Browse Source

wpa_supplicant package update

Signed-off-by: basebuilder_pel7x64builder0 <basebuilder@powerel.org>
master
basebuilder_pel7x64builder0 6 years ago
parent
commit
33a9652d3f
  1. 96
      SOURCES/rh1434434-wpa_supplicant-Don-t-reply-to-EAPOL-if-pkt_type-is-P.patch
  2. 158
      SOURCES/rh1490885-fix-auth-failure-when-the-mac-is-updated-externally.patch
  3. 83
      SOURCES/rh1500442-wpa_supplicant-Fix-memory-leaks-in-ieee802_1x_create.patch
  4. 44
      SOURCES/rh1619553-0001-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch
  5. 41
      SPECS/wpa_supplicant.spec

96
SOURCES/rh1434434-wpa_supplicant-Don-t-reply-to-EAPOL-if-pkt_type-is-P.patch

@ -0,0 +1,96 @@ @@ -0,0 +1,96 @@
From d89edb6112f54fb65036c31eba291bda5fcad2b3 Mon Sep 17 00:00:00 2001
Message-Id: <d89edb6112f54fb65036c31eba291bda5fcad2b3.1522770749.git.davide.caratti@gmail.com>
From: Davide Caratti <davide.caratti@gmail.com>
Date: Wed, 28 Mar 2018 16:34:56 +0200
Subject: [PATCH] wpa_supplicant: Don't reply to EAPOL if pkt_type is
PACKET_OTHERHOST

When wpa_supplicant is running on a Linux interface that is configured in
promiscuous mode, and it is not a member of a bridge, incoming EAPOL
packets are processed regardless of the Destination Address in the frame.
As a consequence, there are situations where wpa_supplicant replies to
EAPOL packets that are not destined for it.

This behavior seems undesired (see IEEE Std 802.1X-2010, 11.4.a), and can
be avoided by attaching a BPF filter that lets the kernel discard packets
having pkt_type equal to PACKET_OTHERHOST.

Signed-off-by: Davide Caratti <davide.caratti@gmail.com>
---
src/l2_packet/l2_packet.h | 1 +
src/l2_packet/l2_packet_linux.c | 23 +++++++++++++++++++++++
wpa_supplicant/wpa_supplicant.c | 5 +++++
3 files changed, 29 insertions(+)

diff --git a/src/l2_packet/l2_packet.h b/src/l2_packet/l2_packet.h
index 2a4524582..53871774b 100644
--- a/src/l2_packet/l2_packet.h
+++ b/src/l2_packet/l2_packet.h
@@ -42,6 +42,7 @@ struct l2_ethhdr {
enum l2_packet_filter_type {
L2_PACKET_FILTER_DHCP,
L2_PACKET_FILTER_NDISC,
+ L2_PACKET_FILTER_PKTTYPE,
};
/**
diff --git a/src/l2_packet/l2_packet_linux.c b/src/l2_packet/l2_packet_linux.c
index 65b490679..291c9dd26 100644
--- a/src/l2_packet/l2_packet_linux.c
+++ b/src/l2_packet/l2_packet_linux.c
@@ -84,6 +84,26 @@ static const struct sock_fprog ndisc_sock_filter = {
.filter = ndisc_sock_filter_insns,
};
+/* drop packet if skb->pkt_type is PACKET_OTHERHOST (0x03). Generated by:
+ * $ bpfc - <<EOF
+ * > ldb #type
+ * > jeq #0x03, drop
+ * > pass: ret #-1
+ * > drop: ret #0
+ * > EOF
+ */
+static struct sock_filter pkt_type_filter_insns[] = {
+ { 0x30, 0, 0, 0xfffff004 },
+ { 0x15, 1, 0, 0x00000003 },
+ { 0x6, 0, 0, 0xffffffff },
+ { 0x6, 0, 0, 0x00000000 },
+};
+
+static const struct sock_fprog pkt_type_sock_filter = {
+ .len = ARRAY_SIZE(pkt_type_filter_insns),
+ .filter = pkt_type_filter_insns,
+};
+
int l2_packet_get_own_addr(struct l2_packet_data *l2, u8 *addr)
{
@@ -471,6 +491,9 @@ int l2_packet_set_packet_filter(struct l2_packet_data *l2,
case L2_PACKET_FILTER_NDISC:
sock_filter = &ndisc_sock_filter;
break;
+ case L2_PACKET_FILTER_PKTTYPE:
+ sock_filter = &pkt_type_sock_filter;
+ break;
default:
return -1;
}
diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index 2a05ef910..dcec68a03 100644
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -4014,6 +4014,11 @@ int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
wpa_supplicant_rx_eapol, wpa_s, 0);
if (wpa_s->l2 == NULL)
return -1;
+
+ if (l2_packet_set_packet_filter(wpa_s->l2,
+ L2_PACKET_FILTER_PKTTYPE))
+ wpa_dbg(wpa_s, MSG_DEBUG,
+ "Failed to attach pkt_type filter");
} else {
const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
if (addr)
--
2.14.3

