Using Debian (sid) here, wpasupplicant was upgraded this morning and from the changelog it appears that it addresses the vulnerabilities.
wpa (2:2.4-1.1) unstable; urgency=high * Non-maintainer upload by the Security Team. * Fix multiple issues in WPA protocol (CVE-2017-13077, CVE-2017- 13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088): - hostapd: Avoid key reinstallation in FT handshake - Prevent reinstallation of an already in-use group key - Extend protection of GTK/IGTK reinstallation of - Fix TK configuration to the driver in EAPOL-Key 3/4 - Prevent installation of an all-zero TK - Fix PTK rekeying to generate a new ANonce - TDLS: Reject TPK-TK reconfiguration - WNM: Ignore WNM-Sleep Mode Response if WNM-Sleep Mode - WNM: Ignore WNM-Sleep Mode Response without pending - FT: Do not allow multiple Reassociation Response frames - TDLS: Ignore incoming TDLS Setup Response retries On Mon, 2017-10-16 at 12:07 -0700, Dick Steffens wrote: > Have people looked in to this: > > https://apnews.com/743db922a4d2473a8745ce54c134c33a/Researchers-disco > ver-vulnerability-affecting-Wi-Fi-security > > If so, how have you handled it? > _______________________________________________ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug