Accepted wpa 2:2.10-21.1 (source) into unstable

[Debian FTP Masters]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 28 Apr 2024 21:07:32 +0000
Source: wpa
Architecture: source
Version: 2:2.10-21.1
Distribution: unstable
Urgency: medium
Maintainer: Debian wpasupplicant Maintainers <w...@packages.debian.org>
Changed-By: Bastien Roucariès <ro...@debian.org>
Closes: 1064061
Changes:
 wpa (2:2.10-21.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Fix CVE-2023-52160 (Closes: #1064061):
     The implementation of PEAP in wpa_supplicant allows
     authentication bypass. For a successful attack,
     wpa_supplicant must be configured to not verify
     the network's TLS certificate during Phase 1
     authentication, and an eap_peap_decrypt vulnerability
     can then be abused to skip Phase 2 authentication.
     The attack vector is sending an EAP-TLV Success packet
     instead of starting Phase 2. This allows an adversary
     to impersonate Enterprise Wi-Fi networks.
Checksums-Sha1:
 512440e6e9bd144e4f2175a5271f2f57f3071259 2712 wpa_2.10-21.1.dsc
 4c9ba5c6755ab3e6c5997c63ba1640ba646ad2d0 92584 wpa_2.10-21.1.debian.tar.xz
 55130fb164e6d0e411fbcc2e9f31b63a2666352f 15498 wpa_2.10-21.1_amd64.buildinfo
Checksums-Sha256:
 ae335ab5709062018634780d48aaf1a93f41ecc261e856bc259853c20337a112 2712 
wpa_2.10-21.1.dsc
 db646d5c29cdc818d1054b496a57e700315876ecc0c1d837ad3abb882ddeef12 92584 
wpa_2.10-21.1.debian.tar.xz
 81612d83c25f84071500295332ecc4a25c154d3148feccf5ba067d78d701c492 15498 
wpa_2.10-21.1_amd64.buildinfo
Files:
 6bb2dc3cfc6d7361aba9002cddc93ba5 2712 net optional wpa_2.10-21.1.dsc
 3f145f748a3f2a4b603d50e9dc39653c 92584 net optional wpa_2.10-21.1.debian.tar.xz
 c3679ab4c1172c74408f21481e9e2eaa 15498 net optional 
wpa_2.10-21.1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJFBAEBCgAvFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmYuwDIRHHJvdWNhQGRl
Ymlhbi5vcmcACgkQADoaLapBCF8TYQ//Sngw6zlxyf2yO0yD2eSIVxgAh+SCDx25
9Zh2CguIw6EiEUr8rJVxfFfBctdQmhiDCdN/HaBgJEDcFhGaKBNLSxnWexrW02RR
uoI30GQCUoStWqhVPGVQ5dLpwkZZTubHL2EcbTY4n9UXVx7E3PJ/2F4A2f3zay1s
gxtXr3b46fhnzj+7PRrNg9czikLi4EWbIDzBq8bkMD5+71E5r6mShG//uHWBQfxd
tBF6RGtDYcBdA70MKex+FIlvMd7zKo5k4E3fsW67wXz5xesk973aazFOcO/d+BQD
EBNe/VfOVyR7D8qGCofYxeKYPI5A/lHcvhS6FPTOUgYCkWGZxqcHhFjg+tUkDOn5
OcrsV5Isu0VkR3LNb/VQ3XhWssqJW9iUzMxkY6QL3qLK2kPiInUmvkDf3KtaOgM1
hQRrrg2LOaisU8j1PUXKzz+q21TTZyBFeGvIEJAPmSdKkFBW3W/W9LVzy+mmxqhz
r1yfi5ZNqJCbgVMGC+W8X1pia7MXtyYp1bsGHaGo+XLY5VCDC9171bxfpB276xME
ese+Mw2zk8OnRrCoR4vHW3gs3vYa7TFCo8iQZS/i2UZl7YeuF1dAUa0zyp7teYVw
lpR0A5tcUa1ikg0B03gHkO2tyG0+sM0eDpFOwDNMUjopWo39s831FPAUpxe9Iupx
7jz2L9WZV3w=
=EgyM
-----END PGP SIGNATURE-----

pgpknnm3o2OYc.pgp
Description: PGP signature