Issue #1401
closedCVE-2014-3686 wpa_supplicant
90%
Description
Entry: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3686
I noticed that the cm-11.0 branch of CyanogenMod contains patches for this vulnerability:
https://github.com/CyanogenMod/android_external_wpa_supplicant_8/commit/5ed77d870e563df8560a40478204be5ea9db33e9
https://github.com/CyanogenMod/android_external_wpa_supplicant_8/commit/8e575d91534fd8ad98b06caec872a056c7f2737c
https://github.com/CyanogenMod/android_external_wpa_supplicant_8/commit/b76a82e8f28a5c3f43958e0e1b3c26390725b040
They can be applied to Replicant without any changes. They are also in the android_external_wpa_supplicant_8_ti repository. Is this repository actually needed in Replicant?
upstream patches for reference: https://w1.fi/security/2014-1/
Files
Updated by Wolfgang Wiedmeyer about 9 years ago
Just saw that the gta04 needs the android_external_wpa_supplicant_8_ti repository, so the patches need to go in there, too.
Updated by My Self about 9 years ago
- File wpasupplicant_cve-2014-3686-reviewed.zip wpasupplicant_cve-2014-3686-reviewed.zip added
- Status changed from New to In Progress
- % Done changed from 0 to 90
Thanks a lot for providing that patchset!
I've merged them all to my local repo and successfully compiled/reflashed/tested Replicant 4.2 on my i9100.
I just tested the Replicant functionalities. I don't tested Wi-Fi itself!
I've attached your patchset again, with the suffix -reviewed. I just added my Tested-by line inside the patch-headers, but this doesn't matter; so of course your original patchset could be taken.
(The original source seems to be: https://android.googlesource.com/platform/external/wpa_supplicant_8/+/772e12c)
Updated by Denis 'GNUtoo' Carikli almost 9 years ago
- Device Not device specific added
Updated by Wolfgang Wiedmeyer over 7 years ago
- Target version set to Replicant 4.2
- Device added
- Device deleted (
Not device specific)
Updated by Kurtis Hanna over 5 years ago
- Status changed from In Progress to Closed
- Resolution set to wontfix
This issue has been closed because Replicant 4.2 is no longer supported or maintained.