Explore top 10 tips to secure your open-source projects now. Read More
×
This update for hostapd fixes the following issues:
- Fix KRACK attacks on the AP side (boo#1063479, CVE-2017-13078,
CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13087,
CVE-2017-13088):
Hostap was updated to upstream release 2.6
* fixed EAP-pwd last fragment validation [http://w1.fi/security/2015-7/
(CVE-2015-5314)
* fixed WPS configuration update vulnerability with malformed passphrase
[http://w1.fi/security/2016-1/ (CVE-2016-4476)
* extended channel switch support for VHT bandwidth changes
* added support for configuring new ANQP-elements with
anqp_elem=
* fixed Suite B 192-bit AKM to use proper PMK length (note: this makes old
releases incompatible with the fixed behavior)
* added no_probe_resp_if_max_sta=1 parameter to disable Probe Response
frame sending for not-associated STAs if max_num_sta limit has been
reached
* added option (-S as command line argument) to request all interfaces to
...
Read the Full AdvisoryPatch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.3:
zypper in -t patch openSUSE-2017-1201=1
- openSUSE Leap 42.2:
zypper in -t patch openSUSE-2017-1201=1
To bring your system up-to-date, use "zypper patch".
- openSUSE Leap 42.3 (i586 x86_64):
hostapd-2.6-8.1
hostapd-debuginfo-2.6-8.1
hostapd-debugsource-2.6-8.1
- openSUSE Leap 42.2 (i586 x86_64):
hostapd-2.6-5.3.1
hostapd-debuginfo-2.6-5.3.1
hostapd-debugsource-2.6-5.3.1
https://www.suse.com/security/cve/CVE-2015-1863.html
https://www.suse.com/security/cve/CVE-2015-4141.html
https://www.suse.com/security/cve/CVE-2015-4142.html
https://www.suse.com/security/cve/CVE-2015-4143.html
https://www.suse.com/security/cve/CVE-2015-4144.html
https://www.suse.com/security/cve/CVE-2015-4145.html
https://www.suse.com/security/cve/CVE-2015-5314.html
https://www.suse.com/security/cve/CVE-2016-4476.html
https://www.suse.com/security/cve/CVE-2017-13078.html
https://www.suse.com/security/cve/CVE-2017-13079.html
https://www.suse.com/security/cve/CVE-2017-13080.html
https://www.suse.com/security/cve/CVE-2017-13081.html
https://www.suse.com/security/cve/CVE-2017-13087.html
https://www.suse.com/security/cve/CVE-2017-13088.html
https://bugzilla.suse.com/1063479
https://bugzilla.suse.com/930077
https://bugzilla.suse.com/930078
https://bugzilla.suse.com/930079
Get the latest Linux and open source security news straight to your inbox.