You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa wpa_supplicant

Sigurnosni nedostatak programskog paketa wpa_supplicant

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2019-05-14 00:58:11.471703

Name : wpa_supplicant
Product : Fedora 30
Version : 2.8
Release : 2.fc30
Summary : WPA/WPA2/IEEE 802.1X Supplicant
Description :
wpa_supplicant is a WPA Supplicant for Linux, BSD and Windows with support
for WPA and WPA2 (IEEE 802.11i / RSN). Supplicant is the IEEE 802.1X/WPA
component that is used in the client stations. It implements key negotiation
with a WPA Authenticator and it controls the roaming and IEEE 802.11
authentication/association of the wlan driver.

Update Information:

upgrade to latest 2.8 version, that includes fix for CVE-2019-11555.

* Fri May 10 2019 Davide Caratti <> – 1:2.8-2
– fix changelog for version 2.8-1
* Thu May 2 2019 Davide Caratti <> – 1:2.8-1
– Update to 2.8 upstream release, to include latest fix for NULL
pointer dereference when EAP-PWD peer receives unexpected EAP
fragments (CVE-2019-11555, rh #1701759)

[ 1 ] Bug #1703418 – CVE-2019-11555 wpa_supplicant: Improper fragmentation reassembly state validation in EAP peer leading to DoS [fedora-all]
[ 2 ] Bug #1701759 – wpa_supplicant-2.8 is available

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2019-ff1b728d09’ at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to
Fedora Code of Conduct:
List Guidelines:
List Archives:

AutorToni Vugdelija
Cert idNCERT-REF-2019-05-0001-ADV
More in Preporuke
Sigurnosni nedostaci programskog paketa java-1.8.0-openjdk

Otkriveni su sigurnosni nedostaci u programskom paketu java-1.8.0-openjdk za operacijski sustav RHEL. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja...