FEDORA-2019-d03bae77f5

security update in Fedora 28 for hostapd

Status: stable 2 days ago

Update to version 2.7 from upstream Security fix for CVE-2019-9494 (cache attack against SAE) Security fix for CVE-2019-9495 (cache attack against EAP-pwd) Security fix for CVE-2019-9496 (SAE confirm missing state validation in hostapd/AP) Security fix for CVE-2019-9497 (EAP-pwd server not checking for reflection attack) Security fix for CVE-2019-9498 (EAP-pwd server missing commit validation for scalar/element) Security fix for CVE-2019-9499 (EAP-pwd peer missing commit validation for scalar/element)

How to install

sudo dnf upgrade --advisory=FEDORA-2019-d03bae77f5

Comments 6

This update has been submitted for testing by linville.

This update has been pushed to testing.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for batched by linville.

This update has been submitted for stable by bodhi.

This update has been pushed to stable.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

#1699141 CVE-2019-9494 wpa_supplicant: SAE Timing-based and Cache-based side-channel attack against WPA3's Dragonfly handshake
#1699144 CVE-2019-9494 hostapd: wpa_supplicant: SAE Timing-based and Cache-based side-channel attack against WPA3's Dragonfly handshake [fedora-all]
#1699149 CVE-2019-9495 wpa_supplicant: EAP-pwd cache side-channel attack
#1699152 CVE-2019-9495 hostapd: wpa_supplicant: EAP-pwd cache side-channel attack [fedora-all]
#1699153 CVE-2019-9496 hostapd: SAE confirm missing state validation in hostapd/AP
#1699154 CVE-2019-9496 hostapd: SAE confirm missing state validation in hostapd/AP [fedora-all]
#1699164 CVE-2019-9497 wpa_supplicant: EAP-pwd server not checking for reflection attack
#1699165 CVE-2019-9497 hostapd: wpa_supplicant: EAP-pwd server not checking for reflection attack [fedora-all]
Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
high
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 13 days ago
in testing 12 days ago
in stable 2 days ago

Related Bugs 8

00 #1699141 CVE-2019-9494 wpa_supplicant: SAE Timing-based and Cache-based side-channel attack against WPA3's Dragonfly handshake
00 #1699144 CVE-2019-9494 hostapd: wpa_supplicant: SAE Timing-based and Cache-based side-channel attack against WPA3's Dragonfly handshake [fedora-all]
00 #1699149 CVE-2019-9495 wpa_supplicant: EAP-pwd cache side-channel attack
00 #1699152 CVE-2019-9495 hostapd: wpa_supplicant: EAP-pwd cache side-channel attack [fedora-all]
00 #1699153 CVE-2019-9496 hostapd: SAE confirm missing state validation in hostapd/AP
00 #1699154 CVE-2019-9496 hostapd: SAE confirm missing state validation in hostapd/AP [fedora-all]
00 #1699164 CVE-2019-9497 wpa_supplicant: EAP-pwd server not checking for reflection attack
00 #1699165 CVE-2019-9497 hostapd: wpa_supplicant: EAP-pwd server not checking for reflection attack [fedora-all]

Automated Test Results