Security update for wpa_supplicant

Announcement ID:	SUSE-SU-2018:3480-1
Rating:	moderate
References:	bsc#1080798 bsc#1098854 bsc#1099835 bsc#1104205 bsc#1109209 bsc#1111873
Cross-References:	CVE-2018-14526
CVSS scores:	CVE-2018-14526 ( SUSE ): 5.9 CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N CVE-2018-14526 ( NVD ): 6.5 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products:	Basesystem Module 15 SUSE Linux Enterprise Desktop 15 SUSE Linux Enterprise High Performance Computing 15 SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server for SAP Applications 15

An update that solves one vulnerability and has five security fixes can now be installed.

Description:

This update for wpa_supplicant provides the following fixes:

This security issues was fixe:

• CVE-2018-14526: Under certain conditions, the integrity of EAPOL-Key messages was not checked, leading to a decryption oracle. An attacker within range of the Access Point and client could have abused the vulnerability to recover sensitive information (bsc#1104205)

These non-security issues were fixed:

• Fix reading private key passwords from the configuration file. (bsc#1099835)
• Enable PWD as EAP method. This allows for password-based authentication, which is easier to setup than most of the other methods, and is used by the Eduroam network. (bsc#1109209)
• compile eapol_test binary to allow testing via radius proxy and server (note: this does not match CONFIG_EAPOL_TEST which sets -Werror and activates an assert call inside the code of wpa_supplicant) (bsc#1111873), (fate#326725)
• Enabled timestamps in log file when being invoked by systemd service file (bsc#1080798).
• Fixes the default file permissions of the debug log file to more sane values, i.e. it is no longer world-readable (bsc#1098854).
• Open the debug log file with O_CLOEXEC, which will prevent file descriptor leaking to child processes (bsc#1098854).

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• Basesystem Module 15
  zypper in -t patch SUSE-SLE-Module-Basesystem-15-2018-2484=1

Package List:

• Basesystem Module 15 (aarch64 ppc64le s390x x86_64)
  • wpa_supplicant-debugsource-2.6-4.11.1
  • wpa_supplicant-debuginfo-2.6-4.11.1
  • wpa_supplicant-2.6-4.11.1

References:

• https://www.suse.com/security/cve/CVE-2018-14526.html
• https://bugzilla.suse.com/show_bug.cgi?id=1080798
• https://bugzilla.suse.com/show_bug.cgi?id=1098854
• https://bugzilla.suse.com/show_bug.cgi?id=1099835
• https://bugzilla.suse.com/show_bug.cgi?id=1104205
• https://bugzilla.suse.com/show_bug.cgi?id=1109209
• https://bugzilla.suse.com/show_bug.cgi?id=1111873