sysmo-bts
/
generic-poky
9
0
Fork 0
Code Pull Requests Releases Activity
generic-poky/meta/recipes-connectivity
History
Ross Burton 827eb5b232 wpa_supplicant: fix WPA2 key replay security bug 
WPA2 is vulnerable to replay attacks which result in unauthenticated users
having access to the network.

* CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake

* CVE-2017-13078: reinstallation of the group key in the Four-way handshake

* CVE-2017-13079: reinstallation of the integrity group key in the Four-way
handshake

* CVE-2017-13080: reinstallation of the group key in the Group Key handshake

* CVE-2017-13081: reinstallation of the integrity group key in the Group Key
handshake

* CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation
Request and reinstalling the pairwise key while processing it

* CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)
PeerKey (TPK) key in the TDLS handshake

* CVE-2017-13087: reinstallation of the group key (GTK) when processing a
Wireless Network Management (WNM) Sleep Mode Response frame

* CVE-2017-13088: reinstallation of the integrity group key (IGTK) when
processing a Wireless Network Management (WNM) Sleep Mode Response frame

Backport patches from upstream to resolve these CVEs.

(From OE-Core rev: 28d2d47f2a4fc3eb649cf58e82bce0525ab0bc74)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 		2017-10-16 23:47:01 +01:00
..
avahi avahi: Don't remove users/groups in postrm 2016-11-04 12:50:54 +00:00
bind bind: Use correct python interpreter path 2017-08-31 17:57:12 +01:00
bluez5 bluez5.inc: set CVE_PRODUCT to bluez 2017-08-29 11:57:27 +01:00
connman connman: Fix for CVE-2017-12865 2017-08-30 11:12:30 +01:00
dhcp dhcp: 4.3.4 -> 4.3.5 2016-12-08 10:31:29 +00:00
iproute2 iproute2: upgrade to 4.10.0 2017-03-01 23:27:10 +00:00
irda-utils irda-utils: Fix header inclusions 2016-01-24 09:40:29 +00:00
iw iw: upgrade to 4.9 2016-11-30 15:48:06 +00:00
libnss-mdns libnss-mdns: Check for nss.h before using 2016-02-02 14:44:16 +00:00
libpcap libpcap: apply fix from upstream to fix build race 2017-07-27 22:36:44 +01:00
mobile-broadband-provider-info mobile-broadband-provider-info: update to tagged release 20151214 2015-12-28 09:25:16 +00:00
neard neard: Fix parallel build issue 2017-03-21 22:39:17 +00:00
nfs-utils recipes: Make use of the new bb.utils.filter() function 2017-03-01 11:17:45 +00:00
ofono recipes: Make use of the new bb.utils.filter() function 2017-03-01 11:17:45 +00:00
openssh recipes: Make use of the new bb.utils.filter() function 2017-03-01 11:17:45 +00:00
openssl openssl: Bump SONAME to match the ABI 2017-04-21 08:22:09 +01:00
portmap portmap: Point to tirpc headers and libraries on musl 2016-01-24 09:40:30 +00:00
ppp ppp: update SRC_URI 2017-01-26 10:44:27 +00:00
ppp-dialin Remove $COREBASE/LICENSE from LIC_FILES_CHKSUM 2016-10-28 16:15:18 +01:00
resolvconf resolvconf: upgrade to 1.79 2016-06-15 08:35:00 +01:00
socat socat: 1.7.3.1 -> 1.7.3.2 2017-02-15 20:06:42 -08:00
wireless-tools wireless-tools: Update URLs 2017-03-01 23:27:10 +00:00
wpa-supplicant wpa_supplicant: fix WPA2 key replay security bug 2017-10-16 23:47:01 +01:00