Bug 2042540
Summary: | Update wpa_supplicant to version 2.10 | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 9 | Reporter: | Davide Caratti <dcaratti> |
Component: | wpa_supplicant | Assignee: | Davide Caratti <dcaratti> |
Status: | CLOSED ERRATA | QA Contact: | Ken Benoit <kbenoit> |
Severity: | medium | Docs Contact: | |
Priority: | unspecified | ||
Version: | 9.0 | CC: | kbenoit, rvr, sukulkar |
Target Milestone: | rc | Keywords: | Triaged |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | wpa_supplicant-2.10-1.el9 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | 2042104 | Environment: | |
Last Closed: | 2022-05-17 15:59:05 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 2042104 | ||
Bug Blocks: | 2044602 |
Description
Davide Caratti
2022-01-19 16:50:09 UTC
Just to reiterate in this bug as well, I'm providing the ack but this is very close to the exception/blocker-only line, so this is risky. (In reply to Ken Benoit from comment #1) > Just to reiterate in this bug as well, I'm providing the ack but this is > very close to the exception/blocker-only line, so this is risky. hello Ken, yes, also I would have liked 2.10 to pop up earlier. However, looking at the git log from the latest 2.9 snapshot we have in RHEL and 2.10, the list of changes looks short and relatively harmless. One of the most relevant things are 58bbcfa31 OpenSSL: Update security level drop for TLS 1.0/1.1 with OpenSSL 3.0 682fce579 OpenSSL: Fix compressed form encoding for subjectPublicKey with 3.0 ff2eccbdf OpenSSL: Load legacy provider when needed for OpenSSL 3.0 ddcdd6286 OpenSSL: Clean up EVP_PKEY_get{0,1}_EC_KEY() use 384aa245e OpenSSL: Speed up crypto_ec_point_compute_y_sqr() that resumes some work Jouni did to work correctly with OpenSSL-3.0, and should allow us reverting the quirks we had in the selftests that globally enabled the OpenSSL legacy provider to compute DES / MD4 / RC4, and the following commits 8c502336d EAP-pwd: Derive the y coordinate for PWE with own implementation 6c380f4c8 SAE: Derive the y coordinate for PWE with own implementation that includes a security update for the "dragonfly" problem (see [1]). https://w1.fi/security/2022-1/. I will push the code and the build ASAP. thanks! Ran wireless regression testing against wpa_supplicant-2.10-2.el9 from BZ2032539 and didn't come across any issues. Marking as Verified:Tested and SanityOnly. *** Bug 2052328 has been marked as a duplicate of this bug. *** Ran wireless regression testing against RHEL-9.0.0-20220216.0 (wpa_supplicant-2.10-2.el9) against recent wireless cards (AX201, AX211, QCA6390). Testing passed without issue. Verifying as SanityOnly. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (new packages: wpa_supplicant), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2022:3991 |