wpa_supplicant: add patch to fix CVE-2018-14526

Fixes #44724.
This commit is contained in:
Franz Pletz 2018-08-08 22:20:06 +02:00
parent 8de02232c5
commit a81b29ac0b
No known key found for this signature in database
GPG Key ID: 846FDED7792617B4

View File

@ -80,7 +80,8 @@ stdenv.mkDerivation rec {
patches = [ patches = [
./build-fix.patch ./build-fix.patch
#KRACKAttack.com
# KRACKAttack.com
(fetchurl { (fetchurl {
url = "http://w1.fi/security/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch"; url = "http://w1.fi/security/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch";
sha256 = "02zl2x4pxay666yq18g4f3byccrzipfjbky1ydw62v15h76174aj"; sha256 = "02zl2x4pxay666yq18g4f3byccrzipfjbky1ydw62v15h76174aj";
@ -113,6 +114,12 @@ stdenv.mkDerivation rec {
url = "http://w1.fi/security/2017-1/rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch"; url = "http://w1.fi/security/2017-1/rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch";
sha256 = "1ca312cixbld70rp12q7h66lnjjxzz0qag0ii2sg6cllgf2hv168"; sha256 = "1ca312cixbld70rp12q7h66lnjjxzz0qag0ii2sg6cllgf2hv168";
}) })
# Unauthenticated EAPOL-Key decryption (CVE-2018-14526)
(fetchurl {
url = "https://w1.fi/security/2018-1/rebased-v2.6-0001-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch";
sha256 = "0z0zxc9wrikmvciyqpdhx0l5v7qsd8c6b5ph9h5rniqllpr3q34n";
})
]; ];
postInstall = '' postInstall = ''