Date: Mon, 16 Oct 2017 17:36:31 +0200 From: Franco Fichtner <franco@lastsummer.de> To: Miroslav Lachman <000.fbsd@quip.cz> Cc: lev@FreeBSD.org, freebsd-security <freebsd-security@freebsd.org>, freebsd-wireless <freebsd-wireless@freebsd.org> Subject: =?utf-8?Q?Re=3A_WPA2_vulnerabilities_=E2=80=94_is_FreeBSD-as-AP_a?= =?utf-8?Q?ffected=3F?= Message-ID: <D45CE63F-7719-40E4-9742-9ABF36945744@lastsummer.de> In-Reply-To: <59E4A024.6070708@quip.cz> References: <3bcef903-4d27-b49f-81aa-9e055e22efa5@FreeBSD.org> <59E4A024.6070708@quip.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
> On 16. Oct 2017, at 2:03 PM, Miroslav Lachman <000.fbsd@quip.cz> = wrote: >=20 > Lev Serebryakov wrote on 10/16/2017 13:56: >>=20 >> There are whole lot of new vulnerabilities in WPA2 = [implementations?]: >> CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, >> CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, >> CVE-2017-13087, CVE-2017-13088. >>=20 >> Does anybody know, is FreeBSD (our WiFi stack + hostapd / >> wpa_supplicant) affected? >=20 > Yes. it is discussed at current@ with patch > = https://lists.freebsd.org/pipermail/freebsd-current/2017-October/067193.ht= ml Did CERT/CC while extending the deadline forget to inform FreeBSD if it was not informed already? I am not sure why patches are thrown around on a mailing list after such an extensive embargo period. Cheers, Franco=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?D45CE63F-7719-40E4-9742-9ABF36945744>