraded 9.3->9.4.
13. sysstat package is upgraded 12.7.2->12.7.4.
14. zlib package is upgraded 1.2.13->1.3.
15. gettext-full package is upgraded 0.21.1->0.22.3.
16. unbound package (used in stubby) is upgraded 1.17.1->1.18.0.
17. dbus package is upgraded 1.14.8->1.14.10.
18. iperf3 package is upgraded 3.14->3.15.
19. sms-tool package is upgraded 2022-03-21->2023-09-21.
20. Kernel: Linux kernel patch to fix build with binutils >= 2.41.
21. Init script 'net-lan': add call of '/usr/sbin/update_user'.
22. Remove dummy 'gettext' and 'libiconv' packages ('gettext-full' and 'libiconv-full' are used instead of).
23. Host tools: upgrade mpfr to 4.2.1.
24. Host tools: upgrade mtd-utils to 2.1.6.

9.2.5.2.40SF-HW:

1. Toolchain: Go is upgraded 1.20.5->1.21.0.
2. OpenSSL v. 1.1.1 package is upgraded 1.1.1u->1.1.1v (fixing CVE-2023-3817, CVE-2023-3446).
	https://nvd.nist.gov/vuln/detail/CVE-2023-3817
	(score 5.3, Medium)
	https://nvd.nist.gov/vuln/detail/CVE-2023-3446	
	(score 5.3, Medium)
3. DNSCrypt Proxy v.2 is upgraded 2.1.4->2.1.5.
4. curl package is upgraded 8.1.2->8.2.1.
5. ethtool package is upgraded 6.3->6.4.
6. bind package is upgraded 9.18.15->9.18.18.
7. iperf3 package is upgraded 3.13->3.14.
8. util-linux package is upgraded 2.38.1->2.39.2.
9. tar package is upgraded 1.34->1.35.
10. less package is upgraded 633->643.
11. zlib package is upgraded 1.2.13->1.3.
12. libnl-tiny package is upgraded 2023-04-02->2023-07-27.
13. nghttp2 package is upgraded 1.54.0->1.55.1.
14. libjson-c package is upgraded 0.16->0.17.
15. lighttpd: add 'mod_h2.so' module to fix WebGUI access by HTTPS.
16. Boost of kernel ('-O3', '-ftree-vectorize', '-fvect-cost-model=dynamic' compilation options for the whole kernel).
17. Host tools: upgrade UPX to 4.1.0.
18. Host tools: upgrade xz to 5.4.4.
19. Host tools: upgrade zlib to 1.3.
20. Host tools: upgrade gmp to 6.3.0.

9.2.5.2.39SF-HW:

1. Toolchain: Go is upgraded 1.20.3->1.20.5.
2. OpenSSL v. 1.1.1 package is upgraded 1.1.1t->1.1.1u (fixing CVE-2023-0466, CVE-2023-0465, CVE-2023-0464).
	https://nvd.nist.gov/vuln/detail/CVE-2023-0466
	(score 5.3, Medium)
	https://nvd.nist.gov/vuln/detail/CVE-2023-0465
	(score 5.3, Medium)
	https://nvd.nist.gov/vuln/detail/CVE-2023-0464
	(score 7.5, High)
3. lighttpd package is upgraded 1.4.69->1.4.71.
4. wget package is upgraded 1.21.3->1.21.4.
5. curl package is upgraded 8.0.1->8.1.2.
6. bind package is upgraded 9.18.13->9.18.15.
7. ethtool package is upgraded 6.2->6.3.
8. dbus package is upgraded 1.14.6->1.14.8.
9. e2fsprogs package is upgraded 1.46.6->1.47.0.
10. coreutils package (gnu-date) is upgraded 9.2->9.3.
11. less package is upgraded 608->633.
12. nghttp2 package is upgraded 1.52.0->1.54.0.
13. readline: split to 'libreadline' and  'libhistory', disable 'libhistory' in 'defconfig' (unused).
14. Host tools: upgrade e2fsprogs to 1.47.0.
15. Host tools: upgrade patchelf to 0.18.0.
16. Host tools: upgrade xz to 5.4.3.
17. Host tools: upgrade mkimage/u-boot to 2023.04.

