Difference between revisions of "IoTGateway/Security Hotfix"

From ESS-WIKI
Jump to: navigation, search
(Created page with "== Security Hotfix == In this section, we collect critical security vulnerabilities and corresponding hotfixes. You can check the impacts and decide whether need to upgrade y...")
(No difference)

Revision as of 07:51, 25 October 2017

Security Hotfix

In this section, we collect critical security vulnerabilities and corresponding hotfixes. You can check the impacts and decide whether need to upgrade your system or not.

Wi-Fi

KRACK : Key Reinstallation Attacks

Published
2017-10
Impacts
All WPA2 enabled Wi-fi devices are vulnerable.
Introduction
You can check the details from the KRACK website.
Solutions
[Android]
Patches will be available on Nov. 6th.
[Debian]
Update WPA packages
https://www.debian.org/security/2017/dsa-3999
jessie (net): 2.3-1+deb8u5
stretch (net): 2:2.4-1+deb9u1
[Ubuntu]
Update hostap & wpasupplicant package
https://usn.ubuntu.com/usn/usn-3455-1/
Ubuntu 17.04::hostapd 2.4-0ubuntu9.1
wpasupplicant 2.4-0ubuntu9.1
Ubuntu 16.04 LTS::hostapd 2.4-0ubuntu6.2
wpasupplicant 2.4-0ubuntu6.2
Ubuntu 14.04 LTS::hostapd 2.1-0ubuntu1.5
wpasupplicant 2.1-0ubuntu1.5
[Yocto]
Apply the following patches for wpa_supplicant.
https://w1.fi/security/2017-1/
Retrieved from "https://ess-wiki.advantech.com.tw/wiki/index.php?title=IoTGateway/Security_Hotfix&oldid=8773"