We are safe from KRACK (WPA2 security issue)?

Hello.

As you know, last time discovered a security issue in WPA2. This affect in most cases Android and GNU/Linux but in someway also Windows and Mac devices. Here more info: http://news.softpedia.com/news/ubuntu-debian-fedora-and-elementary-os-all-patched-against-wpa2-krack-bug-518075.shtml

Few days ago Ubuntu, Fedora and Arch distro release special patches for wpa_supplicant package. I see OpenMandriva LX3 still use wpa_supplicant package updates long time ago.

So my question is - we are safe from this security issue or not? Anyone know?

1 Like

This is “In Progress”. There will be some patches added to our wpa_supplicant package. Someone is working on it now.

Thanks for reporting.

Thanks. Good to know :slight_smile:

Yes, our wpa_supplicat package will be safe soon.

2 Likes

Here is the new package currently in main-testing. That is where new packages go for testing by QA team before they are sent to an updates repo for public release.

Please test it and let us know in this thread if there are any issues.

1 Like

It seems it is in main update now.

Yes the package, as intended, is now in main-updates and will be a part of users regular updates.

As it seems that 2014 isn’t officially no more supported yet and some users, like me, are still using it, I wonder if it wouldn’t be possible to publish a patched package for this release.

2 Likes

Colin is going to get that package updated sometime soon.

Officially support ends with Lx 4 release.

Unofficially 2014 doesn’t have a developer assigned to maintain it. So my guess is that users need to report issues and ask for security updates if they know about them.

I’ll try to remember this but I don’t use or have installed 2014 any longer.

Yes, I know … I’ll try to compile the package myself.