projects / openwrt / openwrt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d889cc9) | patch
hostapd: Fix security problem in EAP-pwd
authorHauke Mehrtens <hauke@hauke-m.de>
Sun, 8 Sep 2019 21:27:04 +0000 (23:27 +0200)
committerHauke Mehrtens <hauke@hauke-m.de>
Tue, 10 Sep 2019 19:54:58 +0000 (21:54 +0200)
commita0c84947043db72f9e1078b009ac039ed2246f2c
tree9606207b4e05e76fc1189484946b04506326fb2dtree | snapshot
parentd889cc988777f228ae928b33d2fd26681270c02bcommit | diff
hostapd: Fix security problem in EAP-pwd

This fixes:
CVE-2019-11555 "EAP-pwd message reassembly issue with unexpected fragment"
https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt

This should not affect OpenWrt in the default settings as we do not use
EAP-pwd.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 9f34bf51d60a237696b1d4cc9b5f4835b95e7ea2)
package/network/services/hostapd/Makefile diff | blob | history
package/network/services/hostapd/patches/065-0001-EAP-pwd-server-Fix-reassembly-buffer-handling.patch [new file with mode: 0644] blob
package/network/services/hostapd/patches/065-0003-EAP-pwd-peer-Fix-reassembly-buffer-handling.patch [new file with mode: 0644] blob
OpenWrt Source Repository