9.2.5.2.38SF-HW:

1. Toolchain: Go is upgraded 1.19.5->1.20.3.
2. OpenSSL 1.0.2: create and add patches to fix CVE-2023-0215/CVE-2023-0286.
	https://nvd.nist.gov/vuln/detail/CVE-2023-0215
	(score 7.5, High)
	https://nvd.nist.gov/vuln/detail/CVE-2023-0286
	(score 7.4, High)
3. tcpdump package is upgraded 4.99.3->4.99.4 (fixing CVE-2023-1801).
	https://nvd.nist.gov/vuln/detail/CVE-2023-1801
	https://access.redhat.com/security/cve/cve-2023-1801
	(score 5.5, Medium)
4. curl package is upgraded 7.88.0->8.0.1.
5. proftpd package is upgraded 1.3.7f->1.3.8.
6. ethtool package is upgraded 6.1->6.2.
7. ethtool: change to 'ethtool-tiny' variant.
8. ca-certificates package is upgraded 20211016->20230311.
9. bind package is upgraded 9.18.12->9.18.13.
10. coreutils package (gnu-date) is upgraded 9.1->9.2.
11. libnl-tiny package is upgraded 2022-11-01->2023-04-02.
12. libpcap package is upgraded 1.10.3->1.10.4.
13. dnsmasq: add changes from the stock R9000-V1.0.5.42.
14. Selective optimization '-O3' of kernel components/modules (slight boost).
15. Host tools: upgrade libtool to 2.4.7.
16. Host tools: upgrade xz to 5.4.2.
17. Host tools: upgrade mpc to 1.3.1.
18. Host tools: synchronize squashfs3-lzma and lzma-old with OpenWRT.

9.2.5.2.37.1SF-HW:

1. Bug fixing: add missed 'ethtool' package.
2. OpenVPN is upgraded 2.5.8->2.5.9.
3. curl package is upgraded 7.87.0->7.88.0.
4. iperf3 package is upgraded 3.12->3.13.
5. nghttp2 package is upgraded 1.51.0->1.52.0.
6. bind package is upgraded 9.18.11->9.18.12.
7. ethtool: change to 'ethtool-full' variant.

9.2.5.2.37SF-HW:

1. Toolchain: binutils is upgraded 2.39->2.40.
2. Toolchain: Go is upgraded 1.18.9->1.19.5.
3. OpenSSL v. 1.1.1 package is upgraded 1.1.1s->1.1.1t (fixing CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286).
	https://www.openssl.org/news/openssl-1.1.1-notes.html
	CVE-2023-0286, High severity.
	CVE-2023-0215, Moderate severity.
	CVE-2022-4450, Moderate severity.
	CVE-2022-4304, Moderate severity.
4. e2fsprogs package is upgraded 1.46.5->1.46.6 (fixing CVE-2022-1304).
	https://nvd.nist.gov/vuln/detail/cve-2022-1304
	(score 7.8, High)
5. bind package is upgraded 9.18.9->9.18.11 (fixing CVE-2022-3924, CVE-2022-3736).
	https://nvd.nist.gov/vuln/detail/CVE-2022-3924
	(score 7.5, High)
	https://nvd.nist.gov/vuln/detail/CVE-2022-3736
	(score 7.5, High)
6. lighttpd package is upgraded 1.4.67->1.4.69.
7. DNSCrypt Proxy v.2 is upgraded 2.1.2->2.1.4.
8. ipset package is upgraded 7.16->7.17.
9. curl package is upgraded 7.86.0->7.87.0.
10. unbound package (used in stubby) is upgraded 1.17.0->1.17.1.
11. getdns package (used in stubby) is upgraded 1.7.2->1.7.3.
12. stubby package is upgraded 0.4.2->0.4.3.
13. ncurses package is upgraded 6.3->6.4.
14. libpcap package is upgraded 1.10.1->1.10.3.
15. tcpdump package is upgraded 4.99.1->4.99.3.
16. ethtool package is upgraded 6.0->6.1.
17. dbus package is upgraded 1.14.4->1.14.6.
18. nano package is upgraded 7.1->7.2.
19. sysstat package is upgraded 12.7.1->12.7.2.
20. Host tools: upgrade e2fsprogs to 1.46.6 (fixing CVE-2022-1304).
	https://nvd.nist.gov/vuln/detail/cve-2022-1304
	(score 7.8, High)
21. Host tools: upgrade mkimage/u-boot to 2023.01.
22. Host tools: upgrade mtd-utils to 2.1.5.
23. Host tools: upgrade genext2fs to 1.5.0.
24. Host tools: upgrade xz to 5.4.1.
25. Host tools: upgrade mpfr to 4.2.0.
26. Host tools: upgrade UPX to 4.0.2.
27. Host tools: synchronize libtool with OpenWRT.

