projects / openwrt / openwrt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cdd093b) | patch
hostapd: merge fixes for WPA packet number reuse with replayed messages and key reins...
authorFelix Fietkau <nbd@nbd.name>
Mon, 16 Oct 2017 10:05:09 +0000 (12:05 +0200)
committerFelix Fietkau <nbd@nbd.name>
Mon, 16 Oct 2017 10:18:19 +0000 (12:18 +0200)
commit63c17142c865618977a540485eea7a9487a58029
tree4bd4ca6557f792b9b0a8a0428848e34326ee4211tree | snapshot
parentcdd093b5399d5962a44680aef74e2034f4bcf64acommit | diff
hostapd: merge fixes for WPA packet number reuse with replayed messages and key reinstallation

Fixes:
- CERT case ID: VU#228519
- CVE-2017-13077
- CVE-2017-13078
- CVE-2017-13079
- CVE-2017-13080
- CVE-2017-13081
- CVE-2017-13082
- CVE-2017-13086
- CVE-2017-13087
- CVE-2017-13088

For more information see:
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt

Backport of bbda81ce3077dfade2a43a39f772cfec2e82a9a5

Signed-off-by: Felix Fietkau <nbd@nbd.name>
package/network/services/hostapd/Makefile diff | blob | history
package/network/services/hostapd/patches/005-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch [new file with mode: 0644] blob
package/network/services/hostapd/patches/006-Prevent-reinstallation-of-an-already-in-use-group-ke.patch [new file with mode: 0644] blob
package/network/services/hostapd/patches/007-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch [new file with mode: 0644] blob
package/network/services/hostapd/patches/008-Prevent-installation-of-an-all-zero-TK.patch [new file with mode: 0644] blob
package/network/services/hostapd/patches/009-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch [new file with mode: 0644] blob
package/network/services/hostapd/patches/010-TDLS-Reject-TPK-TK-reconfiguration.patch [new file with mode: 0644] blob
package/network/services/hostapd/patches/011-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch [new file with mode: 0644] blob
package/network/services/hostapd/patches/012-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch [new file with mode: 0644] blob
package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch diff | blob | history
package/network/services/hostapd/patches/600-ubus_support.patch diff | blob | history
OpenWrt Source Repository