projects / librecmc / librecmc.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ec0759e) | patch
hostapd: Fix security problem in EAP-pwd
authorHauke Mehrtens <hauke@hauke-m.de>
Sun, 8 Sep 2019 21:27:04 +0000 (23:27 +0200)
committerRISCi_ATOM <bob@bobcall.me>
Fri, 13 Sep 2019 20:24:49 +0000 (16:24 -0400)
commitaba8f140e4a84e187d344c523e0adc1b1a27437d
tree196fc7db645d3a65c18528db055fe519d4aed681tree | snapshot
parentec0759e540534e70d0bc01b37a9f7ea147586cebcommit | diff
hostapd: Fix security problem in EAP-pwd

This fixes:
CVE-2019-11555 "EAP-pwd message reassembly issue with unexpected fragment"
https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt

This should not affect OpenWrt in the default settings as we do not use
EAP-pwd.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 9f34bf51d60a237696b1d4cc9b5f4835b95e7ea2)
package/network/services/hostapd/Makefile diff | blob | history
package/network/services/hostapd/patches/065-0001-EAP-pwd-server-Fix-reassembly-buffer-handling.patch [new file with mode: 0644] blob
package/network/services/hostapd/patches/065-0003-EAP-pwd-peer-Fix-reassembly-buffer-handling.patch [new file with mode: 0644] blob