From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:37556) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1e4DGv-0002Ke-9h for guix-patches@gnu.org; Mon, 16 Oct 2017 17:50:06 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1e4DGs-0000Ly-6p for guix-patches@gnu.org; Mon, 16 Oct 2017 17:50:05 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:35690) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1e4DGs-0000Ls-29 for guix-patches@gnu.org; Mon, 16 Oct 2017 17:50:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1e4DGr-00070t-Rr for guix-patches@gnu.org; Mon, 16 Oct 2017 17:50:01 -0400 Subject: bug#28869: [PATCH] gnu: wpa-supplicant: Fix "KRACK" key reinstallation attacks [security fixes]. Resent-To: guix-patches@gnu.org Resent-Message-ID: Date: Mon, 16 Oct 2017 17:49:10 -0400 From: Leo Famulari Message-ID: <20171016214910.GC20802@jasmine.lan> References: <09748a352729762dacb8e6171752aaa6d03df85d.1508178000.git.leo@famulari.name> <87lgka7pnz.fsf@fastmail.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="pvezYHf7grwyp3Bc" Content-Disposition: inline In-Reply-To: <87lgka7pnz.fsf@fastmail.com> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: Marius Bakke Cc: 28869-done@debbugs.gnu.org --pvezYHf7grwyp3Bc Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Oct 16, 2017 at 11:23:28PM +0200, Marius Bakke wrote: > Leo Famulari writes: >=20 > > Fixes CVE-2017-{13078,13079,13080,13081,13082,13087,13088}. > > > > See these announcements for more information: > > https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-mes= sages.txt > > https://www.krackattacks.com/ > > > > * gnu/packages/patches/wpa-supplicant-CVE-2017-13082.patch, > > gnu/packages/patches/wpa-supplicant-fix-key-reuse.patch, > > gnu/packages/patches/wpa-supplicant-fix-nonce-reuse.patch > > gnu/packages/patches/wpa-supplicant-fix-zeroed-keys.patch, > > gnu/packages/patches/wpa-supplicant-krack-followups.patch: New files. > > * gnu/packages/admin.scm (wpa-supplicant-minimal)[source]: Use them. > > * gnu/local.mk (dist_patch_DATA): Add them. >=20 > LGTM, thanks for taking care of this. Thanks for the review! Pushed as 09748a352729762dacb8e6171752aaa6d03df85d --pvezYHf7grwyp3Bc Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlnlKVYACgkQJkb6MLrK fwgKpw/+PPqp1qHHiZm493L3UB28XKFhqXWTroCAHJH57iWHqxNuPyG+C/UkAEef h9psSbR1mMzXQZm8Mr3lDCLeRIBfqsPuPhU2lXN/cPo/Q3aQmFU9CzjKM1FI8gyk tiD/VHfCAcvOdpLbnPB10pHE5xvCJESQx/toP2Z6rwOAIrBVKjE//yqXGeUjz33Z R+B3MQw2eYaSEk9XvdNm0gygAnrr5XzKsnDM/Bhu8caNN2vJBk8MJgeqO7Fqid1h nU9ogu6N634TfLSX27dhEuCp8MNVl6gkXqg7CkKbjfGbHfWTm7IVQynlZ9SFPi/H HSPe6F7KuwRO3IZBPRcHRFrFZcfb2rosxITQI2gt99Py5Yv4Z75BtJqNGTWvPr2y U9LMKSAesbk+1jyjs+aYd+NlkjFu0/cKj/Aaw8A4uzZuce37WFxkYHNQ9fNQQvr4 AoPHYNWHtWbhureSJN0uKCFFlJNbUYE0CNkxILYJ+Jsbd9oChXsqt9lMgG8nqHvm z3GSrOZV3cdvMIEvJpTfRMuCa2b3WAc/ZHWjMOCOJLS9RB0esDrThBMGcHIQu+ee uxJIyUjbkLLvgzwSqK900nri2VM4ABILzozKyHQYX0a/sUZ/ZkoFWxrVJImaC0e5 YLn9ZUf6TKn/vzRn0HMeBPCPJrrsTm6esNOQ0wN85H4F+EOS+p8= =Ox0A -----END PGP SIGNATURE----- --pvezYHf7grwyp3Bc--