How can we help?

  1. RainMachine
  2. Community
  3. Ideas and product enhancements

Pro firmware update

Follow
Avatar
lanbrown

When can the Pro device users expect a firmware update.  The OS version is 17.01.0 but OpenWRT/LEDE has 17.01.6 out; which has newer versions of OpenSSL and LibreSSL in them.  Given that these are security packages, I would hope that Rain Machine would make sure their devices are patched.  The kernel has also been updated.

17.01.5 was released on July 17th, 2018

17.01.6 was released on September 3rd. 2018

Some fixes in 17.01.5:

CVE-2017-3735

Description: While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.

 

CVE-2017-15107

Description: A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.

 

Some of the fixes in 17.01.6 are:

CVE-2018-0732

Description: During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).

 

CVE-2018-14526

Description: An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive information.

 

CVE-2018-1000007

Description: libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the `Location:` response header value. Sending the same set of headers to subsequest hosts is in particular a problem for applications that pass on custom `Authorization:` headers, as this header often contains privacy sensitive information or data that could allow others to impersonate the libcurl-using client's request.

 

Given that these are minor release updates, they are just bug fixes as compared to moving to the 18.x train.

 

When can we expect to see a firmware update?  Currently there aren't even any beta releases available.

1

Comments

1 comment

Sort by Date Votes
  • Avatar
    RainMachine Nicholas

    The next update is ready and waiting on HomeKit approval from Apple. The security fixes won't be in this version but most likely will be included in the beta which will follow shortly after the stable release.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post