Re: cve-2017-13077 - WPA2 security vulni

From: Adrian Chadd <adrian.chadd_at_gmail.com>
Date: Mon, 16 Oct 2017 08:55:20 -0700
hi,

I got the patches a couple days ago. I've been busy with personal life
stuff so I haven't updated our in-tree hostapd/wpa_supplicant. If
someone beats me to it, great, otherwise I'll try to do it in the next
couple days.

I was hoping (!) for a hostap/wpa_supplicant 2.7 update to just update
everything to but so far nope. It should be easy enough to update the
port for now as it's at 2.6.



-adrian


On 16 October 2017 at 06:04, Cy Schubert <Cy.Schubert_at_komquats.com> wrote:
> In message <44161b4d-f834-a01d-6ddb-475f208762f9_at_FreeBSD.org>, Lev Serebryakov
> writes:
>> On 16.10.2017 13:38, blubee blubeeme wrote:
>>
>> > well, that's a cluster if I ever seen one.
>>  It is really cluster: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,
>> CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084,
>> CVE-2017-13086,CVE-2017-13087, CVE-2017-13088.
>
> The gory details are here: https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
>
> The announcement is here:
> https://www.krackattacks.com/
>
>
> --
> Cheers,
> Cy Schubert <Cy.Schubert_at_cschubert.com>
> FreeBSD UNIX:  <cy_at_FreeBSD.org>   Web:  http://www.FreeBSD.org
>
>         The need of the many outweighs the greed of the few.
>
>
> _______________________________________________
> freebsd-current_at_freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscribe_at_freebsd.org"
Received on Mon Oct 16 2017 - 13:55:23 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:13 UTC