As #OpenBSD's de-facto wifi maintainer, I first learned about this WPA problem in June. A simple patch was provided which I could commit with slight modifications.
The original embargo was already 2 months long, and then extended again for 2 months.
The generall public (you) were left in the dark about this for at least 4 months.
This is a very sad state of affairs. It takes the industry much too long to apply a simple patch.
@david Sorry, "June" was incorrect. I should have said "July" or "too long ago to accurately remember"...
@stsp Question.
As a consumer, and as someone who has done infra work professionally - I want so bad for full disclosure to be the norm.
@stsp ok that wasn't a question. that was a rant.
My butt, personally and professionally, was waving in the breeze for months. This is not really OK.
@stsp when in june did you get word? How long have they been sitting on this?