[Git][security-tracker-team/security-tracker][master] CVE-2019-949{4,5,6,7,8,9}/wpa fixed in unstable
Salvatore Bonaccorso
carnil at debian.org
Thu Apr 11 06:31:55 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b923a72f by Salvatore Bonaccorso at 2019-04-11T05:31:27Z
CVE-2019-949{4,5,6,7,8,9}/wpa fixed in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4508,34 +4508,34 @@ CVE-2019-9500
RESERVED
CVE-2019-9499 [EAP-pwd peer missing commit validation for scalar/element]
RESERVED
- - wpa <unfixed> (bug #926801)
+ - wpa 2:2.7+git20190128+0c1e29f-4 (bug #926801)
NOTE: https://w1.fi/security/2019-4/eap-pwd-missing-commit-validation.txt
NOTE: Patches: https://w1.fi/security/2019-4/
CVE-2019-9498 [EAP-pwd server missing commit validation for scalar/element]
RESERVED
- - wpa <unfixed> (bug #926801)
+ - wpa 2:2.7+git20190128+0c1e29f-4 (bug #926801)
NOTE: https://w1.fi/security/2019-4/eap-pwd-missing-commit-validation.txt
NOTE: Patches: https://w1.fi/security/2019-4/
CVE-2019-9497 [EAP-pwd server not checking for reflection attack]
RESERVED
- - wpa <unfixed> (bug #926801)
+ - wpa 2:2.7+git20190128+0c1e29f-4 (bug #926801)
NOTE: https://w1.fi/security/2019-4/eap-pwd-missing-commit-validation.txt
NOTE: Patches: https://w1.fi/security/2019-4/
CVE-2019-9496 [SAE confirm missing state validation in hostapd/AP]
RESERVED
- - wpa <unfixed> (bug #926801)
+ - wpa 2:2.7+git20190128+0c1e29f-4 (bug #926801)
[stretch] - wpa <ignored> (SAE code not enabled for build in stretch)
NOTE: https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt
NOTE: Patches: https://w1.fi/security/2019-3/
NOTE: CONFIG_SAE=y enabled since 2:2.7~git20180706+420b5dd-1
CVE-2019-9495 [cache attack against EAP-pwd]
RESERVED
- - wpa <unfixed> (bug #926801)
+ - wpa 2:2.7+git20190128+0c1e29f-4 (bug #926801)
NOTE: https://w1.fi/security/2019-2/eap-pwd-side-channel-attack.txt
NOTE: Patches: https://w1.fi/security/2019-2/
CVE-2019-9494 [cache attack against SAE]
RESERVED
- - wpa <unfixed> (bug #926801)
+ - wpa 2:2.7+git20190128+0c1e29f-4 (bug #926801)
[stretch] - wpa <ignored> (SAE code not enabled for build in stretch)
NOTE: https://w1.fi/security/2019-1/sae-side-channel-attacks.txt
NOTE: Patches: https://w1.fi/security/2019-1/
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b923a72f8f864a67e760b6b01c1ea7487f6f92d8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b923a72f8f864a67e760b6b01c1ea7487f6f92d8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190411/a145eb39/attachment.html>
More information about the debian-security-tracker-commits
mailing list