[For background have a look at https://char.gd/blog/2017/wifi-has-been-broken-heres-the-companies-that-have-already-fixed-it]
It appears that the fixes to the KRACK vulnerability in wpa_supplicant are available for Hassbian’s underlying OS (Jessie or Stretch), and hence can be self-applied via apt-get etc.
What do we users of HASS.io do? Can we do the same thing?
I note that the latest 1.1 version of resinos predates the KRACK fixes.
Regards,
mcginnie