158
SOURCES/rh1490885-fix-auth-failure-when-the-mac-is-updated-externally.patch

@ -0,0 +1,158 @@ @@ -0,0 +1,158 @@
From 175c8ec5f46fbe544eb71b80d83ed517a3c81ba4 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Thu, 15 Feb 2018 11:50:01 +0100
Subject: [PATCH] wpa_supplicant: Fix auth failure when the MAC is updated
externally

When connecting to a WPA-EAP network and the MAC address is changed
just before the association (for example by NetworkManager, which sets
a random MAC during scans), the authentication sometimes fails in the
following way ('####' logs added by me):

wpa_supplicant logs:
wlan0: WPA: RX message 1 of 4-Way Handshake from 02:00:00:00:01:00 (ver=1)
RSN: msg 1/4 key data - hexdump(len=22): dd 14 00 0f ac 04 d8 21 9d a5 73 98 88 26 ef 03 d2 ce f7 04 7d 23
WPA: PMKID in EAPOL-Key - hexdump(len=22): dd 14 00 0f ac 04 d8 21 9d a5 73 98 88 26 ef 03 d2 ce f7 04 7d 23
RSN: PMKID from Authenticator - hexdump(len=16): d8 21 9d a5 73 98 88 26 ef 03 d2 ce f7 04 7d 23
wlan0: RSN: no matching PMKID found
EAPOL: Successfully fetched key (len=32)
WPA: PMK from EAPOL state machines - hexdump(len=32): [REMOVED]
#### WPA: rsn_pmkid():
#### WPA: aa - hexdump(len=6): 02 00 00 00 01 00
#### WPA: spa - hexdump(len=6): 66 20 cf ab 8c dc
#### WPA: PMK - hexdump(len=32): b5 24 76 4f 6f 50 8c f6 a1 2e 24 b8 07 4e 9a 13 1b 94 c4 a8 1f 7e 22 d6 ed fc 7d 43 c7 77 b6 f7
#### WPA: computed PMKID - hexdump(len=16): ea 73 67 b1 8e 5f 18 43 58 24 e8 1c 47 23 87 71
RSN: Replace PMKSA entry for the current AP and any PMKSA cache entry that was based on the old PMK
nl80211: Delete PMKID for 02:00:00:00:01:00
wlan0: RSN: PMKSA cache entry free_cb: 02:00:00:00:01:00 reason=1
RSN: Added PMKSA cache entry for 02:00:00:00:01:00 network_ctx=0x5630bf85a270
nl80211: Add PMKID for 02:00:00:00:01:00
wlan0: RSN: PMKID mismatch - authentication server may have derived different MSK?!

