Updated wpa_supplicant packages fix security vulnerability: An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive information (CVE-2018-14526).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 6 | noarch | wpa_supplicant | < 2.6-1.2 | wpa_supplicant-2.6-1.2.mga6 |