CaROS/poky
3
1
Fork 0
mirror of https://git.yoctoproject.org/git/poky synced 2026-01-01 13:58:04 +00:00
Code Issues Packages Projects Releases Wiki Activity
jethro
poky/meta
History
Ross Burton 3f55846839 wpa_supplicant: fix WPA2 key replay security bug 
WPA2 is vulnerable to replay attacks which result in unauthenticated users
having access to the network.

* CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake

* CVE-2017-13078: reinstallation of the group key in the Four-way handshake

* CVE-2017-13079: reinstallation of the integrity group key in the Four-way
handshake

* CVE-2017-13080: reinstallation of the group key in the Group Key handshake

* CVE-2017-13081: reinstallation of the integrity group key in the Group Key
handshake

* CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation
Request and reinstalling the pairwise key while processing it

* CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)
PeerKey (TPK) key in the TDLS handshake

* CVE-2017-13087: reinstallation of the group key (GTK) when processing a
Wireless Network Management (WNM) Sleep Mode Response frame

* CVE-2017-13088: reinstallation of the integrity group key (IGTK) when
processing a Wireless Network Management (WNM) Sleep Mode Response frame

Backport patches from upstream to resolve these CVEs.

(From OE-Core rev: 6af6e285e8bed16b02dee27c8466e9f4f9f21e30)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-11-03 12:28:27 +00:00
..
classes Revert "kernel/kernel-arch: Explicitly mapping between, i386/x86_64 and x86 for kernel ARCH" 2016-05-11 12:37:06 +01:00
conf toasterconf.json: exclude releases Toaster can't build 2016-06-03 15:02:25 +01:00
files toolchain-shar-extract.sh: do not allow $ in paths for ext SDK 2016-01-12 08:42:29 +00:00
lib lib/oe/patch: Make GitApplyTree._applypatch() support read-only .git/hooks 2016-03-20 09:55:53 +00:00
recipes-bsp grub: Security fix CVE-2015-8370 2016-02-04 23:20:16 +00:00
recipes-connectivity wpa_supplicant: fix WPA2 key replay security bug 2017-11-03 12:28:27 +00:00
recipes-core build-appliance-image: Update to jethro head revision 2016-12-06 22:49:08 +00:00
recipes-devtools python-2.7: Security fix CVE-2016-1000110 2016-12-06 22:46:45 +00:00
recipes-extended tzdata: update to 2016i 2016-12-06 22:46:45 +00:00
recipes-gnome gcr: Require x11 DISTRO_FEATURE 2016-02-04 23:20:17 +00:00
recipes-graphics glew: Correct version in autotooling patches 2016-05-11 12:37:06 +01:00
recipes-kernel lttng-tools: fix regression tests hang 2016-04-11 22:02:04 +01:00
recipes-lsb4 libpng12: update URL that no longer exists 2016-02-04 23:20:17 +00:00
recipes-multimedia tiff: Security fix CVE-2016-5323 2016-09-23 23:22:03 +01:00
recipes-qt qt4: Fix kmap2qmap build with clang 2015-09-23 09:53:00 +01:00
recipes-rt rt-tests: drop unnecessary added-missing-dependencies.patch 2015-09-01 11:44:04 +01:00
recipes-sato webkitgtk, gcr, libsecret: force ARM mode 2015-10-12 14:36:30 +01:00
recipes-support gnutils: Security fix CVE-2016-7444 2016-12-06 22:46:44 +00:00
site siteinfo: Add nios2-linux 2015-09-23 09:53:07 +01:00
COPYING.GPLv2
COPYING.MIT
recipes.txt