security

PSA: WPA2 Key Reinstallation Attack fix released

Parrot Security Advisory:

WPA packages updated!

We are happy to announce that the wpa source package that provides wpasupplicant, hostapd and wpagui is now updated to version 2.4-1.1 and it is available in our stable repository

upgrade the system now to fix the WPA2 protocol implementation

the updated packages can be manually downloaded from https://archive.parrotsec.org/parrot/pool/main/w/wpa

the security patch was imported from debian where it was releqsed by Yves-Alexis Perez of the Debian Security Team

the bugfix closes the following CVEs:
CVE-2017-13077
CVE-2017-13078
CVE-2017-13079
CVE-2017-13080
CVE-2017-13081
CVE-2017-13082
CVE-2017-13086
CVE-2017-13087
CVE-2017-13088

 

Debian Security Advisory:

https://www.debian.org/security/2017/dsa-3999

 

WPA2 Attack Paper:

ccs2017-wpa