hostapd logs:
WPA: PMK from EAPOL state machine (MSK len=64 PMK len=32)
WPA: 02:00:00:00:00:00 WPA_PTK entering state PTKSTART
wlan1: STA 02:00:00:00:00:00 WPA: sending 1/4 msg of 4-Way Handshake
#### WPA: rsn_pmkid():
#### WPA: aa - hexdump(len=6): 02 00 00 00 01 00
#### WPA: spa - hexdump(len=6): 02 00 00 00 00 00
#### WPA: PMK - hexdump(len=32): b5 24 76 4f 6f 50 8c f6 a1 2e 24 b8 07 4e 9a 13 1b 94 c4 a8 1f 7e 22 d6 ed fc 7d 43 c7 77 b6 f7
#### WPA: computed PMKID - hexdump(len=16): d8 21 9d a5 73 98 88 26 ef 03 d2 ce f7 04 7d 23
WPA: Send EAPOL(version=1 secure=0 mic=0 ack=1 install=0 pairwise=1 kde_len=22 keyidx=0 encr=0)

That's because wpa_supplicant computed the PMKID using the wrong (old)
MAC address used during the scan. wpa_supplicant updates own_addr when
the interface goes up, as the MAC can only change while the interface
is down. However, drivers don't report all interface state changes:
for example the nl80211 driver may ignore a down-up cycle if the down
message is processed later, when the interface is already up. In such
cases, wpa_supplicant (and in particular, the EAP state machine) would
continue to use the old MAC.

Add a new driver event that notifies of MAC address changes while the
interface is active.

Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
(cherry picked from commit 77a020a118168e05e7cc0d28a7bf661772e531af)
---
src/drivers/driver.h | 9 +++++++++
src/drivers/driver_common.c | 1 +
src/drivers/driver_nl80211.c | 11 +++++++----
wpa_supplicant/events.c | 3 +++
4 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/src/drivers/driver.h b/src/drivers/driver.h
index df996dc21..f8d556133 100644
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -4106,6 +4106,15 @@ enum wpa_event_type {
* EVENT_P2P_LO_STOP - Notify that P2P listen offload is stopped
*/
EVENT_P2P_LO_STOP,
+
+ /**
+ * EVENT_INTERFACE_MAC_CHANGED - Notify that interface MAC changed
+ *
+ * This event is emitted when the MAC changes while the interface is
+ * enabled. When an interface was disabled and becomes enabled, it
+ * must be always assumed that the MAC possibly changed.
+ */
+ EVENT_INTERFACE_MAC_CHANGED,
};
diff --git a/src/drivers/driver_common.c b/src/drivers/driver_common.c
index c7107ba89..bdddc0a48 100644
--- a/src/drivers/driver_common.c
+++ b/src/drivers/driver_common.c
@@ -81,6 +81,7 @@ const char * event_to_string(enum wpa_event_type event)
E2S(ACS_CHANNEL_SELECTED);
E2S(DFS_CAC_STARTED);
E2S(P2P_LO_STOP);
+ E2S(INTERFACE_MAC_CHANGED);
}
return "UNKNOWN";
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index f7f3cfebc..d4a879836 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -923,7 +923,7 @@ nl80211_find_drv(struct nl80211_global *global, int idx, u8 *buf, size_t len)
static void nl80211_refresh_mac(struct wpa_driver_nl80211_data *drv,
- int ifindex)
+ int ifindex, int notify)
{
struct i802_bss *bss;
u8 addr[ETH_ALEN];
@@ -942,6 +942,9 @@ static void nl80211_refresh_mac(struct wpa_driver_nl80211_data *drv,
ifindex, bss->ifname,
MAC2STR(bss->addr), MAC2STR(addr));
os_memcpy(bss->addr, addr, ETH_ALEN);
+ if (notify)
+ wpa_supplicant_event(drv->ctx,
+ EVENT_INTERFACE_MAC_CHANGED, NULL);
}
}
@@ -1010,11 +1013,11 @@ static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
namebuf[0] = '\0';
if (if_indextoname(ifi->ifi_index, namebuf) &&
linux_iface_up(drv->global->ioctl_sock, namebuf) > 0) {
- /* Re-read MAC address as it may have changed */
- nl80211_refresh_mac(drv, ifi->ifi_index);
wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
"event since interface %s is up", namebuf);
drv->ignore_if_down_event = 0;
+ /* Re-read MAC address as it may have changed */
+ nl80211_refresh_mac(drv, ifi->ifi_index, 1);
return;
}
wpa_printf(MSG_DEBUG, "nl80211: Interface down (%s/%s)",
@@ -1060,7 +1063,7 @@ static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
"removed", drv->first_bss->ifname);
} else {
/* Re-read MAC address as it may have changed */
- nl80211_refresh_mac(drv, ifi->ifi_index);
+ nl80211_refresh_mac(drv, ifi->ifi_index, 0);
wpa_printf(MSG_DEBUG, "nl80211: Interface up");
drv->if_disabled = 0;
diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index 4dc044c2b..6eb35104c 100644
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -3927,6 +3927,9 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event,
data->signal_change.current_noise,
data->signal_change.current_txrate);
break;
+ case EVENT_INTERFACE_MAC_CHANGED:
+ wpa_supplicant_update_mac_addr(wpa_s);
+ break;
case EVENT_INTERFACE_ENABLED:
wpa_dbg(wpa_s, MSG_DEBUG, "Interface was enabled");
if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
--
2.14.3

83
SOURCES/rh1500442-wpa_supplicant-Fix-memory-leaks-in-ieee802_1x_create.patch

@ -0,0 +1,83 @@ @@ -0,0 +1,83 @@
From 22151b111b493d4604c9490327c40fdac7bc4b37 Mon Sep 17 00:00:00 2001
Message-Id: <22151b111b493d4604c9490327c40fdac7bc4b37.1525684664.git.davide.caratti@gmail.com>
From: Davide Caratti <davide.caratti@gmail.com>
Date: Thu, 8 Mar 2018 17:15:02 +0100
Subject: [PATCH] wpa_supplicant: Fix memory leaks in
ieee802_1x_create_preshared_mka()

In case MKA is initialized successfully, local copies of CAK and CKN
were allocated, but never freed. Ensure that such memory is released
also when ieee802_1x_kay_create_mka() returns a valid pointer.

Fixes: ad51731abf06 ("wpa_supplicant: Allow pre-shared (CAK,CKN) pair for MKA")
Signed-off-by: Davide Caratti <davide.caratti@gmail.com>
---
wpa_supplicant/wpas_kay.c | 32 +++++++++++++++-----------------
1 file changed, 15 insertions(+), 17 deletions(-)

diff --git a/wpa_supplicant/wpas_kay.c b/wpa_supplicant/wpas_kay.c
index 11708b8a6..d3d06b8ae 100644
--- a/wpa_supplicant/wpas_kay.c
+++ b/wpa_supplicant/wpas_kay.c
@@ -392,25 +392,25 @@ void * ieee802_1x_create_preshared_mka(struct wpa_supplicant *wpa_s,
{
struct mka_key *cak;
struct mka_key_name *ckn;
- void *res;
+ void *res = NULL;
if ((ssid->mka_psk_set & MKA_PSK_SET) != MKA_PSK_SET)
- return NULL;
-
- if (ieee802_1x_alloc_kay_sm(wpa_s, ssid) < 0)
- return NULL;
-
- if (!wpa_s->kay || wpa_s->kay->policy == DO_NOT_SECURE)
- return NULL;
+ goto end;
ckn = os_zalloc(sizeof(*ckn));
if (!ckn)
- goto dealloc;
+ goto end;
cak = os_zalloc(sizeof(*cak));
if (!cak)
goto free_ckn;
+ if (ieee802_1x_alloc_kay_sm(wpa_s, ssid) < 0 || !wpa_s->kay)
+ goto free_cak;
+
+ if (wpa_s->kay->policy == DO_NOT_SECURE)
+ goto dealloc;
+
cak->len = MACSEC_CAK_LEN;
os_memcpy(cak->key, ssid->mka_cak, cak->len);
@@ -419,17 +419,15 @@ void * ieee802_1x_create_preshared_mka(struct wpa_supplicant *wpa_s,
res = ieee802_1x_kay_create_mka(wpa_s->kay, ckn, cak, 0, PSK, FALSE);
if (res)
- return res;
+ goto free_cak;
+dealloc:
/* Failed to create MKA */
+ ieee802_1x_dealloc_kay_sm(wpa_s);
+free_cak:
os_free(cak);
-
- /* fallthrough */
-
free_ckn:
os_free(ckn);
-dealloc:
- ieee802_1x_dealloc_kay_sm(wpa_s);
-
- return NULL;
+end:
+ return res;
}
--
2.14.3

