Alerts This Week
Warning Icon 1 929
Alerts This Week
Warning Icon 1 929

openSUSE: 2020:0222-1 Moderate: Hostapd Security Update

opensuse
Calendar Grey February 15, 2020
Dist Opensuse Esm H88
An update for openSUSE fixes multiple issues in hostapd, rated moderate. Learn more about this critical security advisory!
An update that fixes 7 vulnerabilities is now available.

Description

This update for hostapd fixes the following issues:

hostapd was updated to version 2.9:

* SAE changes

- disable use of groups using Brainpool curves

- improved protection against side channel attacks

[https://w1.fi/security/2019-6/

* EAP-pwd changes

- disable use of groups using Brainpool curves

- improved protection against side channel attacks

[https://w1.fi/security/2019-6/

* fixed FT-EAP initial mobility domain association using PMKSA caching

* added configuration of airtime policy

* fixed FILS to and RSNE into (Re)Association Response frames

* fixed DPP bootstrapping URI parser of channel list

* added support for regulatory WMM limitation (for ETSI)

* added support for MACsec Key Agreement using IEEE 802.1X/PSK

* added experimental support for EAP-TEAP server (RFC 7170)

* added experimental support for EAP-TLS server with TLS v1.3

* added support for two server certificates/keys...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory moderate update DoS hostapd openSUSE

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2020-222=1

- openSUSE Backports SLE-15-SP1:

zypper in -t patch openSUSE-2020-222=1

- openSUSE Backports SLE-15:

zypper in -t patch openSUSE-2020-222=1

Package List

- openSUSE Leap 15.1 (x86_64):

hostapd-2.9-lp151.4.3.1

hostapd-debuginfo-2.9-lp151.4.3.1

hostapd-debugsource-2.9-lp151.4.3.1

- openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64):

hostapd-2.9-bp151.5.3.1

- openSUSE Backports SLE-15 (aarch64 ppc64le s390x x86_64):

hostapd-2.9-bp150.15.1

hostapd-debuginfo-2.9-bp150.15.1

hostapd-debugsource-2.9-bp150.15.1

References

https://www.suse.com/security/cve/CVE-2017-13082.html

https://www.suse.com/security/cve/CVE-2019-9494.html

https://www.suse.com/security/cve/CVE-2019-9495.html

https://www.suse.com/security/cve/CVE-2019-9496.html

https://www.suse.com/security/cve/CVE-2019-9497.html

https://www.suse.com/security/cve/CVE-2019-9498.html

https://www.suse.com/security/cve/CVE-2019-9499.html

https://bugzilla.suse.com/1056061

--

Announcement ID: openSUSE-SU-2020:0222-1
Rating: moderate
Affected Products: openSUSE Leap 15.1 openSUSE Backports SLE-15-SP1 openSUSE Backports SLE-15

Topics%20covered

Topics Covered

security advisory moderate update DoS hostapd openSUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here