Your message dated Sat, 06 Feb 2021 17:18:56 +0000
with message-id <[email protected]>
and subject line Bug#981971: fixed in wpa 2:2.9.0-17
has caused the Debian Bug report #981971,
regarding wpa: CVE-2021-0326: wpa_supplicant P2P group information processing
vulnerability
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
981971: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=981971
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: wpa
Version: 2:2.9.0-16
Severity: grave
Tags: security upstream
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi
Details are published in the advisory at
https://w1.fi/security/2020-2/wpa_supplicant-p2p-group-info-processing-vulnerability.txt
Patch:
https://w1.fi/security/2020-2/0001-P2P-Fix-copying-of-secondary-device-types-for-P2P-gr.patch
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: wpa
Source-Version: 2:2.9.0-17
Done: Andrej Shadura <[email protected]>
We believe that the bug you reported is fixed in the latest version of
wpa, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andrej Shadura <[email protected]> (supplier of updated wpa package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 06 Feb 2021 18:04:13 +0100
Source: wpa
Architecture: source
Version: 2:2.9.0-17
Distribution: unstable
Urgency: medium
Maintainer: Debian wpasupplicant Maintainers <[email protected]>
Changed-By: Andrej Shadura <[email protected]>
Closes: 981971
Changes:
wpa (2:2.9.0-17) unstable; urgency=medium
.
[ Salvatore Bonaccorso ]
* P2P: Fix copying of secondary device types for P2P group client
(CVE-2021-0326) (Closes: #981971).
Checksums-Sha1:
300f26ab24fd21962e13b83725b1aa38686cec6b 2181 wpa_2.9.0-17.dsc
9b9978b15f09f08d3d1cb23eb44b007558ae59a4 93800 wpa_2.9.0-17.debian.tar.xz
Checksums-Sha256:
820bdbb03bcd5e817e3596a140344f3a4fdb0617b4966ce0f40d07f96e4cf29b 2181
wpa_2.9.0-17.dsc
c33562052e0d10a16e26c1977045d93243392cff4ca2d0a0ee4b409ba60a4fb9 93800
wpa_2.9.0-17.debian.tar.xz
Files:
51c093da4588b38fb026a6985696c3c1 2181 net optional wpa_2.9.0-17.dsc
db8d6dee7e3f693765aa20b94922a4e7 93800 net optional wpa_2.9.0-17.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iHUEARYIAB0WIQSD3NF/RLIsyDZW7aHoRGtKyMdyYQUCYB7MNwAKCRDoRGtKyMdy
YX1TAQDqRKMbYAAT8u7T8N4BVwi56P2N0hBKIpDOEdaiqf6lFAD+PawG4AU28Fb9
MZxVGM2LKS63UXp8AC2UA//HU5d08gQ=
=23Lg
-----END PGP SIGNATURE-----
--- End Message ---
