projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 32904f9) | patch
package/hostapd: add upstream 2019-1, 2, 3, 4 security patches
authorPeter Korsgaard <peter@korsgaard.com>
Thu, 11 Apr 2019 11:11:02 +0000 (13:11 +0200)
committerThomas Petazzoni <thomas.petazzoni@bootlin.com>
Thu, 11 Apr 2019 16:25:28 +0000 (18:25 +0200)
commit736f344755b67cf2a116cfda3abd0b04e1a9b7f9
tree0e518650c289411b81dc7a995d6de949032f7eabtree
parent32904f9852b5c2fd3d3af752b934d755583bf732commit | diff
package/hostapd: add upstream 2019-1, 2, 3, 4 security patches

Fixes the following security vulnerabilities:

- CVE-2019-9494 (cache attack against SAE)

For details, see the advisory:
https://w1.fi/security/2019-1/sae-side-channel-attacks.txt

- CVE-2019-9495 (cache attack against EAP-pwd)

For details, see the advisory:
https://w1.fi/security/2019-2/eap-pwd-side-channel-attack.txt

- CVE-2019-9496 (SAE confirm missing state validation in hostapd/AP)

For details, see the advisory:
https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt

- CVE-2019-9497 (EAP-pwd server not checking for reflection attack)
- CVE-2019-9498 (EAP-pwd server missing commit validation for scalar/element)
- CVE-2019-9499 (EAP-pwd peer missing commit validation for scalar/element)

For details, see the advisory:
https://w1.fi/security/2019-4/eap-pwd-missing-commit-validation.txt

Notice that SAE is not currently enabled in Buildroot, but the patches are
included here anyway for completeness.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
package/hostapd/hostapd.hash diff | blob | history
package/hostapd/hostapd.mk diff | blob | history