RE: cve-2017-13077 - WPA2 security vulni

From: Cy Schubert <>
Date: Tue, 17 Oct 2017 11:30:13 -0700
I had no problems last night. It associated with one of my netgear APs. I used /etc/wpa_supplicant.conf.

I am running head and all my ports are built on head (most poudeiere and a few by hand).

Sent using a tiny phone keyboard. Apologies for any typos and autocorrect.

Cy Schubert
<> or <>

-----Original Message-----
From: David Wolfskill
Sent: 17/10/2017 09:57
To: Allan Jude
Subject: Re: cve-2017-13077 - WPA2 security vulni

On Tue, Oct 17, 2017 at 12:51:23PM -0400, Allan Jude wrote:
> ....
> > Question:  Should one expect a wpa_supplicant-2.6_2 executable built
> > under FreeBSD stable/11 (amd64) to work on the same hardware, but
> > running head?
> Did you run the version from ports, or did you run the base /etc/rc.d
> script with your rc.conf set to point to the ports binary? This will run
> the command with -c /etc/wpa_supplicant.conf overriding the ports default.
> So this is expected to work in this way.

Ah.  When I installed the port, I was reminded:

| ...
| ===>   Registering installation for wpa_supplicant-2.6_2
| Installing wpa_supplicant-2.6_2...
| To use the ports version of WPA Supplicant instead of the base, add:
|     wpa_supplicant_program="/usr/local/sbin/wpa_supplicant"
| to /etc/rc.conf
| ....

So I did that.  I did not do anything to the existing
/etc/rc.d/wpa_supplicant, which had been installed as part of base

> ....

David H. Wolfskill
Unsubstantiated claims of "Fake News" are evidence that the claimant lies again.

See for my public key.
Received on Tue Oct 17 2017 - 16:30:13 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:13 UTC