This is an interoperability issue with EAP-PEAPv0 Cryptobinding between
wpa_supplicant and Windows Server 2008 NPS. wpa_supplicant 0.6.6 works
around this by disabling cryptobinding use by default. This can be done
in older versions, too, by adding crypto_binding=0 into the network
configuration pa
This issue is not present in the upstream 0.6.6 release, i.e., it is
introduced by 08_syslog_supplement.patch that Ubuntu 9.04 seems to be
using. That patch is seriously broken: it introduces a buffer overflow
where a stack buffer is written over due to a fixed size buffer used
with sprintf and no
Looks like the same issue had also been reported for debian and fixed
there by dropping the broken patch: http://bugs.debian.org/cgi-
bin/bugreport.cgi?bug=528639
** Bug watch added: Debian Bug tracker #528639
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528639
--
wpa_supplicant crashes w
This message is _not_ from wpa_supplicant nor controlled by
wpa_supplicant. This state change is an internal event in wpa_supplicant
it is logged at debug level there. Notification about the change is made
available over dbus, but I see no point in logging that by default.
Anyway, the control over
The interop issue is now resolved in git version of wpa_supplicant and
the fix should show up in 0.6.7 with the 0.6.6-workaround removed.
--
Cannot connect to Enterprise WPA2 wireless (Invalid Compound_MAC)
https://bugs.launchpad.net/bugs/304126
You received this bug notification because you are
Regarding comment #7: The AP did not detect Michael MIC failure in that
case at May 26 13:10:02; only one of the associated stations did. As
such, this by itself should not trigger TKIP countermeasures. In fact,
the AP would not be detecting Michael MIC failures in this kind of setup
if all the ass
Thanks. Based on the information here so far, this looks likely to be a
race condition in either ath9k or mac80211 which would end up in
triggering incorrect Michael MIC failure event immediately after the
group key is configured (i.e., a broadcast frame being received from the
AP at more or less t
Thanks. For some reason, this issue does not seem to show up on my main
laptop, but once I started testing with an older (and quite a bit
slower) laptop, I was able to reproduce the issue. I'm now able to
reproduce it at will within couple of minutes by using just that single
laptop and a continuou
It looks like the issue is in ath9k reporting a one of the received
broadcast data frames (likely the first one after the group keys have
been set or are in the process of being set) as a decrypted frame even
when the data is not really correctly decrypted. mac80211 will then
process the frame and
SSL_CTX_set_verify() is used to modify the default value in an SSL_CTX
instance and that will apply to every SSL instance created from that
SSL_CTX. SSL_set_verify() is used to set the parameter for each SSL
instance. Either call can be used in general to do the same.
SSL_CTX_set_verify() would be
Public bug reported:
The recently introduced openssl update to fix the CVE-2014-0224
vulnerability missed one code path where ChangeCipherSpec needs to be
allowed. tls_session_secret_cb configured the key and needs to allow CCS
message. The current Ubuntu package breaks programs that use that API,
Thanks! Would not have believed this could get released so quickly :-)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1329297
Title:
openssl CVE-2014-0224 fix broke tls_session_secret_cb and EAP-FAST
I agree with this not being an independent security issue. There is a
(mostly theoretical) potential security impact based on how applications
or users react to the case where session ticket unexpectedly cannot be
used. That could, at least in theory, result in trying the
authentication handshake a
http://w1.fi/gitweb/gitweb.cgi?p=hostap.git;a=commitdiff;h=effab86ff2f6b092eff2af3e1e37f46491b66e15
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/597050
Title:
Bad error message for mismatched keys
14 matches
Mail list logo
