Stay Secure with the Latest Linux Advisories

security advisoryfedoracritical

Fedora 32: FEDORA-2021-1a2443baa0 Critical: wpa_supplicant P2P Issue

security fix for CVE-2021-0326 see also: https://w1.fi/security/2020-2/. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-1a2443baa0 2021-02-20 01:33:46.075648 --------------------------------------------------------------------------------Name : wpa_supplicant Product : Fedora 32 Version : 2.9 Release : 5.fc32 URL : http://w1.fi/wpa_supplicant/ Summary : WPA/WPA2/IEEE 802.1X Supplicant Description : wpa_supplicant is a WPA Supplicant for Linux, BSD and Windows with support for WPA and WPA2 (IEEE 802.11i / RSN). Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11 authentication/association of the wlan driver. --------------------------------------------------------------------------------Update Information: security fix for CVE-2021-0326 see also: https://w1.fi/security/2020-2/ --------------------------------------------------------------------------------ChangeLog: * Thu Feb 4 2021 Davide Caratti - 1:2.9-5 - Fix copying of secondary device types for P2P group client (CVE-2021-0326) * Mon Jun 15 2020 Benjamin Berg - 1:2.9-4 - fix some issues with P2P operation --------------------------------------------------------------------------------References: [ 1 ] Bug #1925152 - CVE-2021-0326 wpa_supplicant: P2P group information processing vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1925152 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-1a2443baa0' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by theFedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Fedora 32 has released a significant patch for wpa_supplicant that fixes a vulnerability related to P2P group management.. wpa Supplicant Security, Fedora Update, Authentication Fix. . Severity: Critical. LinuxSecurity.com Team

Feb 19, 2021 •Critical Fedora