Accepted wpa 2:2.7+git20190128+0c1e29f-6+deb10u1 (source) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 17 Sep 2019 11:58:08 +0200 Source: wpa Architecture: source Version: 2:2.7+git20190128+0c1e29f-6+deb10u1 Distribution: buster-security Urgency: medium Maintainer: Debian wpasupplicant Maintainers Changed-By: Andrej Shadura Closes: 934180 940080 Changes: wpa (2:2.7+git20190128+0c1e29f-6+deb10u1) buster-security; urgency=medium . * SECURITY UPDATE: - AP mode PMF disconnection protection bypass. More details: + https://w1.fi/security/2019-7/ Closes: #940080 (CVE-2019-16275) - Timing-based side-channel attack against WPA3's Dragonfly handshake when using Brainpool curves. More details: + https://w1.fi/security/2019-6/ + https://wpa3.mathyvanhoef.com/ Closes: #934180 (CVE-2019-13377) Checksums-Sha1: f4df702cbe046768765ca84d92d3227362e61b38 2216 wpa_2.7+git20190128+0c1e29f-6+deb10u1.dsc 63799ab5b3cbd53a690bab9f9ddda4d8ab059c83 2286436 wpa_2.7+git20190128+0c1e29f.orig.tar.xz 1c4317fe155d2d81d3d0cab8b29450ef6de03cc8 105784 wpa_2.7+git20190128+0c1e29f-6+deb10u1.debian.tar.xz Checksums-Sha256: dfa899eb6942b76578c551a61f65ec53a539349989716b72aabf7eeabe0fe379 2216 wpa_2.7+git20190128+0c1e29f-6+deb10u1.dsc 4732f6dc4f2402347a37adea7f127ffce88ae3b27afc816b67f5b51199bd139e 2286436 wpa_2.7+git20190128+0c1e29f.orig.tar.xz 7dd463a6c56dc3461f314543b8078e1d5a0c1a6313c02d6f0f8d8fe2e1f45d89 105784 wpa_2.7+git20190128+0c1e29f-6+deb10u1.debian.tar.xz Files: 1ed459936a0316445d06d39cd75d207e 2216 net optional wpa_2.7+git20190128+0c1e29f-6+deb10u1.dsc 64f7dd7528079b006de5a5883ae05abd 2286436 net optional wpa_2.7+git20190128+0c1e29f.orig.tar.xz c25318da1277624d64f96ede3f14569b 105784 net optional wpa_2.7+git20190128+0c1e29f-6+deb10u1.debian.tar.xz -BEGIN PGP SIGNATURE- iQEzBAEBCAAdFiEEeuS9ZL8A0js0NGiOXkCM2RzYOdIFAl2CHSAACgkQXkCM2RzY OdLFcQf/bAFRaaLBOtHzAvaiNDdHmpcanXIa8oVcLLIzY6fWBzhLo10LKuzaawZB teiQcQdMmUHLNBTR4zxxZWXS6jVUUxGdPr6davNe35WGIWRMi7sc0nS1M4Tfr7aY tLI3zBaTy9qzQ+Is9Lkit+1eRGfy0laOEnjRBR+3mDVooGLpYheN/cP15OebA1iH TqAjFFJJJ95QgWGV5X8kL4fF3kamxA3TaFsIDzftezonhs/MhDhCHACc0rJJKRQ9 Fmpw/kWDM8fnKsg4tQG/tyNwYaDgYHHXZFbuKzpSAI6JjYJZT1Nh9G9ppFx/EUUt 2FBKgtnruQx8eqiOLIj3kDP9mMuXew== =TX+9 -END PGP SIGNATURE-
Accepted wpa 2:2.4-1+deb9u4 (source) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 26 Apr 2019 15:21:54 +0200 Source: wpa Architecture: source Version: 2:2.4-1+deb9u4 Distribution: stretch-security Urgency: high Maintainer: Debian wpasupplicant Maintainers Changed-By: Andrej Shadura Closes: 927463 Changes: wpa (2:2.4-1+deb9u4) stretch-security; urgency=high . * SECURITY UPDATE (2019-5): - CVE-2019-11555: EAP-pwd message reassembly issue with