Updated wpa_supplicant packages has been released for Fedora 29 to fix AP mode PMF disconnection protection bypass
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-65509aac53
2019-11-15 03:20:21.101719
--------------------------------------------------------------------------------
Name : wpa_supplicant
Product : Fedora 29
Version : 2.7
Release : 2.fc29
URL : http://w1.fi/wpa_supplicant/
Summary : WPA/WPA2/IEEE 802.1X Supplicant
Description :
wpa_supplicant is a WPA Supplicant for Linux, BSD and Windows with support
for WPA and WPA2 (IEEE 802.11i / RSN). Supplicant is the IEEE 802.1X/WPA
component that is used in the client stations. It implements key negotiation
with a WPA Authenticator and it controls the roaming and IEEE 802.11
authentication/association of the wlan driver.
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2019-16275
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 30 2019 Davide Caratti - 1:2.7-2
- fix AP mode PMF disconnection protection bypass (CVE-2019-16275, rh #1767026)
* Tue Dec 18 2018 Lubomir Rintel - 1:2.7-1
- Update to 2.7 upstream release
* Wed Aug 15 2018 Lubomir Rintel - 1:2.6-20
- Expose availability of SHA384 and FT on D-Bus
* Wed Aug 15 2018 Lubomir Rintel - 1:2.6-19
- Drop the broken Pmf D-Bus property patch
* Wed Aug 8 2018 Davide Caratti - 1:2.6-18
- Ignore unauthenticated encrypted EAPOL-Key data (CVE-2018-14526)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1767023 - CVE-2019-16275 wpa_supplicant: AP mode PMF disconnection protection bypass
https://bugzilla.redhat.com/show_bug.cgi?id=1767023
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-65509aac53' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys