Hank Posted October 16, 2017 Share Posted October 16, 2017 Armbian provides its own hostapd. Why? This is relevant because of the recent WPA2 bug. Upstream hostapd has been patched: https://packages.debian.org/jessie/hostapd I don't understand the precise relation between Debian and Armbian. Will this patch percolate down? Thanks Link to comment Share on other sites More sharing options...
zador.blood.stained Posted October 16, 2017 Share Posted October 16, 2017 6 minutes ago, Hank said: Why? To include this patch from OpenWRT/LEDE: https://github.com/armbian/build/blob/master/packages/extras-buildpkgs/hostapd/debian/patches/300-noscan.patch There is also a second customized version with some Realtek specific drivers("hostapd-realtek"), not sure if it's relevant only for the legacy kernel or is required on the mainline too. 6 minutes ago, Hank said: Will this patch percolate down? Yes, I'll try to find the new patches and hopefully they apply on newer sources too. Link to comment Share on other sites More sharing options...
cvxx Posted October 17, 2017 Share Posted October 17, 2017 As most of boards are using wifi I wanted to confirm if KRACK vulnerability has been fixed in Armbian? https://www.krackattacks.com/ Link to comment Share on other sites More sharing options...
zador.blood.stained Posted October 17, 2017 Share Posted October 17, 2017 The most important CVEs affect clients (= the wpasupplicant package) and updates for it are already available from upstream Debian and Ubuntu repositories. For people running access point hostapd has some minor problems too. Standard package was already patched (but the repository was not updated yet as of now) and hostapd-realtek package was not patched. Link to comment Share on other sites More sharing options...
Igor Posted October 17, 2017 Share Posted October 17, 2017 Fixed in stable repository too. apt-update & apt-upgrade Link to comment Share on other sites More sharing options...
Hank Posted October 17, 2017 Author Share Posted October 17, 2017 Thank you very much. Just so I understand this, what does the "no scan" modification do? I can just use Debian's hostapd in case what, can't I? Thank you Link to comment Share on other sites More sharing options...
Igor Posted October 17, 2017 Share Posted October 17, 2017 "no scan" means forcing 40Mhz channel usage if adaptor support. We also support AC AP mode which is not enabled in Debian version yet ... I had in mind further patching, adding more advanced/router functionalities, which you usually find in router oriented distributions. Debian is pretty generic distribution so they don't care much about this. And a special version for some Realtek chips is also an added value here. Link to comment Share on other sites More sharing options...
Recommended Posts