Difference between revisions of "IoTGateway/Security Hotfix"
From ESS-WIKI
Daniel.hung (talk | contribs) |
Daniel.hung (talk | contribs) |
||
| Line 21: | Line 21: | ||
::'''[Debian]''' | ::'''[Debian]''' | ||
| − | ::Update ''WPA '' | + | ::Update ''WPA ''package |
::[https://www.debian.org/security/2017/dsa-3999 https://www.debian.org/security/2017/dsa-3999] | ::[https://www.debian.org/security/2017/dsa-3999 https://www.debian.org/security/2017/dsa-3999] | ||
::*''jessie'' | ::*''jessie'' | ||
| Line 29: | Line 29: | ||
::'''[Ubuntu]''' | ::'''[Ubuntu]''' | ||
| − | ::Update ''hostap ''& ''wpasupplicant '' | + | ::Update ''hostap ''& ''wpasupplicant ''packages |
::[https://usn.ubuntu.com/usn/usn-3455-1/ https://usn.ubuntu.com/usn/usn-3455-1/] | ::[https://usn.ubuntu.com/usn/usn-3455-1/ https://usn.ubuntu.com/usn/usn-3455-1/] | ||
::*''Ubuntu 17.04'' | ::*''Ubuntu 17.04'' | ||
Revision as of 09:01, 25 October 2017
In this section, we collect critical security vulnerabilities and corresponding hotfixes. You can check the impacts and decide whether need to upgrade your system or not.
Wi-Fi
KRACK : Key Reinstallation Attacks
- Published
- 2017-10
- Impacts
- All WPA2 enabled Wi-fi devices are vulnerable.
- Introduction
- You can check the details from the KRACK website.
- Solutions
- The information below is based on the krackinfo website.
- [Android]
- Patches will be available on Nov. 6th.
- [Debian]
- Update WPA package
- https://www.debian.org/security/2017/dsa-3999
- jessie
- 2.3-1+deb8u5
- stretch
- 2:2.4-1+deb9u1
- [Ubuntu]
- Update hostap & wpasupplicant packages
- https://usn.ubuntu.com/usn/usn-3455-1/
- Ubuntu 17.04
- hostapd 2.4-0ubuntu9.1
- wpasupplicant 2.4-0ubuntu9.1
- Ubuntu 16.04 LTS
- hostapd 2.4-0ubuntu6.2
- wpasupplicant 2.4-0ubuntu6.2
- Ubuntu 14.04 LTS
- hostapd 2.1-0ubuntu1.5
- wpasupplicant 2.1-0ubuntu1.5
- [Yocto]
- Apply the following patches for wpa_supplicant.
- https://w1.fi/security/2017-1/