Difference between revisions of "IoTGateway/Security Hotfix"
From ESS-WIKI
Daniel.hung (talk | contribs) (Created page with "== Security Hotfix == In this section, we collect critical security vulnerabilities and corresponding hotfixes. You can check the impacts and decide whether need to upgrade y...") |
Daniel.hung (talk | contribs) |
||
| Line 1: | Line 1: | ||
| − | |||
| − | |||
In this section, we collect critical security vulnerabilities and corresponding hotfixes. You can check the impacts and decide whether need to upgrade your system or not. | In this section, we collect critical security vulnerabilities and corresponding hotfixes. You can check the impacts and decide whether need to upgrade your system or not. | ||
| − | + | == Wi-Fi == | |
| − | + | === '''KRACK ''': '''K'''ey '''R'''einstallation '''A'''tta'''ck'''s === | |
| − | :'''Published''' | + | :'''<font color="#0070c0">Published</font>''' |
::2017-10 | ::2017-10 | ||
| − | :'''Impacts''' | + | :'''<font color="#0070c0">Impacts</font>''' |
::All WPA2 enabled Wi-fi devices are vulnerable. | ::All WPA2 enabled Wi-fi devices are vulnerable. | ||
| − | :'''Introduction''' | + | :'''<font color="#0070c0">Introduction</font>''' |
::You can check the details from the KRACK [https://www.krackattacks.com/ website]. | ::You can check the details from the KRACK [https://www.krackattacks.com/ website]. | ||
| − | :'''Solutions''' | + | :'''<font color="#0070c0">Solutions</font>''' |
::'''[Android]''' | ::'''[Android]''' | ||
::Patches will be available on Nov. 6th. | ::Patches will be available on Nov. 6th. | ||
| Line 29: | Line 27: | ||
::Update ''hostap ''& ''wpasupplicant ''package | ::Update ''hostap ''& ''wpasupplicant ''package | ||
::[https://usn.ubuntu.com/usn/usn-3455-1/ https://usn.ubuntu.com/usn/usn-3455-1/] | ::[https://usn.ubuntu.com/usn/usn-3455-1/ https://usn.ubuntu.com/usn/usn-3455-1/] | ||
| − | ::''Ubuntu 17.04''::hostapd 2.4-0ubuntu9.1 | + | ::''Ubuntu 17.04'' |
| + | :::hostapd 2.4-0ubuntu9.1 | ||
:::wpasupplicant 2.4-0ubuntu9.1 | :::wpasupplicant 2.4-0ubuntu9.1 | ||
| − | ::''Ubuntu 16.04 LTS''::hostapd 2.4-0ubuntu6.2 | + | ::''Ubuntu 16.04 LTS'' |
| + | :::hostapd 2.4-0ubuntu6.2 | ||
:::wpasupplicant 2.4-0ubuntu6.2 | :::wpasupplicant 2.4-0ubuntu6.2 | ||
| − | ::''Ubuntu 14.04 LTS''::hostapd 2.1-0ubuntu1.5 | + | ::''Ubuntu 14.04 LTS'' |
| + | :::hostapd 2.1-0ubuntu1.5 | ||
:::wpasupplicant 2.1-0ubuntu1.5 | :::wpasupplicant 2.1-0ubuntu1.5 | ||
Revision as of 08:53, 25 October 2017
In this section, we collect critical security vulnerabilities and corresponding hotfixes. You can check the impacts and decide whether need to upgrade your system or not.
Wi-Fi
KRACK : Key Reinstallation Attacks
- Published
- 2017-10
- Impacts
- All WPA2 enabled Wi-fi devices are vulnerable.
- Introduction
- You can check the details from the KRACK website.
- Solutions
- [Android]
- Patches will be available on Nov. 6th.
- [Debian]
- Update WPA packages
- https://www.debian.org/security/2017/dsa-3999
- jessie (net): 2.3-1+deb8u5
- stretch (net): 2:2.4-1+deb9u1
- [Ubuntu]
- Update hostap & wpasupplicant package
- https://usn.ubuntu.com/usn/usn-3455-1/
- Ubuntu 17.04
- hostapd 2.4-0ubuntu9.1
- wpasupplicant 2.4-0ubuntu9.1
- Ubuntu 16.04 LTS
- hostapd 2.4-0ubuntu6.2
- wpasupplicant 2.4-0ubuntu6.2
- Ubuntu 14.04 LTS
- hostapd 2.1-0ubuntu1.5
- wpasupplicant 2.1-0ubuntu1.5
- [Yocto]
- Apply the following patches for wpa_supplicant.
- https://w1.fi/security/2017-1/