W dniu 6.04.2023 o 20:57, Andreas Ziegler pisze:
>
> Mateusz Jończyk wrote on 06.04.23 14:18:
>> W dniu 28.03.2023 o 00:54, hauke at hauke-m.de (Hauke Mehrtens) pisze:
>>> Hi,
>>>
>>> I would like to create a new OpenWrt 22.03 and 21.02 minor release in
>>> the next week.
>>>
>>> OpenWrt 21.02.6 would be the final release of the OpenWrt 21.02 series.
>>
>> Hello,
>>
>> Last week, a vulnerability in some WiFi stacks has been revealed. It affects
>> Linux and
>> can in some cases break WPA2 / WPA3 encryption. It has received much media
>> attention.
>>
>> The paper is called
>> "Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues"
>> and is authored by Domien Schepers, Aanjhan Ranganathan and Mathy Vanhoef.
>>
>> I was wondering whether you would like to delay the release until this is
>> fixed
>> in mainline Linux.
>>
>> The paper is available at:
>> https://papers.mathyvanhoef.com/usenix2023-wifi.pdf
>> Some more information from the authors:
>> https://github.com/domienschepers/wifi-framing
>>
>> Greetings,
>>
>> Mateusz
>
>
> Hi Mateusz,
>
> this paper is about CVE-2022-47522 which seems to be fixed in all supported
> OpenWrt branches by commits that were pushed 7 days ago by Felix Fietkau.
> E.g. 4ae854d05568bc36a4df2cb6dd8fb023b5ef9944 in branch openwrt-22.03.
>
> Greetings,
> Andreas
Great, thank you for the info.
Greetings,
Mateusz
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