44
SOURCES/rh1619553-0001-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch

@ -0,0 +1,44 @@ @@ -0,0 +1,44 @@
From 3e34cfdff6b192fe337c6fb3f487f73e96582961 Mon Sep 17 00:00:00 2001
From: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
Date: Sun, 15 Jul 2018 01:25:53 +0200
Subject: [PATCH] WPA: Ignore unauthenticated encrypted EAPOL-Key data

Ignore unauthenticated encrypted EAPOL-Key data in supplicant
processing. When using WPA2, these are frames that have the Encrypted
flag set, but not the MIC flag.

When using WPA2, EAPOL-Key frames that had the Encrypted flag set but
not the MIC flag, had their data field decrypted without first verifying
the MIC. In case the data field was encrypted using RC4 (i.e., when
negotiating TKIP as the pairwise cipher), this meant that
unauthenticated but decrypted data would then be processed. An adversary
could abuse this as a decryption oracle to recover sensitive information
in the data field of EAPOL-Key messages (e.g., the group key).
(CVE-2018-14526)

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
---
src/rsn_supp/wpa.c | 11 +++++++++++
1 file changed, 11 insertions(+)

diff -upr wpa_supplicant-2.6.orig/src/rsn_supp/wpa.c wpa_supplicant-2.6/src/rsn_supp/wpa.c
--- wpa_supplicant-2.6.orig/src/rsn_supp/wpa.c 2016-10-02 21:51:11.000000000 +0300
+++ wpa_supplicant-2.6/src/rsn_supp/wpa.c 2018-08-08 16:55:11.506831029 +0300
@@ -2016,6 +2016,17 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, c
if ((sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) &&
(key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) {
+ /*
+ * Only decrypt the Key Data field if the frame's authenticity
+ * was verified. When using AES-SIV (FILS), the MIC flag is not
+ * set, so this check should only be performed if mic_len != 0
+ * which is the case in this code branch.
+ */
+ if (!(key_info & WPA_KEY_INFO_MIC)) {
+ wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
+ "WPA: Ignore EAPOL-Key with encrypted but unauthenticated data");
+ goto out;
+ }
if (wpa_supplicant_decrypt_key_data(sm, key, ver, key_data,
&key_data_len))
goto out;

41
SPECS/wpa_supplicant.spec

@ -7,7 +7,7 @@ Summary: WPA/WPA2/IEEE 802.1X Supplicant @@ -7,7 +7,7 @@ Summary: WPA/WPA2/IEEE 802.1X Supplicant
Name: wpa_supplicant
Epoch: 1
Version: 2.6
Release: 9%{?dist}
Release: 12%{?dist}
License: BSD
Group: System Environment/Base
Source0: http://w1.fi/releases/%{name}-%{version}%{rcver}%{snapshot}.tar.gz
@ -24,6 +24,12 @@ Source8: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/plai @@ -24,6 +24,12 @@ Source8: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/plai
%define build_gui 0
%endif

# RHEL-7 doesn't define _rundir macro yet
# Fedora 15 onwards uses /run as _rundir
%if 0%{!?_rundir:1}
%define _rundir /run
%endif