9.2.5.2.36SF-HW:

1. Toolchain: Go is upgraded 1.18.8->1.18.9.
2. zlib package is upgraded 1.2.12->1.2.13 (fixing CVE-2022-37434).
	https://nvd.nist.gov/vuln/detail/CVE-2022-37434
	(score 9.8, Critical)
3. OpenVPN is upgraded 2.5.7->2.5.8.
4. dropbear package is upgraded 2022.82->2022.83.
5. proftpd package is upgraded 1.3.7e->1.3.7f.
6. ipset package is upgraded 7.15->7.16.
7. curl package is upgraded 7.86.0->7.87.0.
8. dbus package is upgraded 1.13.22->1.14.4.
9. sysstat package is upgraded 12.6.0->12.7.1.
10. logrotate package is upgraded 3.20.1->3.21.0.
11. nano package is upgraded 6.4->7.1.
12. less package is upgraded 598->608.
13. bind package is upgraded 9.18.8->9.18.10.
14. libusb-compat package is upgraded 0.1.7->0.1.8.
15. nghttp2 package is upgraded 1.50.0->1.51.0.
16. Add autossh package.
17. '-O3' optimization for part of kernel drivers (kernel level).
18. Cosmetic changes: 'R7800' -> 'RBK50'.
19. Host tools: upgrade xz to 5.2.10.
20. Host tools: upgrade zlib to 1.2.13.
21. Host tools: upgrade sed to 4.9.
22. Host tools: upgrade mpfr to 4.1.1.
23. Host tools: upgrade UPX to 4.0.1.

9.2.5.2.35SF-HW:

1. Toolchain: Go is upgraded 1.18.6->1.18.8.
2. zlib: add patch to fix CVE-2022-37434.
	https://nvd.nist.gov/vuln/detail/CVE-2022-37434
	(score 9.8, Critical)
3. expat package is upgraded 2.4.8->2.5.0 (fixing CVE-2022-40674, CVE-2022-43680).
	https://nvd.nist.gov/vuln/detail/CVE-2022-40674
	(score 9.8, Critical)
	https://nvd.nist.gov/vuln/detail/CVE-2022-43680
	(score 7.5, High)
4. unbound package (used in stubby) is upgraded 1.16.2->1.17.0 (fixing CVE-2022-3204).
	https://nvd.nist.gov/vuln/detail/CVE-2022-3204
	(score 7.5, High)
5. OpenSSL v. 1.1.1 package is upgraded 1.1.1q->1.1.1s.
6. stubby package is upgraded 0.4.0->0.4.2.
7. curl package is upgraded 7.85.0->7.86.0.
8. lighttpd package is upgraded 1.4.66->1.4.67.
9. ethtool package is upgraded 5.19->6.0.
10. nghttp2 package is upgraded 1.49.0->1.50.0.
11. bind package is upgraded 9.18.6->9.18.8.
12. libnl-tiny package is upgraded 2022-05-17->2022-11-01.
13. popt package is upgraded 1.18->1.19.
14. libreadline package is upgraded 8.1.2->8.2.
15. gettext-full package is upgraded 0.21->0.21.1.
16. iperf3 package is upgraded 3.11->3.12.
17. Host tools: upgrade xz to 5.2.7.
18. Host tools: upgrade mkimage/u-boot to 2022.10

9.2.5.2.34SF-HW:

