]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: aa8a7b2) | patch
wpa_supplicant: Security Advisory-CVE-2016-4476
authorZhixiong Chi <zhixiong.chi@windriver.com>
Thu, 22 Sep 2016 07:54:20 +0000 (15:54 +0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Fri, 23 Sep 2016 13:55:24 +0000 (14:55 +0100)
commited610b68f7e19644c89d7131e34c990a02403c62
treee4607d3141228b79c2fe9502c0a822ba057129aftree | snapshot
parentaa8a7b2962f9a77bdd347843c41f86dc291b783ecommit | diff
wpa_supplicant: Security Advisory-CVE-2016-4476

Add CVE-2016-4476 patch for avoiding \n and \r characters in passphrase
parameters, which allows remote attackers to cause a denial of service
(daemon outage) via a crafted WPS operation.
Patches came from http://w1.fi/security/2016-1/

Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-WPS-Reject-a-Credential-with-invalid-passphrase.patch [new file with mode: 0644] blob
meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0002-Remove-newlines-from-wpa_supplicant-config-network-o.patch [new file with mode: 0644] blob
meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.5.bb diff | blob | history
Mirror of the official openembedded-core repository