cancel
Showing results for 
Search instead for 
Did you mean: 

WiNG 5.8.6.7 vs 5.8.6.8 ?

WiNG 5.8.6.7 vs 5.8.6.8 ?

Andrew_Webster
New Contributor III
I noticed that WiNG 5.8.6.8 was just posted and, according the the release notes, it also contains patches for CVE-2017-13078 and CVE-2017-13080 (WPA2 KRACK). I was under the impression that 5.8.6.7 was "the" fix.

To clarify, is 5.8.6.8 the definitive patch for the KRACK vulnerabilities?

10 REPLIES 10

gluo
New Contributor II
So, if I install it the access ports AP621 will still be able to communicate with the controller?

RobertZ
Extreme Employee
All it means that if you find any issues on any of the EndOfLife (EOL) equipment, Engineering will not debug/support it.

Alona
Extreme Employee
If you don't have APs in CB mode - you don't need 5.8.6.8. 5.8.6.7 addressed the common place for KRACK vuulnerability.

Andrew_Webster
New Contributor III
The issue is that according to this document: https://extremeportal.force.com/ExtrArticleDetail?n=000018005
It indicates 5.8.6.7 would have been "the fix", thus gearing up to upgrade customer's network (which is using client bridge functionality) to 5.8.6.7 only to find out 5.8.6.8 was released to address KRACK in client bridge instances was somewhat frustrating.

Please update the documentation to reflect this.

RobertZ
Extreme Employee
GTM-P2G8KFN