1. Toolchain: binutils is upgraded 2.38->2.39.
2. Toolchain: Go is upgraded 1.18.4->1.18.6.
3. Toolchain: GDB is upgraded 11.2->12.1.
4. OpenSSL 1.0.2u: add patches to fix CVE-2020-1971/CVE-2021-23841/CVE-2021-3712/CVE-2022-0778:
	https://nvd.nist.gov/vuln/detail/CVE-2020-1971
	(score 5.9, Medium)
	https://nvd.nist.gov/vuln/detail/CVE-2021-23841
	(score 5.9, Medium)
	https://nvd.nist.gov/vuln/detail/CVE-2021-3712
	(score 7.4, High)
	https://nvd.nist.gov/vuln/detail/CVE-2022-0778
	(score 7.5, High)
5. DNSCrypt Proxy v.2 is upgraded 2.1.1->2.1.2.
6. curl package is upgraded 7.84.0->7.85.0.
7. lighttpd package is upgraded 1.4.65->1.4.66.
8. unbound package (used in stubby) is upgraded 1.16.1->1.16.2.
9. getdns package (used in stubby) is upgraded 1.7.0->1.7.2.
10. lz4 package is upgraded 1.9.3->1.9.4.
11. cifs-utils package is upgraded 6.15->7.0.
12. ethtool package is upgraded 5.18->5.19.
13. nano package is upgraded 6.3->6.4.
14. tcpdump: add UPX packing.
15. bind package is upgraded 9.18.4->9.18.6.
16. nghttp2 package is upgraded 1.48.0->1.49.0.
17. util-linux package is upgraded 2.38->2.38.1.
18. util-linux: add 'dmesg' utility instead of busybox version.
19. Default congestion control algorithm is changed to 'illinois'.
20. Host tools: upgrade mkimage/u-boot to 2022.07.
21. Host tools: upgrade xz to 5.2.6.

9.2.5.2.33SF-HW:

1. Toolchain: add patch to uClibc to fix CVE-2022-30295, score 6.5, Medium (Use predictable DNS transaction IDs that may lead to DNS cache poisoning).
	https://nvd.nist.gov/vuln/detail/CVE-2022-30295
2. Toolchain: Go is upgraded 1.18.3->1.18.4.
3. wireguard package is upgraded 1.0.20211208->1.0.20220627.
4. OpenSSL v. 1.1.1 package is upgraded 1.1.1p->1.1.1q.
5. curl package is upgraded 7.83.1->7.84.0.
6. proftpd package is upgraded 1.3.7d->1.3.7e.
7. tcpdump package is upgraded 4.9.3->4.99.1.
8. unbound package (used in stubby) is upgraded 1.16.0->1.16.1.
9. bind package is upgraded 9.18.3->9.18.5.
10. libuv package is upgraded 1.44.1->1.44.2.
11. nghttp2 package is upgraded 1.47.0->1.48.0.

9.2.5.2.32SF-HW:

1. Toolchain: GCC is upgraded 9.4.0->9.5.0.
2. Toolchain: Go is upgraded 1.18.1->1.18.3.
3. OpenSSL v. 1.1.1 package is upgraded 1.1.1o->1.1.1p.
4. OpenVPN is upgraded 2.5.6->2.5.7.
5. lighttpd package is upgraded 1.4.64->1.4.65.
6. unbound package (used in stubby) is upgraded 1.15.0->1.16.0.
7. curl package is upgraded 7.83.0->7.83.1.
8. libnl-tiny package is upgraded 2021-11-21->2022-05-17.
9. elfutils package is upgraded 0.186->0.187.
10. bind package is upgraded 9.18.2->9.18.4.
11. ethtool package is upgraded 5.17->5.18.
12. sysstat package is upgraded 12.5.6->12.6.0.
13. logrotate package is upgraded 3.19.0->3.20.1.
14. libiconv-full package is upgraded 1.16->1.17.
15. iw package is upgraded 5.9->5.16.
16. iptables: add 'tee' support (iptables-mod-tee/kmod-ipt-tee packages).
17. Slight boost adding '-ftree-vectorize' and '-fvect-cost-model=unlimited' flags to compilation options (speed up).
18. '-O3' optimization for part of kernel components (kernel level).

