Pretty annoying issue and surely not the best time to get it public, but I don't get why this issue is still persistent since it was reported to the vendors in August/Septembre.  Actually there's one customer after another calling and asking what they can do and when they can expect a solution. Not cool, to have no answer ready...

Dont forget though that the infrastructure is only part of this issue. Even after controllers & AP's have had a 'fix' applied there are still vulnerabilities from the client side, which is actually the source of the issue, can only be addressed by the client manufacturers. As i understand it, It affects infrastructure vendors because sometimes their AP's act as a client like when using mesh for example.

Here's a link to their FAQ on the issue: http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007_FAQ_Rev-1.pdf

And here's Meraki's which is excellent IMO:
https://documentation.meraki.com/zGeneral_Administration/Support/802.11r_Vulnerability_(CVE%3A_2017-...

Deathly silence from Ruckus...

From my chat session they plan to take their time... They have a response slated for the second half of today.