Slackware-14.1 ChangeLog (2022-01-19)
Wed Jan 19 18:18:02 UTC 2022
Packages
Rebuilt
- patches/packages/wpa_supplicant-2.9-i486-2_slack14.1.txz
This update contains patches for these security issues:
The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant
before 2.10 are vulnerable to side-channel attacks as a result of cache
access patterns.
NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23303
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23304
(* Security fix *)