Hi, On Tue, 2 Nov 2021, at 13:55, * Neustradamus * wrote: > It is possible to have a 2.9.1 or 2.10 release with CVE fixes? > - https://w1.fi/security/ > - https://w1.fi/security/2019-7/ > - https://w1.fi/security/2020-1/ > - https://w1.fi/security/2020-2/ > - https://w1.fi/security/2021-1/ > > The current version is 2.9 (2019-08-07): > - https://w1.fi/cgit/hostap/ > > Already more 2 years without fixes. > > A lot of projects have vulnerabilities because no official new build > since 2019-08-07. > > I am not the first to inform you about this major security problem. Although I do agree a release would be great, but in fact most if not all major users follow security advisories and apply patches provided by the project. If you know of a hostapd downstream that doesn’t, I think you should talk to them and ask them to pull these patches. -- Cheers, Andrej _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
