Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security status about wifi vulnerability: fragattacks #5351

Closed
Rotzbua opened this issue Jul 3, 2021 · 8 comments
Closed

Security status about wifi vulnerability: fragattacks #5351

Rotzbua opened this issue Jul 3, 2021 · 8 comments
Assignees
@me-no-dev
Milestone
2.0.1

Comments

@Rotzbua
Copy link
Contributor

Rotzbua commented Jul 3, 2021
edited
Loading

Description

It seems that there is currently no release available which uses a fixed idf version.
This issue should help to show the current status about the patches and releases.

Status of arduino-esp32

arduino-esp32 ESP-IDF vulnerable
older than 1.0.6 x yes ⚠️
1.0.6 v3.3.5 yes ⚠️
2.0.0-alpha1 IDF master cf457d412 yes ⚠️
2.0.0 x fixed ✅

Fixed IDF releases

edit: not all are officially released...

  • Master ( ef127ab9 )
  • Release v4.3.1 ( 46144f70 )
  • Release v4.2.2 ( 60ccb3fe )
  • Release v4.1.2 ( 97c8be71 )
  • Release v4.0.4 ( 7504329e )
  • Release v3.3.6 ( b403b0db )

Reference

Disclaimer

I am not a maintainer. Ping team if necessary.
@me-no-dev me-no-dev added this to the 2.0.0 milestone Jul 16, 2021
@me-no-dev me-no-dev added the Status: In Progress Issue is in progress label Jul 16, 2021
@stale
Copy link

stale bot commented Sep 22, 2021

[STALE_SET] This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 14 days if no further activity occurs. Thank you for your contributions.

@stale stale bot added the Status: Stale Issue is stale stage (outdated/stuck) label Sep 22, 2021
@VojtechBartoska VojtechBartoska modified the milestones: 2.0.0, 2.0.1 Sep 22, 2021
@stale
Copy link

stale bot commented Sep 22, 2021

[STALE_CLR] This issue has been removed from the stale queue. Please ensure activity to keep it openin the future.

1 similar comment
@stale
Copy link

stale bot commented Sep 22, 2021

[STALE_CLR] This issue has been removed from the stale queue. Please ensure activity to keep it openin the future.

@stale stale bot removed the Status: Stale Issue is stale stage (outdated/stuck) label Sep 22, 2021
@VojtechBartoska
Copy link
Contributor

opening

@me-no-dev
Copy link
Member

This is already in master and in 2.0.0

@Rotzbua
Copy link
Contributor Author

Rotzbua commented Sep 22, 2021

@me-no-dev Will older v1 get a fix?

@me-no-dev
Copy link
Member

not in Arduino. We can not re-release 1.0.6 for example.

@Rotzbua
Copy link
Contributor Author

Rotzbua commented Sep 23, 2021

I agree, a re-release of an existing version is always a mess. But it is possible to release a new 1.0.7 or are there problems with the Arduino IDE which I am not familiar? I thought the branch release/v1.0 is kept for critical fixes?

@Rotzbua Rotzbua mentioned this issue Sep 23, 2021
Open
@VojtechBartoska VojtechBartoska removed the Status: In Progress Issue is in progress label Oct 22, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@me-no-dev me-no-dev

Labels
None yet
Projects
None yet
Milestone
2.0.1
Development

No branches or pull requests
3 participants
@Rotzbua @me-no-dev @VojtechBartoska