Difference between revisions of "IoTGateway/Security Hotfix"
From ESS-WIKI
Daniel.hung (talk | contribs) |
Daniel.hung (talk | contribs) |
||
| Line 18: | Line 18: | ||
::'''[Android]''' | ::'''[Android]''' | ||
| − | :: | + | ::No available patches now. |
::'''[Debian]''' | ::'''[Debian]''' | ||
Latest revision as of 09:41, 6 November 2017
In this section, we collect critical security vulnerabilities and corresponding hotfixes. You can check the impacts and decide whether need to upgrade your system or not.
Wi-Fi
KRACK : Key Reinstallation Attacks
- Published
- 2017-10
- Impacts
- All WPA2 enabled Wi-fi devices are vulnerable.
- Introduction
- You can check the details from the KRACK website.
- Solutions
- The information below is based on the krackinfo website.
- [Android]
- No available patches now.
- [Debian]
- Update WPA package
- https://www.debian.org/security/2017/dsa-3999
- jessie
- 2.3-1+deb8u5
- stretch
- 2:2.4-1+deb9u1
- [Ubuntu]
- Update hostap & wpasupplicant packages
- https://usn.ubuntu.com/usn/usn-3455-1/
- Ubuntu 17.04
- hostapd 2.4-0ubuntu9.1
- wpasupplicant 2.4-0ubuntu9.1
- Ubuntu 16.04 LTS
- hostapd 2.4-0ubuntu6.2
- wpasupplicant 2.4-0ubuntu6.2
- Ubuntu 14.04 LTS
- hostapd 2.1-0ubuntu1.5
- wpasupplicant 2.1-0ubuntu1.5
- [Yocto]
- Apply the following patches for wpa_supplicant.
- https://w1.fi/security/2017-1/