9.2.5.2.31SF-HW:

1. Toolchain: Go is upgraded 1.18->1.18.1.
2. Toolchain: GDB is upgraded 11.1->11.2.
3. OpenSSL v. 1.1.1 package is upgraded 1.1.1n->1.1.1o (fixing CVE-2022-1292).
4. cifs-utils package is upgraded 6.14->6.15 (fixing CVE-2022-27239, CVE-2022-29869).
5. Upgrade 'dnsmasq' package from the stock Orbi RBK50 firmware V2.7.4.24.
6. Upgrade WebGUI LG_VERSION.
7. sms-tool package is upgraded 2021-12-03->2022-03-21.
8. libjson-c package is upgraded 0.15->0.16.
9. popt package is upgraded 1.16->1.18.
10. gdbm package is upgraded 1.19.1->1.23.
11. nghttp2 package is upgradet 1.44.0->1.47.0.
12. bind package is upgraded 9.18.1->9.18.2.
13. curl package is upgraded 7.82.0->7.83.0.
14. proftpd package is upgraded 1.3.7c->1.3.7d.
15. haveged package is upgraded 1.9.17->1.9.18.
16. coreutils package (gnu-date) is upgraded 9.0->9.1.
17. logrotate package is upgraded 3.17.0->3.19.0.
18. sysstat package is upgraded 12.4.5->12.5.6.
19. nano package is upgraded 6.2->6.3.
20. Synchronize 'lua' patches and Makefile.
21. '-O3' optimization for part of kernel lib (kernel level).
22. Host tools: upgrade quilt to 0.67.
23. Host tools: upgrade missing-macros to 11.
24. Host tools: upgrade findutils to 4.9.0.

9.2.5.2.30SF-HW:

1. Toolchain: Go is upgraded 1.17.7->1.18.
2. OpenVPN is upgraded 2.5.5->2.5.6 (fixing CVE-2022-0547, score 9.8, Critical).
	https://nvd.nist.gov/vuln/detail/CVE-2022-0547
3. OpenSSL v. 1.1.1 package is upgraded 1.1.1m->1.1.1n (fixing CVE-2022-0778, score 7.5, High).
	https://nvd.nist.gov/vuln/detail/CVE-2022-0778
4. expat package is upgraded 2.4.7->2.4.8 Relax fix to CVE-2022-25236 (introduced with release 2.4.5).
5. dropbear package is upgraded 2020.81->2022.82.
6. zlib package is upgraded 1.2.11->1.2.12.
7. ethtool package is upgraded 5.16->5.17.
8. bind package is upgraded 9.18.0->9.18.1.
9. libuv package is upgraded 1.41.1->1.44.1.
10. util-linux package is upgraded 2.37.4->2.38.
11. dbus package is upgraded 1.13.20->1.13.22.
12. sysstat package is upgraded 12.4.3->12.4.5.
13. libmnl package is upgraded 1.0.4->1.0.5.
14. libreadline package is upgraded 8.1->8.1.2.
15. Make an order in various Makefiles.
16. Host tools: upgrade mklibs to 0.1.45.
17. Host tools: upgrade zlib to 1.2.12.
18. Host tools: upgrade mkimage/u-boot to 2022.01.

9.2.5.2.29SF-HW:

1. Toolchain: binutils is upgraded 2.37->2.38.
2. Toolchain: Go is upgraded 1.17.6->1.17.8.
3. Add 'sms-tool' utility to firmware.
4. Change 'get-sms.sh' script to use 'sms-tool' utility.
5. Change WebGUI ('lte_info.htm') to display SMS Information ('sms-tool' output).
6. util-linux package is upgraded 2.37.2->2.37.4 (fixing CVE-2021-3995, CVE-2021-3996, CVE-2022-0563).
7. expat package is upgraded 2.4.3->2.4.7 (fixing CVE-2022-23852, CVE-2022-23990).
8. aws-iot: add possibility to disable Amazon Alexa (@NetBytes, @spocko):
	nvram set noaws=1
	nvram commit
	reboot
9. curl package is upgraded 7.81.0->7.82.0.
10. iptables: add patch to disable exit if no library for match (@HELLO_wORLD).
11. dnscrypt-proxy-2: change startup priority to 98 (@microchip).
12. unbound package (used in stubby) is upgraded 1.14.0->1.15.0.
13. bind package is upgraded 9.17.21->9.18.0.
14. libusb package is upgraded 1.0.24->1.0.25.
15. dbus package is upgraded 1.13.20->1.13.22.
16. wget package is upgraded 1.21.2->1.21.3.
17. iperf3 package is upgraded 3.10.1->3.11.
18. nano package is upgraded 6.0->6.2.
19. GNU 'less' utility is added,  busybox applet 'less' is disabled (to support UTF-8).
20. '-O3' optimization for part of drivers and kernel (kernel level).
21. Host tools: upgrade mklibs to 0.1.45

