]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: a1b0631) | patch
wpa-supplicant: fix CVE-2021-30004
authorStefan Ghinea <stefan.ghinea@windriver.com>
Thu, 8 Apr 2021 16:43:30 +0000 (19:43 +0300)
committerSteve Sakoman <steve@sakoman.com>
Wed, 21 Apr 2021 13:52:04 +0000 (03:52 -1000)
commit470e4af4c3a23eaafbd413722fdbfee5ad9e5be9
tree44988b2b62e17f2105c01a93d51cd4e0afe1407ftree | snapshot
parenta1b0631c4723d2a98eb9e80ec85a00bc46276783commit | diff
wpa-supplicant: fix CVE-2021-30004

In wpa_supplicant and hostapd 2.9, forging attacks may occur because
AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and
tls/x509v3.c.

References:
https://nvd.nist.gov/vuln/detail/CVE-2021-30004

Upstream patches:
https://w1.fi/cgit/hostap/commit/?id=a0541334a6394f8237a4393b7372693cd7e96f15

Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b32b671bf430b36a5547f8d822dbb760d6be47f7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2021-30004.patch [new file with mode: 0644] blob
meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb diff | blob | history
Mirror of the official openembedded-core repository