KRACK vulnerability fix #242
Comments
|
Original comment by Martin Maciaszek (Bitbucket: maciaszek, GitHub: maciaszek): This isn't an issue of Espurna directly. Espressif released patches to address this vulnerability: http://espressif.com/en/media_overview/news/espressif-releases-patches-wifi-vulnerabilities-cert-vu228519?position=0&list=W1-rtfr4C9e1Vhf5JEhY_1EPZ-Dag7NT6M7sJEphvS0 You’ll just need to rebuild Espurna with the newly updated SDK. |
|
You are right, to use the latest 2.4.0-rc2 version you will also have to update ESPAsyncTCP library, although it has some compilation errors if SSL is enabled (me-no-dev/ESPAsyncTCP#58). |
|
As of 1.9.6 all pre-built images have been built against 2.4.0-RC2, there are some issues with the ESPAsyncTCP library that makes it crash when using 2.4.0-RC2 with SSL support. In the meantime you can compile against a fork (https://github.com/xoseperez/ESPAsyncTCP) with a fixed signatures when ASYNC_TCP_SSL_ENABLED = 1 |
|
KRACK fix available using 2.4.0-rc2, fully supported with the latest ESPAsyncTCP version, including SSL support. |
|
Removing milestone: 1.9.8 (automated comment) |
Originally reported by: 0xFelix (Bitbucket: 0xFelix, GitHub: 0xFelix)
The today released KRACK vulnerability should be fixed as soon as possible
The text was updated successfully, but these errors were encountered: