[Cerowrt-devel] cerowrt-3.10.36-3

Dave Taht dave.taht at gmail.com
Mon Apr 7 23:58:35 EDT 2014

On Mon, Apr 7, 2014 at 7:44 PM, Chuck Anderson <cra at wpi.edu> wrote:
> On Mon, Apr 07, 2014 at 06:44:09PM -0700, Dave Taht wrote:
>> + Resync with openwrt
>>    This includes a new hostapd and a new version of wireless-testing
>> + update to openssl 1.01g - closes CVE-2014-0160
>> - totally untested as yet (I am away from my routers and have other
>> fish to fry right now)
> Working okay here on 2.4 GHz and 5 GHz.

THX for trying it so fast!

debian libs fixed in 36 minutes flat:

But fixing the certs and keys is going to take a while.

"Debian will need to patch OpenSSL in sid, jessie, and wheezy, and all
keys used with vulnerable processes will need to be replaced both in
Debian infrastructure and by all users of this package."

An update of a couple beaglebone blacks shows it built and available
on the relatively obscure
armhf arch.

It looks like google's cert was replaced in mid march, and it seems likely
this was in the works for a while....

Dave Täht

NSFW: https://w2.eff.org/Censorship/Internet_censorship_bills/russell_0296_indecent.article

More information about the Cerowrt-devel mailing list