From owner-freebsd-current@freebsd.org Tue Oct 17 16:57:10 2017 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AEE36E4030D for ; Tue, 17 Oct 2017 16:57:10 +0000 (UTC) (envelope-from david@catwhisker.org) Received: from mx.catwhisker.org (mx.catwhisker.org [198.144.209.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 61679750BB; Tue, 17 Oct 2017 16:57:09 +0000 (UTC) (envelope-from david@catwhisker.org) Received: from albert.catwhisker.org (localhost [127.0.0.1]) by albert.catwhisker.org (8.15.2/8.15.2) with ESMTP id v9HGv8aG038280; Tue, 17 Oct 2017 16:57:08 GMT (envelope-from david@albert.catwhisker.org) Received: (from david@localhost) by albert.catwhisker.org (8.15.2/8.15.2/Submit) id v9HGv8ie038279; Tue, 17 Oct 2017 09:57:08 -0700 (PDT) (envelope-from david) Date: Tue, 17 Oct 2017 09:57:08 -0700 From: David Wolfskill To: Allan Jude Cc: freebsd-current@freebsd.org Subject: Re: cve-2017-13077 - WPA2 security vulni Message-ID: <20171017165708.GE1214@albert.catwhisker.org> Reply-To: current@freebsd.org Mail-Followup-To: current@freebsd.org, Allan Jude , freebsd-current@freebsd.org References: <201710170627.v9H6R0XC078179@slippy.cwsent.com> <20171017125829.GA35718@albert.catwhisker.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="35iEUiFini4fM4u+" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.9.1 (2017-09-22) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Oct 2017 16:57:10 -0000 --35iEUiFini4fM4u+ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Oct 17, 2017 at 12:51:23PM -0400, Allan Jude wrote: > .... > > Question: Should one expect a wpa_supplicant-2.6_2 executable built > > under FreeBSD stable/11 (amd64) to work on the same hardware, but > > running head? >=20 > Did you run the version from ports, or did you run the base /etc/rc.d > script with your rc.conf set to point to the ports binary? This will run > the command with -c /etc/wpa_supplicant.conf overriding the ports default. >=20 > So this is expected to work in this way. Ah. When I installed the port, I was reminded: | ... | =3D=3D=3D> Registering installation for wpa_supplicant-2.6_2 | Installing wpa_supplicant-2.6_2... | To use the ports version of WPA Supplicant instead of the base, add: |=20 | wpa_supplicant_program=3D"/usr/local/sbin/wpa_supplicant" |=20 | to /etc/rc.conf |=20 | =3D=3D=3D> SECURITY REPORT: | .... So I did that. I did not do anything to the existing /etc/rc.d/wpa_supplicant, which had been installed as part of base FreeBSD. > .... Peace, david --=20 David H. Wolfskill david@catwhisker.org Unsubstantiated claims of "Fake News" are evidence that the claimant lies a= gain. See http://www.catwhisker.org/~david/publickey.gpg for my public key. --35iEUiFini4fM4u+ Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQF8BAEBCgBmBQJZ5jZkXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRDQ0I3Q0VGOTE3QTgwMUY0MzA2NEQ3N0Ix NTM5Q0M0MEEwNDlFRTE3AAoJEBU5zECgSe4XQMMIAMjmrQKcCS5PeKI5CecWrePm vtfFu8l4T+5z31+qJv/7jPPmwNR14tWljgm0VoYI3/lIjP2R+6/dixRfDXA1ZLP8 uTHZIGDV1pGdViAa11Iq+VoY3bOYFdh5b4d6x5aqOes4NE/T7qz00wvYc0Ax71im 9Ix7A2eCIivz+aVARZfLCvaB9+0NfWOmpJCJ8YYRhihGbJrwsNliNuJHG/bXIncA Bgi81dOIhKwwo3HYyZHemyFqPJ8rnMseLbjEqUEIo/K/yJENi3XwosfFGSAgMn27 L6OnbLe/09YMyResOCv4/J48Awprl70/7XcIkKp2a02QzvDzV8XrC8ep0DjGJck= =59Ld -----END PGP SIGNATURE----- --35iEUiFini4fM4u+--