OSMC and KRACK

@sam_nazarko

Please patch OSMC for KRACK when you are able to. I’m assuming this is going to downstream from Raspbian…

OSMC isn’t based on Raspbian.

We will issue an update when Debian updates. For now it’s looking like wpa-supplicant is all that needs to be patched. We will keep a close eye on what needs to be updated to remedy these vulnerabilities for OSMC and issue an update and announcement shortly.

Sam

1 Like

FYI. wpa_supplicant patches are here.

https://w1.fi/security/2017-1/

Debian advisory here: http://seclists.org/bugtraq/2017/Oct/25

This still isn’t propagated yet.

https://packages.debian.org/jessie/wpasupplicant

Tomorrow morning it will be. We will push then.
We’re never too far behind on these things; and I suspect we’ll beat most people to the mark.

Sam

This should now be resolved. Please see OSMC security update for OSMC 2017.09-1 and earlier - OSMC.