FEDORA-2019-ca49dfd42f created by dcaratti 9 months ago for Fedora 30
stable

include fix for:

CVE-2019-9494 CVE-2019-9495 CVE-2019-9496 CVE-2019-9497 CVE-2019-9498

Reboot Required
After installing this update it is required that you reboot your system to ensure the changes supplied by this update are applied properly.

How to install

sudo dnf upgrade --advisory=FEDORA-2019-ca49dfd42f

This update has been submitted for testing by dcaratti.

9 months ago

This update has been pushed to testing.

9 months ago
User Icon cserpentis commented & provided feedback 9 months ago
karma

works for me

User Icon pwalter commented & provided feedback 9 months ago
karma

Works

User Icon filiperosset commented & provided feedback 9 months ago
karma

no regressions noted

This update has been submitted for batched by bodhi.

9 months ago
User Icon nomos commented & provided feedback 9 months ago
karma

Tested on local machine with AMD Ryzen 5 2400G.

This update has been submitted for stable by bodhi.

9 months ago

This update has been pushed to stable.

9 months ago
User Icon vinumoses commented & provided feedback 9 months ago
karma

After upgrading to fedora30 (from fedora29), my Broadcom (BCM4360) USB wi-fi adapter does not work any more. The adapter hangs while trying to connect to an AP and the logs fill up with the following message: wpa_supplicant[1104]: wlp4s0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1

lspci gives the following entry for the wireless adapter: Network controller: Broadcom Inc. and subsidiaries BCM4360 802.11ac Wireless Network Adapter (rev 03)

The wireless adapter worked fine with fedora29 and wpa_supplicant 2.6.x

Could this be the same bug that is described in https://bugs.archlinux.org/task/61119 which mentions that wpa_supplicant 2.7.x passes invalid arguments to broadcom-wl driver?

User Icon vinumoses commented & provided feedback 9 months ago
User Icon vinumoses commented & provided feedback 8 months ago

https://bugzilla.redhat.com/show_bug.cgi?id=1703745 filed. Wrong bug entry mentioned above.


Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
2
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Dates
submitted
9 months ago
in testing
9 months ago
in stable
9 months ago
BZ#1699143 CVE-2019-9494 wpa_supplicant: SAE Timing-based and Cache-based side-channel attack against WPA3's Dragonfly handshake [fedora-all]
0
0
BZ#1699150 CVE-2019-9495 wpa_supplicant: EAP-pwd cache side-channel attack [fedora-all]
0
0
BZ#1699263 CVE-2019-9495 wpa_supplicant: EAP-pwd cache side-channel attack [fedora-all]
0
0

Automated Test Results