From 09748a352729762dacb8e6171752aaa6d03df85d Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Mon, 16 Oct 2017 14:15:08 -0400
Subject: gnu: wpa-supplicant: Fix "KRACK" key reinstallation attacks [security
 fixes].

Fixes CVE-2017-{13078,13079,13080,13081,13082,13087,13088}.

See these announcements for more information:
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
https://www.krackattacks.com/

* gnu/packages/patches/wpa-supplicant-CVE-2017-13082.patch,
gnu/packages/patches/wpa-supplicant-fix-key-reuse.patch,
gnu/packages/patches/wpa-supplicant-fix-nonce-reuse.patch
gnu/packages/patches/wpa-supplicant-fix-zeroed-keys.patch,
gnu/packages/patches/wpa-supplicant-krack-followups.patch: New files.
* gnu/packages/admin.scm (wpa-supplicant-minimal)[source]: Use them.
* gnu/local.mk (dist_patch_DATA): Add them.
---
 gnu/local.mk | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'gnu/local.mk')

diff --git a/gnu/local.mk b/gnu/local.mk
index 9defe9d583..f648dda141 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1104,6 +1104,11 @@ dist_patch_DATA =						\
   %D%/packages/patches/wordnet-CVE-2008-2149.patch			\
   %D%/packages/patches/wordnet-CVE-2008-3908-pt1.patch			\
   %D%/packages/patches/wordnet-CVE-2008-3908-pt2.patch			\
+  %D%/packages/patches/wpa-supplicant-CVE-2017-13082.patch	\
+  %D%/packages/patches/wpa-supplicant-fix-key-reuse.patch	\
+  %D%/packages/patches/wpa-supplicant-fix-zeroed-keys.patch	\
+  %D%/packages/patches/wpa-supplicant-fix-nonce-reuse.patch	\
+  %D%/packages/patches/wpa-supplicant-krack-followups.patch	\
   %D%/packages/patches/xcb-proto-python3-print.patch		\
   %D%/packages/patches/xcb-proto-python3-whitespace.patch	\
   %D%/packages/patches/xdotool-fix-makefile.patch               \
-- 
cgit v1.2.3