Date: Tue, 14 Aug 2018 20:21:58 +0000 (UTC) From: Cy Schubert <cy@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r477202 - head/security/wpa_supplicant Message-ID: <201808142021.w7EKLwAj011300@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: cy Date: Tue Aug 14 20:21:58 2018 New Revision: 477202 URL: https://svnweb.freebsd.org/changeset/ports/477202 Log: WPA: Ignore unauthenticated encrypted EAPOL-Key data Ignore unauthenticated encrypted EAPOL-Key data in supplicant processing. When using WPA2, these are frames that have the Encrypted flag set, but not the MIC flag. When using WPA2, EAPOL-Key frames that had the Encrypted flag set but not the MIC flag, had their data field decrypted without first verifying the MIC. In case the data field was encrypted using RC4 (i.e., when negotiating TKIP as the pairwise cipher), this meant that unauthenticated but decrypted data would then be processed. An adversary could abuse this as a decryption oracle to recover sensitive information in the data field of EAPOL-Key messages (e.g., the group key). (CVE-2018-14526) Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be> Security: CVE-2018-14526 Security: VuXML: 6bedc863-9fbe-11e8-945f-206a8a720317 Modified: head/security/wpa_supplicant/Makefile (contents, props changed) head/security/wpa_supplicant/distinfo (contents, props changed) Modified: head/security/wpa_supplicant/Makefile ============================================================================== --- head/security/wpa_supplicant/Makefile Tue Aug 14 20:21:52 2018 (r477201) +++ head/security/wpa_supplicant/Makefile Tue Aug 14 20:21:58 2018 (r477202) @@ -2,10 +2,11 @@ PORTNAME= wpa_supplicant PORTVERSION= 2.6 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= security net MASTER_SITES= https://w1.fi/releases/ -PATCH_SITES= https://w1.fi/security/2017-1/ +PATCH_SITES= https://w1.fi/security/2017-1/ \ + https://w1.fi/security/2018-1/ PATCHFILES= rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch \ rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch \ rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch \ @@ -13,7 +14,8 @@ PATCHFILES= rebased-v2.6-0001-hostapd-Avoid-key-reinst rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch \ rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch \ rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch \ - rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch + rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch \ + rebased-v2.6-0001-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch PATCH_DIST_STRIP= -p1 MAINTAINER= cy@FreeBSD.org Modified: head/security/wpa_supplicant/distinfo ============================================================================== --- head/security/wpa_supplicant/distinfo Tue Aug 14 20:21:52 2018 (r477201) +++ head/security/wpa_supplicant/distinfo Tue Aug 14 20:21:58 2018 (r477202) @@ -1,4 +1,4 @@ -TIMESTAMP = 1508183403 +TIMESTAMP = 1533786430 SHA256 (wpa_supplicant-2.6.tar.gz) = b4936d34c4e6cdd44954beba74296d964bc2c9668ecaa5255e499636fe2b1450 SIZE (wpa_supplicant-2.6.tar.gz) = 2753524 SHA256 (rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch) = 529113cc81256c6178f3c1cf25dd8d3f33e6d770e4a180bd31c6ab7e4917f40b @@ -17,3 +17,5 @@ SHA256 (rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Re SIZE (rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch) = 1649 SHA256 (rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch) = c8840d857b9432f3b488113c85c1ff5d4a4b8d81078b7033388dae1e990843b1 SIZE (rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch) = 2750 +SHA256 (rebased-v2.6-0001-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch) = 960c3cf2a514479b0b4cf09665186a1a9f5d28e8b05dec23db75c6cc13eb1f7c +SIZE (rebased-v2.6-0001-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch) = 1999
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201808142021.w7EKLwAj011300>