Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE: 2020:3424-1 Moderate Update For wpa_supplicant Security Issues

suse
Calendar Grey November 19, 2020
Dist Suse Esm H88
Ubuntu Security Announcement: Addresses 15 vulnerabilities in openSSH. Important risk patch released today.
An update that fixes 19 vulnerabilities, contains one feature is now available

Summary

This update for wpa_supplicant fixes the following issues: wpa_supplicant was updated to 2.9 release: * SAE changes - disable use of groups using Brainpool curves - improved protection against side channel attacks [https://w1.fi/security/2019-6/ * EAP-pwd changes - disable use of groups using Brainpool curves - allow the set of groups to be configured (eap_pwd_groups) - improved protection against side channel attacks [https://w1.fi/security/2019-6/ * fixed FT-EAP initial mobility domain association using PMKSA caching (disabled by default for backwards compatibility; can be enabled with ft_eap_pmksa_caching=1) * fixed a regression in OpenSSL 1.1+ engine loading * added validation of RSNE in (Re)Association Response frames * fixed DPP bootstrapping URI parser of channel list

Topics%20covered

Topics Covered

security advisory moderate system update threat mitigation SUSE wpa_supplicant

References

#1131644 #1131868 #1131870 #1131871 #1131872

#1131874 #1133640 #1144443 #1150934 #1156920

#1165266 #1166933 #1167331 SLE-14992

Cross- CVE-2015-8041 CVE-2017-13077 CVE-2017-13078

CVE-2017-13079 CVE-2017-13080 CVE-2017-13081

CVE-2017-13082 CVE-2017-13086 CVE-2017-13087

CVE-2017-13088 CVE-2018-14526 CVE-2019-11555

CVE-2019-13377 CVE-2019-16275 CVE-2019-9494

CVE-2019-9495 CVE-2019-9497 CVE-2019-9498

CVE-2019-9499

Affected Products:

SUSE Linux Enterprise Server 12-SP5

https://www.suse.com/security/cve/CVE-2015-8041.html

https://www.suse.com/security/cve/CVE-2017-13077.html

https://www.suse.com/security/cve/CVE-2017-13078.html

https://www.suse.com/security/cve/CVE-2017-13079.html

https://www.suse.com/security/cve/CVE-2017-13080.html

Announcement ID: SUSE-SU-2020:3424-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate system update threat mitigation SUSE wpa_supplicant

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here