Recently, the news of the Key Reinstallation Attack (KRACK) vulnerability allowing the decryption of WPA2 messages being the key exploit was announced. This may open up additional vulnerabilities toward a wireless client and the security and integrity of their browsing traffic.

The eduroam.org position is described here https://www.eduroam.org/2017/10/18/key-reinstallation-attack-and-wpa2/

Users should be made aware that until their phones, tablets and laptops are patched, there is a risk to the security of sensitive information transmitted over all WPA2 networks (including home, café, airport and other enterprise wireless networks). However WPA2 represents the best currently available technology and reversion to other techniques is not advised. 

Information Services strongly advise that all mobile devices are patched to the latest releases.