Patch for KRACK (CVE-2017-13077)
Aaron LI
aly at aaronly.me
Tue Oct 9 21:23:36 PDT 2018
On Tue, 9 Oct 2018 20:29:41 +0800
Ridwan Shariffdeen <rshariffdeen at gmail.com> wrote:
Hi Shariffdeen
> I noticed the wpa_supplicant code in (
> https://github.com/DragonFlyBSD/DragonFlyBSD/tree/master/contrib/wpa_supplicant)
> is not updated for the last 4 years.
>
> There was a recent disclosure of bugs in wpa standard (
> https://www.krackattacks.com/)
>
> I am wondering if the patches are merged or this is not a valid bug for
> DragonFlyBSD?
> Please help me clarify.
Thanks for referring to the security bug in dfly's base wpa_supplicant.
Yes, the base wpa_supplicant hasn't been updated for years, and its startup
script will print a warning suggesting that users should install the latest
wpa_supplicant from dports/packages.
Nevertheless, one developer may take time to upgrade the wpa_supplicant in
base.
Cheers,
--
Aaron
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.dragonflybsd.org/pipermail/users/attachments/20181010/da89ba94/attachment-0005.bin>
More information about the Users
mailing list