hak5
/
openwrt
mirror of https://github.com/hak5/openwrt.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
openwrt/package/network/services/hostapd
History
Hauke Mehrtens b463a13881 hostapd: fix multiple security problems 
This fixes the following security problems:
* CVE-2019-9494:  cache attack against SAE
* CVE-2019-9495:  cache attack against EAP-pwd
* CVE-2019-9496:  SAE confirm missing state validation in hostapd/AP
* CVE-2019-9497:  EAP-pwd server not checking for reflection attack)
* CVE-2019-9498:  EAP-pwd server missing commit validation for scalar/element
* CVE-2019-9499:  EAP-pwd peer missing commit validation for scalar/element
* CVE-2019-11555: EAP-pwd message reassembly issue with unexpected fragment

Most of these problems are not relevant for normal users, SAE is only
used in ieee80211s mesh mode and EAP-pwd is normally not activated.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
 		2019-06-21 10:29:23 +02:00
..
files hostapd: add support for client taxonomy in the full config 2018-12-18 17:22:04 +01:00
patches hostapd: fix multiple security problems 2019-06-21 10:29:23 +02:00
src/src hostapd: expose device taxonomy signature via ubus 2018-12-18 17:22:04 +01:00
Config.in hostapd: update packaging and patches 2018-12-18 09:05:58 +01:00
Makefile hostapd: fix multiple security problems 2019-06-21 10:29:23 +02:00