mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-31 12:49:46 +00:00
Code Issues Projects Releases Wiki Activity
Files
krogoth
poky/meta/recipes-connectivity
T
History
Ross Burton 54e3f82bd7 wpa_supplicant: fix WPA2 key replay security bug 
WPA2 is vulnerable to replay attacks which result in unauthenticated users
having access to the network.

* CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake

* CVE-2017-13078: reinstallation of the group key in the Four-way handshake

* CVE-2017-13079: reinstallation of the integrity group key in the Four-way
handshake

* CVE-2017-13080: reinstallation of the group key in the Group Key handshake

* CVE-2017-13081: reinstallation of the integrity group key in the Group Key
handshake

* CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation
Request and reinstalling the pairwise key while processing it

* CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)
PeerKey (TPK) key in the TDLS handshake

* CVE-2017-13087: reinstallation of the group key (GTK) when processing a
Wireless Network Management (WNM) Sleep Mode Response frame

* CVE-2017-13088: reinstallation of the integrity group key (IGTK) when
processing a Wireless Network Management (WNM) Sleep Mode Response frame

Backport patches from upstream to resolve these CVEs.

(From OE-Core rev: bfa04fa71c47e8fe9528208848cfcec2e232777d)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-10-16 23:47:12 +01:00
..
avahi
avahi: enable gobject-introspection
2016-03-12 22:11:44 +00:00
bind
bind: fix two CVEs
2016-11-08 23:47:13 +00:00
bluez5
bluez5: enable out-of-tree builds
2016-06-29 19:35:55 +01:00
connman
connman-gnome: Depend on dbus-glib-native
2016-04-29 07:41:43 +01:00
dhcp
dhcp: CVE-2016-2774
2016-04-18 16:28:22 +01:00
iproute2
iproute2: update to version 4.4.0
2016-02-11 12:27:49 +00:00
irda-utils
irda-utils: Fix header inclusions
2016-01-24 09:40:29 +00:00
iw
iw: upgrade to version 4.3
2015-12-01 21:32:15 +00:00
libnss-mdns
libnss-mdns: Check for nss.h before using
2016-02-02 14:44:16 +00:00
libpcap
libpcap: update to 1.7.4
2015-12-01 21:32:07 +00:00
mobile-broadband-provider-info
mobile-broadband-provider-info: update to tagged release 20151214
2015-12-28 09:25:16 +00:00
neard
meta: more removals of redunant FILES_${PN}-dbg
2015-12-16 11:56:30 +00:00
nfs-utils
nfs-utils: bugfix: adjust name of statd service unit
2016-02-18 07:39:31 +00:00
ofono
ofono: upgrade to version 1.17
2015-12-01 21:32:09 +00:00
openssh
openssh: Security fix CVE-2015-8325
2016-09-23 15:27:05 +01:00
openssl
openssl.inc: avoid random ptest failures
2017-05-18 13:14:22 +01:00
portmap
portmap: Point to tirpc headers and libraries on musl
2016-01-24 09:40:30 +00:00
ppp
ppp: Fix build with musl
2016-01-24 09:40:26 +00:00
ppp-dialin
meta: set proper S value
2015-01-23 11:36:27 +00:00
resolvconf
resolvconf: upgrade to 1.78
2016-01-15 11:54:49 +00:00
socat
socat: Use c_ispeed and c_ospeed based upon libc
2016-04-14 10:58:32 +01:00
wireless-tools
meta: more removals of redunant FILES_${PN}-dbg
2015-12-16 11:56:30 +00:00
wpa-supplicant
wpa_supplicant: fix WPA2 key replay security bug
2017-10-16 23:47:12 +01:00