[Buildroot] [PATCH 2/2] package/iwd: security bump to version 2.16
Peter Korsgaard
peter at korsgaard.com
Wed Mar 20 20:34:12 UTC 2024
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
> Fix CVE-2023-52161: The Access Point functionality in
> eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) before
> 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi
> network. An attacker can complete the EAPOL handshake by skipping Msg2/4
> and instead sending Msg4/4 with an all-zero key.
> https://git.kernel.org/pub/scm/network/wireless/iwd.git/tree/ChangeLog?h=2.16
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Committed to 2024.02.x, 2023.02.x and 2023.11.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list