[Buildroot] [PATCH 2/2] package/wpa_supplicant: add upstream 2019-5 security patches

Peter Korsgaard peter at korsgaard.com
Sat Apr 27 12:22:27 UTC 2019


>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:

 > Fixes the following security vulnerabilities:
 > EAP-pwd implementation in hostapd (EAP server) and wpa_supplicant (EAP
 > peer) was discovered not to validate fragmentation reassembly state
 > properly for a case where an unexpected fragment could be received. This
 > could result in process termination due to NULL pointer dereference.

 > For details, see the advisory:
 > https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt

 > Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

Committed, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list