KRACK wifi wpa2 vulnerability

[waves]

A wifi security vulnerability has been widely reported.
https://www.krackattacks.com/
All home routers, laptops, smartphones and other devices that use wpa2 (the current standard solution) for wifi are affected. I assume any Raspberry Pi with RuneOS is also vulnerable.

Question: Is there some patch available for ArchLinux and/or Raspberry firmware patch that can also be applied to RuneOS device without breaking RuneAudio? Any other steps to mitigate the problem?

The more general worry is that it is hard for end users to do security updates for a device with RuneAudio since it is hard to know which parts of Arch will break Rune functionality if updated. I hope the version of RuneAudio in progress will some vanilla Linux distribution like Raspbian as a basis so that users can easily install security updates as they become available.

[waves]

According to https://github.com/kristate/krackinfo#v ... e-complete there are patches available for Arch Linux as of 2017-10-16

The two packages mentioned are
https://www.archlinux.org/packages/?name=hostapd
https://www.archlinux.org/packages/?name=wpa_supplicant

Has anyone tried updating those packages on a Raspberry device with RuneOS?
Is there some way to verify if updating those packages fixes the problem in RuneOS or are further patches needed?

Volumio (which has similar functionality to RuneAudio) has fixed the bug already, https://volumio.org/forum/bugs-wpa2-protocol-t7810.html

[waves]

[hondagx35]

[waves]

[hondagx35]

[waves]