LISTSERV 16.5 - SCIENTIFIC-LINUX-ERRATA Archives

Synopsis:          Important: wpa_supplicant security update
Advisory ID:       SLSA-2017:2911-1
Issue Date:        2017-10-18
CVE Numbers:       CVE-2017-13077
                   CVE-2017-13078
                   CVE-2017-13080
                   CVE-2017-13087
--

Security Fix(es): * A new exploitation technique called key reinstallation
attacks (KRACK) affecting WPA2 has been discovered. A remote attacker
within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or
possibly inject forged Wi-Fi packets by manipulating cryptographic
handshakes used by the WPA2 protocol. (CVE-2017-13077, CVE-2017-13078,
CVE-2017-13080, CVE-2017-13087)
--

SL6
  x86_64
    wpa_supplicant-0.7.3-9.el6_9.2.x86_64.rpm
    wpa_supplicant-debuginfo-0.7.3-9.el6_9.2.x86_64.rpm
  i386
    wpa_supplicant-0.7.3-9.el6_9.2.i686.rpm
    wpa_supplicant-debuginfo-0.7.3-9.el6_9.2.i686.rpm

- Scientific Linux Development Team