# distro specific customization and not suitable for upstream,
# works around busted drivers
Patch0: wpa_supplicant-assoc-timeout.patch
@ -87,6 +93,10 @@ Patch52: rh1495527-0006-TDLS-Reject-TPK-TK-reconfiguration.patch @@ -87,6 +93,10 @@ Patch52: rh1495527-0006-TDLS-Reject-TPK-TK-reconfiguration.patch
Patch53: rh1495527-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch
Patch54: rh1495527-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch
Patch55: rh1531254-common-Avoid-conflict-with-__bitwise-macro-from-linu.patch
Patch56: rh1434434-wpa_supplicant-Don-t-reply-to-EAPOL-if-pkt_type-is-P.patch
Patch57: rh1490885-fix-auth-failure-when-the-mac-is-updated-externally.patch
Patch58: rh1500442-wpa_supplicant-Fix-memory-leaks-in-ieee802_1x_create.patch
Patch59: rh1619553-0001-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch

URL: http://w1.fi/wpa_supplicant/

@ -182,6 +192,10 @@ cp %{SOURCE8} src/linux/if_link.h @@ -182,6 +192,10 @@ cp %{SOURCE8} src/linux/if_link.h
%patch53 -p1 -b .rh1495527-0007
%patch54 -p1 -b .rh1495527-0008
%patch55 -p1 -b .rh1531254-fix-bitwise-redefined
%patch56 -p1 -b .rh1434434-fix-pkt_otherhost
%patch57 -p1 -b .rh1490885-mac-changed-event
%patch58 -p1 -b .rh1500442-macsec-memleak
%patch59 -p1 -b .rh1619553-ignore-unauth-eapol

%build
pushd wpa_supplicant
@ -228,8 +242,7 @@ install -d %{buildroot}/%{_bindir} @@ -228,8 +242,7 @@ install -d %{buildroot}/%{_bindir}
install -m 0755 %{name}/wpa_gui-qt4/wpa_gui %{buildroot}/%{_bindir}
%endif

# running
mkdir -p %{buildroot}/%{_localstatedir}/run/%{name}
install -d -m 0755 %{buildroot}%{_rundir}/%{name}

# man pages
install -d %{buildroot}%{_mandir}/man{5,8}
@ -254,13 +267,6 @@ if [ $1 -eq 0 ] ; then @@ -254,13 +267,6 @@ if [ $1 -eq 0 ] ; then
/bin/systemctl stop wpa_supplicant.service > /dev/null 2>&1 || :
fi

%postun
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
if [ $1 -ge 1 ] ; then
# Package upgrade, not uninstall
/bin/systemctl try-restart wpa_supplicant.service >/dev/null 2>&1 || :
fi

%triggerun -- wpa_supplicant < 0.7.3-10
# Save the current service runlevel info
# User must manually run systemd-sysv-convert --apply wpa_supplicant
@ -286,7 +292,7 @@ fi @@ -286,7 +292,7 @@ fi
%{_sbindir}/wpa_supplicant
%{_sbindir}/wpa_cli
%{_sbindir}/eapol_test
%dir %{_localstatedir}/run/%{name}
%ghost %attr(755,root,root) %verify(not owner group) %{_rundir}/%{name}
%dir %{_sysconfdir}/%{name}
%{_mandir}/man8/*
%{_mandir}/man5/*
@ -297,6 +303,19 @@ fi @@ -297,6 +303,19 @@ fi
%endif

%changelog
* Tue Aug 28 2018 Davide Caratti <dcaratti@redhat.com> - 1:2.6-12
- Ignore unauthenticated encrypted EAPOL-Key data (CVE-2018-14526)

* Fri Jun 1 2018 Davide Caratti <dcaratti@redhat.com> - 1:2.6-11
- Better handling of /run/wpa_supplicant (rh #1507919)

* Fri May 18 2018 Davide Caratti <dcaratti@redhat.com> - 1:2.6-10
- Fix memory leak when macsec MKA/PSK is used (rh #1500442)
- Fix authentication failure when the MAC is updated externally (rh #1490885)
- Let the kernel discard EAPOL if packet type is PACKET_OTHERHOST (rh #1434434)
- Don't restart wpa_supplicant.service on package upgrade (rh #1505404)
- Don't own a directory in /run/ (rh #1507919)

* Mon Jan 8 2018 Davide Caratti <dcaratti@redhat.com> - 1:2.6-9
- Fix RPMDiff failures on ppc (rh #1532320)


Loading…
Cancel
Save