On 10/11/19 12:59 PM, Jo-Philipp Wich wrote: > Hi Bjørn, > >> Or: Start discussing the release blockers here and now. Thanks. > > 1) Blocker: LuCI master needs to be backported to 19.07 > Time estimate: 2-3 weeks > > 2) Blocker: All relevant sub-components for WPA-3 + GUI support, such as > hostapd, iwinfo etc. need to be backported to 19.07 > Time estimate: 2 weeks
ynezz has a branch here and I am fine with also backporting hostapd from master to 19.07, the security fixes are already in. https://git.openwrt.org/?p=openwrt/staging/ynezz.git;a=shortlog;h=refs/heads/upstream/19.07/hostapd-backports > 3) Blocker: Some weaknesses in libustream-ssl client certificate > handling need to be addressed, which can only be solved by an API > redesign. Band-aid fixes available but not merged, nobody worked > on API redesign yet > Time estimate: 1 week > > 4) Blocker: Need to assert the state of the Dragonblood WPA3 > vulnerabilities in 19.07's hostapd > Time estimate: a few days I guess All the patches listed here are already backported to hostapd 2.7 from openwrt 19.07: https://w1.fi/security/ As hostapd on master seams to work, I have no problem with backporting hostapd 2.9 to openwrt 19.07, this should make it easier for us to handle later security problems. Hauke
signature.asc
Description: OpenPGP digital signature
_______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
