OSMC and KRACK

akjsefjwe · 16 October 2017 22:18

Please patch OSMC for KRACK when you are able to. I’m assuming this is going to downstream from Raspbian…

sam_nazarko · 16 October 2017 23:11

OSMC isn’t based on Raspbian.

We will issue an update when Debian updates. For now it’s looking like wpa-supplicant is all that needs to be patched. We will keep a close eye on what needs to be updated to remedy these vulnerabilities for OSMC and issue an update and announcement shortly.

Sam

akjsefjwe · 16 October 2017 23:57

FYI. wpa_supplicant patches are here.

https://w1.fi/security/2017-1/

Debian advisory here: Bugtraq: [SECURITY] [DSA 3999-1] wpa security update

sam_nazarko · 17 October 2017 00:18

This still isn’t propagated yet.

https://packages.debian.org/jessie/wpasupplicant

Tomorrow morning it will be. We will push then.
We’re never too far behind on these things; and I suspect we’ll beat most people to the mark.

Sam

sam_nazarko · 17 October 2017 12:23

This should now be resolved. Please see OSMC security update for OSMC 2017.09-1 and earlier - OSMC.