Summary: | <net-wireless/wpa_supplicant-2.8: Improper fragmentation reassembly state validation in EAP peer leading to DoS (CVE-2019-11555) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | Flags: | stable-bot:
sanity-check+
|
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt | ||
Whiteboard: | B3 [glsa+ cve] | ||
Package list: |
net-wireless/wpa_supplicant-2.8-r1
|
Runtime testing required: | --- |
Description
GLSAMaker/CVETool Bot
2019-05-13 15:30:40 UTC
@maintainer, please drop vulnerable. (In reply to Aaron Bauman from comment #1) > @maintainer, please drop vulnerable. Nevermind, this still needs to be stabilized. ACK, let's stabilize wpa_supplicant-2.8-r1 arm64 stable x86 stable ppc/ppc64 stable This issue was resolved and addressed in GLSA 201908-25 at https://security.gentoo.org/glsa/201908-25 by GLSA coordinator Aaron Bauman (b-man). re-opened for final arches amd64 stable arm stable @maintainer, please drop vulnerable. vulnerables have been long dropped, sorry for forgetting to post that status here. This is security's bug now Repository is clean, all done! |