CaROS/poky
3
1
Fork 0
mirror of https://git.yoctoproject.org/git/poky synced 2026-01-04 16:10:04 +00:00
Code Issues Packages Projects Releases Wiki Activity
krogoth
poky/meta/recipes-connectivity
History
Ross Burton 54e3f82bd7 wpa_supplicant: fix WPA2 key replay security bug 
WPA2 is vulnerable to replay attacks which result in unauthenticated users
having access to the network.

* CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake

* CVE-2017-13078: reinstallation of the group key in the Four-way handshake

* CVE-2017-13079: reinstallation of the integrity group key in the Four-way
handshake

* CVE-2017-13080: reinstallation of the group key in the Group Key handshake

* CVE-2017-13081: reinstallation of the integrity group key in the Group Key
handshake

* CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation
Request and reinstalling the pairwise key while processing it

* CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)
PeerKey (TPK) key in the TDLS handshake

* CVE-2017-13087: reinstallation of the group key (GTK) when processing a
Wireless Network Management (WNM) Sleep Mode Response frame

* CVE-2017-13088: reinstallation of the integrity group key (IGTK) when
processing a Wireless Network Management (WNM) Sleep Mode Response frame

Backport patches from upstream to resolve these CVEs.

(From OE-Core rev: bfa04fa71c47e8fe9528208848cfcec2e232777d)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-10-16 23:47:12 +01:00
..
avahi avahi: enable gobject-introspection 2016-03-12 22:11:44 +00:00
bind bind: fix two CVEs 2016-11-08 23:47:13 +00:00
bluez5 bluez5: enable out-of-tree builds 2016-06-29 19:35:55 +01:00
connman connman-gnome: Depend on dbus-glib-native 2016-04-29 07:41:43 +01:00
dhcp dhcp: CVE-2016-2774 2016-04-18 16:28:22 +01:00
iproute2 iproute2: update to version 4.4.0 2016-02-11 12:27:49 +00:00
irda-utils irda-utils: Fix header inclusions 2016-01-24 09:40:29 +00:00
iw iw: upgrade to version 4.3 2015-12-01 21:32:15 +00:00
libnss-mdns libnss-mdns: Check for nss.h before using 2016-02-02 14:44:16 +00:00
libpcap libpcap: update to 1.7.4 2015-12-01 21:32:07 +00:00
mobile-broadband-provider-info mobile-broadband-provider-info: update to tagged release 20151214 2015-12-28 09:25:16 +00:00
neard meta: more removals of redunant FILES_${PN}-dbg 2015-12-16 11:56:30 +00:00
nfs-utils nfs-utils: bugfix: adjust name of statd service unit 2016-02-18 07:39:31 +00:00
ofono ofono: upgrade to version 1.17 2015-12-01 21:32:09 +00:00
openssh openssh: Security fix CVE-2015-8325 2016-09-23 15:27:05 +01:00
openssl openssl.inc: avoid random ptest failures 2017-05-18 13:14:22 +01:00
portmap portmap: Point to tirpc headers and libraries on musl 2016-01-24 09:40:30 +00:00
ppp ppp: Fix build with musl 2016-01-24 09:40:26 +00:00
ppp-dialin meta: set proper S value 2015-01-23 11:36:27 +00:00
resolvconf resolvconf: upgrade to 1.78 2016-01-15 11:54:49 +00:00
socat socat: Use c_ispeed and c_ospeed based upon libc 2016-04-14 10:58:32 +01:00
wireless-tools meta: more removals of redunant FILES_${PN}-dbg 2015-12-16 11:56:30 +00:00
wpa-supplicant wpa_supplicant: fix WPA2 key replay security bug 2017-10-16 23:47:12 +01:00