Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE: 2020:3380-1 Moderate: wpa_supplicant Disconnection Bypass Fix

suse
Calendar Grey November 19, 2020
Dist Suse Esm H88
SUSE Security Update for OpenSSH addresses 18 vulnerabilities; adds one enhancement and provides guidelines for installation.
An update that fixes 22 vulnerabilities, contains one feature is now available

Summary

This update for wpa_supplicant fixes the following issues: Security issue fixed: - CVE-2019-16275: Fixed an AP mode PMF disconnection protection bypass (bsc#1150934). Non-security issues fixed: - Enable SAE support (jsc#SLE-14992). - Limit P2P_DEVICE name to appropriate ifname size. - Fix wicked wlan (bsc#1156920) - Restore fi.epitest.hostap.WPASupplicant.service (bsc#1167331) - With v2.9 fi.epitest.hostap.WPASupplicant.service is obsolete (bsc#1167331) - Fix WLAN config on boot with wicked. (bsc#1166933) - Update to 2.9 release: * SAE changes - disable use of groups using Brainpool curves - improved protection against side channel attacks [https://w1.fi/security/2019-6/ * EAP-pwd changes - disable use of groups using Brainpool curves - allow the set of groups to be configured (eap_pwd_groups)

Topics%20covered

Topics Covered

security advisory moderate update SUSE wpa_supplicant patch instructions disconnection bypass

References

#1131644 #1131868 #1131870 #1131871 #1131872

#1131874 #1133640 #1144443 #1150934 #1156920

#1166933 #1167331 #930077 #930078 #930079

SLE-14992

Cross- CVE-2015-4141 CVE-2015-4142 CVE-2015-4143

CVE-2015-8041 CVE-2017-13077 CVE-2017-13078

CVE-2017-13079 CVE-2017-13080 CVE-2017-13081

CVE-2017-13082 CVE-2017-13086 CVE-2017-13087

CVE-2017-13088 CVE-2018-14526 CVE-2019-11555

CVE-2019-13377 CVE-2019-16275 CVE-2019-9494

CVE-2019-9495 CVE-2019-9497 CVE-2019-9498

CVE-2019-9499

Affected Products:

SUSE Linux Enterprise Server for SAP 15

SUSE Linux Enterprise Server 15-LTSS

SUSE Linux Enterprise Module for Basesystem 15-SP2

SUSE Linux Enterprise Module for Basesystem 15-SP1

SUSE Linux Enterprise High Perf...

Read the Full Advisory

Announcement ID: SUSE-SU-2020:3380-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate update SUSE wpa_supplicant patch instructions disconnection bypass

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here