9.2.5.2.28.1SF-HW:

1. expat package is upgraded 2.4.2->2.4.3 (fixing CVE-2021-45960, CVE-2021-46143, from CVE-2022-22822 to CVE-2022-22827).
	Base Scores: 7.5, 7.8/8.1, 9.8, 9.8, 9.8, 8.8, 8.8, 8.8.
	https://github.com/libexpat/libexpat/blob/R_2_4_3/expat/Changes
2. nano: add UTF-8 support.
3. lighttpd package is upgraded 1.4.63->1.4.64.
4. ethtool package is upgraded 5.15->5.16.
5. libiconv-full': iconv' utility is added to firmware.
6. xxd package is added.
7. Host tools: upgrade mtd-utils to 2.1.4.

9.2.5.2.28SF-HW:

1. Toolchain: Go is upgraded 1.17.5->1.17.6.
2. OpenSSL v. 1.1.1 package is upgraded 1.1.1l->1.1.1m.
3. OpenVPN is upgraded 2.5.4->2.5.5.
4. unbound package (used in stubby) is upgraded 1.13.2->1.14.0.
5. getdns package (used in stubby) is upgraded 1.5.2->1.7.0.
6. Add 'check' package ('getdns' dependency).
7. stubby package is upgraded 0.3.0->0.4.0.
8. curl package is upgraded 7.80.0->7.81.0.
9. elfutils package is upgraded 0.182->0.186.
10. libnl-tiny package is upgraded 2020-08-05->2021-11-21.
11. libexif package is upgraded 0.6.22->0.6.24.
12. e2fsprogs package is upgraded 1.46.4->1.46.5.
13. haveged package is upgraded 1.9.15->1.9.17.
14. expat package is upgraded 2.4.1->2.4.2.
15. dbus package is upgraded 1.13.18->1.13.20.
16. bind package is upgraded 9.17.20->9.17.21.
17. nano package is upgraded 5.9->6.0.
18. hd-idle package is upgraded 1.04->1.05.
19. dnscrypt-proxy-2: add UPX packing.
20. Host tools: upgrade e2fsprogs to 1.46.5.
21. Host tools: upgrade scons to 3.1.2.
22. Host tools: upgrade mkimage/u-boot to 2021.10.

9.2.5.2.27SF-HW:

1. Toolchain: Go is upgraded 1.17.2->1.17.5.
2. Toolchain: gdb is upgraded 10.1->11.1.
3. Fix lacking build of 'kmod-ipt-ipset' (ipset).
4. wireguard package is upgraded 1.0.20210606->1.0.20211208.
5. lighttpd package is upgraded 1.4.61->1.4.63.
6. curl package is upgraded 7.79.1->7.80.0.
7. iproute2 package is upgraded 4.0.0->4.4.0.
8. xtables-addons package is upgraded 2.10->2.14.
9. ethtool package is upgraded 5.14->5.15.
10. iw package is upgraded 5.9->5.16.
11. ncurses package is upgraded 6.2->6.3.
12. ca-certificates package is upgraded 20210119->20211016.
13. bind package is upgraded 9.17.19->9.17.20.
14. Default congestion control algorithm is changed to 'highspeed'.
15. HTCP/ILLINOIS congestion control algorithms are added.
16. Slight optimization of some components.
17. Host tools: various updates.

