[LEDE-DEV] KRACK (Key Reinstallation Attacks), now patched upstream in hostapd
Felix Fietkau
nbd at nbd.name
Tue Oct 17 00:24:37 PDT 2017
On 2017-10-17 01:53, Jim Gettys wrote:
> On Mon, Oct 16, 2017 at 6:41 AM, Stijn Tintel <stijn at linux-ipv6.be> wrote:
>> On 16-10-17 13:15, Stijn Tintel wrote:
>>> On 16-10-17 13:12, Koen Vandeputte wrote:
>>>>
>>>> On 2017-10-16 11:48, Nick Lowe wrote:
>>>>> Referencing https://www.krackattacks.com/
>>>>>
>>>>> Patches can be found at: https://w1.fi/security/2017-1/ and an
>>>>> advisory at http://seclists.org/oss-sec/2017/q4/83
>>>>>
>>>>> Patches can also be found committed at https://w1.fi/cgit/hostap/log/
>>>>>
>>>>> I think we need to get these patches integrated in to LEDE asap, or
>>>>> move to the hostapd development branch where there are currently
>>>>> committed.
>>>> I'm currently updating my patch-in-transit to incorporate these fixes.
>>>> http://patchwork.ozlabs.org/patch/823136/
>>> Felix already has the patches in his staging tree [1], and we are
>>> preparing the 17.01 branch for releasing 17.01.4.
>>>
>> Sorry, hit sent too soon and forgot to add the URL. Anyway, both master
>> and the lede-17.01 branch now contain these fixes.
>
> Outstanding response!
>
> Will this require a upgrade of the base image, or can we just upgrade
> packages? If so,
> which ones?
> - Jim
Updating wpad(-mini) should be enough.
- Felix
More information about the Lede-dev
mailing list