hostapd: Avoid key reinstallation in FT handshake (CVE-2017-13082)
Fix PTK rekeying to generate a new ANonce
Prevent reinstallation of an already in-use group key and extend
protection of GTK/IGTK reinstallation of WNM-Sleep Mode cases
(CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,
Prevent installation of an all-zero TK
TDLS: Reject TPK-TK reconfiguration
WNM: Ignore WNM-Sleep Mode Response without pending request
FT: Do not allow multiple Reassociation Response frames
This update has been submitted for testing by lkundrak.
lkundrak edited this update.
WPA2 Enterprise / EAP-TLS works.
Working here, didn't appear to break anything.
This update has been submitted for batched by bodhi.
This update has been submitted for stable by bodhi.
This update has been pushed to stable.
works, though couldn't test attack mitigation.