| Errata ID | 479 |
|---|---|
| Date | 2019-04-17 |
| Source package | wpa |
| Fixed in version | 2:2.4-1+deb9u3A~4.3.4.201904131053 |
| Description | This update addresses the following issues: * EAP-pwd cache side-channel attack (CVE-2019-9495) * EAP-pwd server not checking for reflection attack (CVE-2019-9497) * EAP-pwd server missing commit validation for scalar/element (CVE-2019-9498) * EAP-pwd peer missing commit validation for scalar/element (CVE-2019-9499) |
| Additional notes | |
| CVE ID | CVE-2019-9495 CVE-2019-9497 CVE-2019-9498 CVE-2019-9499 |
| UCS Bug number | #49285 |