9.2.5.2.26SF-HW:

1. Toolchain: Go is upgraded 1.17->1.17.2.
2. wireguard-tools package is upgraded 1.0.20210424->1.0.20210914.
3. DNSCrypt Proxy v.2 is upgraded 2.1.0->2.1.1.
4. OpenVPN is upgraded 2.5.3->2.5.4.
5. wget package is upgraded 1.21.1->1.21.2.
6. lighttpd package is upgraded 1.4.59->1.4.61.
7. proftpd package is upgraded 1.3.7b->1.3.7c.
8. bridge-utils package is upgraded 1.7->1.7.1.
9. curl package is upgraded 7.78.0->7.79.1.
10. gdbm package is upgraded 1.19->1.19.1.
11. cifs-utils package is upgraded 6.13->6.14.
12. bind package is upgraded 9.9.8-P3->9.17.19.
13. libuv and libnghttp2 packages are added (used by bind).
14. bind package is changed to use OpenSSL 1.1.1.
15. coreutils package (sort/gnu-date) is upgraded 8.32->9.0.
16. haveged package is upgraded 1.9.14->1.9.15.
17. ethtool package is upgraded 5.13->5.14.
18. nano package is upgraded 5.8->5.9.
19. jansson package is upgraded 2.13.1->2.14.
20. libiconv-full package is upgraded 1.11.1->1.16.
21. Fix build by GCC 10.x (Host Debian Buster->Host Debian Bullseye).
22. Kernel level optimization.
23. iptables: add missed mods.
24. Host tools: upgrade bison to 3.8.2.

9.2.5.2.25SF-HW:

1. Toolchain: Go is upgraded 1.16.6->1.17.
2. OpenSSL v. 1.1.1 package is upgraded 1.1.1k->1.1.1l (fixing CVE-2021-3711, CVE-2021-3712).
	Base Scores (SUSE): 9.8 and 5.3.
3. DNSCrypt Proxy v.2 is upgraded 2.0.45->2.1.0.
	See https://github.com/DNSCrypt/dnscrypt-proxy/releases
	re: what to change in your config
4. ipset package is upgraded 7.14->7.15.
5. procps-ng package is upgraded 3.3.16->3.3.17.
6. elfutils package is upgraded 0.180->0.182.
7. libpcap package is upgraded 1.10.0->1.10.1.
8. pcre package is upgraded 8.44->8.45.
9. util-linux package is upgraded 2.37.1->2.37.2.
10. unbound package (used in stubby) is upgraded 1.13.1->1.13.2.
11. e2fsprogs package is upgraded 1.46.3->1.46.4.
12. OpenVPN client init script: fix bash style comparison '==' -> '='.
13. Change 'net-util' to avoid TrendMicro cron update schedule (R8900/R9000 specific).
14. Add net-wall IPv6 processing to dropbear init file.
15. Use HFS/HFSPLUS as a kernel modules.
16. Selective optimization '-O3' of kernel components/modules (slight boost).
17. Host tools (e2fsprogs): is upgraded to 1.46.4.

9.2.5.2.24SF-HW:

1. Toolchain: binutils is upgraded 2.36.1->2.37.
2. wireguard-tools: add PresharedKey support to WireGuard client.
3. OpenVPN: fix lacking LBR20 support for OpenVPN client.
4. bluetopia package: synchronization with the stock firmware.
5. curl package is upgraded 7.77.0->7.78.0.
6. gettext-full package is upgraded 0.19.8.1->0.21.
7. ethtool package is upgraded 5.12->5.13.
8. ipset package is upgraded 7.11->7.14.
9. e2fsprogs package is upgraded 1.46.2->1.46.3.
10. libmnl package is upgraded 1.0.3->1.0.4.
11. util-linux package is upgraded 2.37->2.37.1.
12. Add 'renice' and 'taskset' utilities.
13. Selective optimization '-O3' of kernel components/modules (slight boost).
14. Host tools (e2fsprogs): is upgraded to 1.46.3.

9.2.5.2.23.1SF-HW:

1. Toolchain: Go is upgraded 1.16.5->1.16.6.
2. QCA drivers/firmware are upgraded WLAN.BL.3.4.c2-00014-S-1->WLAN.BL.3.4.c2-00014-S-1.394288.4.
3. Logon banner is changed.

9.2.5.2.23SF-HW:

1. Initial firmware (synchronization of packages with RBK50 firmware).