Summary: | <net-wireless/hostapd-2.6-r1: WPA packet number reuse with replayed messages and key reinstallation | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | ago, arthur, gurligebis, speedjack95, zerochaos |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt | ||
Whiteboard: | B4 [glsa] | ||
Package list: |
=net-wireless/hostapd-2.6-r1
|
Runtime testing required: | --- |
Bug Depends on: | |||
Bug Blocks: | 634440 |
Description
GLSAMaker/CVETool Bot
2017-10-16 13:35:46 UTC
See tracker bug 634440 for more details. stable on amd64/x86 ppc, please remove the old ebuild when you stable. thanks! should this be closed in favor of bug 634436 *** Bug 634418 has been marked as a duplicate of this bug. *** (In reply to Matthew Thode ( prometheanfire ) from comment #3) > should this be closed in favor of bug 634436 hostapd != wpa_supplicant yes they share a code base, but they are fully independent in gentoo and all other distros that I know. They even have different keywords so it makes no sense to track them together imho. ppc stable @maintainers, please clean the vulnerable versions. thanks whoops, sorry, I should read the note before hitting save Added to an existing GLSA request. This issue was resolved and addressed in GLSA 201711-03 at https://security.gentoo.org/glsa/201711-03 by GLSA coordinator Aaron Bauman (b-man). |