unexpected fragment (Closes: #927463). Checksums-Sha1: 0f501c7b79559105a47c4b2da112bf65953785e6 2186 wpa_2.4-1+deb9u4.dsc 487099193b2d84c623685b35cebb1569e4eb65be 99980 wpa_2.4-1+deb9u4.debian.tar.xz Checksums-Sha256: 850299102a1ea713c1684b63de39d05e25de307b0843b1b2f102d5729d802e35 2186 wpa_2.4-1+deb9u4.dsc 21e7c8bc5a868b45e5ff8afb3f3dd4fa00f6058c16f7241d391ce29d2dd34631 99980 wpa_2.4-1+deb9u4.debian.tar.xz Files: 89a9ed0d166a3e293ffb552df57b1f45 2186 net optional wpa_2.4-1+deb9u4.dsc 8453ce5cc56c31210610b26a19b80e6c 99980 net optional wpa_2.4-1+deb9u4.debian.tar.xz -BEGIN PGP SIGNATURE- iQEzBAEBCAAdFiEEeuS9ZL8A0js0NGiOXkCM2RzYOdIFAlzZX7MACgkQXkCM2RzY OdLaxQgAtmDbZIhS6MSKX6zmvw1sGpbkbCghZkFS3/EJNGSlL+rpuNKz48VbCxAt 2FES/ngWvkOwe0CCGxgs1ZE2wHh+mTdIbZwD8URbuYPvP7pic1yiEwHLzTawNIFZ mFOhv5SLkleCscNubElSGsXVyMN5hMHwUm8T5DaQbHjimMhO3Dk43BqzgnHXNzOh yx+M9QDcfD0PqJljmOkXmuBqeFYAjc9x35imBhjovbo4kj3g3ug261c/XSvZxGS5 9gsozb6oeYMMeWJ6O3qtbfPa8CCTH5wrxa6jEgcH26DeL0j5bsa5f84uC9i1RKI6 sX7dY41ClfQANjkzhi8rjmvjlZtrXw== =yAAm -END PGP SIGNATURE-
Accepted wpa 2:2.4-1+deb9u3 (source) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 10 Apr 2019 18:57:51 +0200 Source: wpa Architecture: source Version: 2:2.4-1+deb9u3 Distribution: stretch-security Urgency: high Maintainer: Debian wpasupplicant Maintainers Changed-By: Andrej Shadura Closes: 905739 Changes: wpa (2:2.4-1+deb9u3) stretch-security; urgency=high . * Apply a partial security fix for CVE-2019-9495: - OpenSSL: Use constant time operations for private bignums. - See https://w1.fi/security/2019-2/ for more details. * Apply security fixes: - EAP-pwd server: Detect reflection attacks (CVE-2019-9497) - EAP-pwd client: Verify received scalar and element (partial fix for CVE-2019-9498) - EAP-pwd server: Verify received scalar and element (partial fix for CVE-2019-9499) - See https://w1.fi/security/2019-4/ for more details. * Add an upstream patch to add crypto_ec_point_cmp() required by the fixes for CVE-2019-9497. * Forcefully enable compilation of the ECC code. . wpa (2:2.4-1+deb9u2) stretch; urgency=high . * SECURITY UPDATE: - CVE-2018-14526: Ignore unauthenticated encrypted EAPOL-Key data (Closes: #905739) Checksums-Sha1: 26df4ffe448bd47985c887aa8bbf18a1b841733c 2186 wpa_2.4-1+deb9u3.dsc 4ec25de069baa2f46e9d81e3db1e15ee03ae188e 99400 wpa_2.4-1+deb9u3.debian.tar.xz Checksums-Sha256: 8a876fc8dd2ef3cccea29a161944031201b8696008ca0fe629a412c79ea69934 2186 wpa_2.4-1+deb9u3.dsc b7390be9e0fc313e7c00485f5196b12a85be0925d067f74a3650be4c20edba6f 99400 wpa_2.4-1+deb9u3.debian.tar.xz Files: ab6a8bf46d421a9dee1dd20aac0dea6b 2186 net optional wpa_2.4-1+deb9u3.dsc 2105006e2320e3ce42e8e064b5b7055e 99400 net optional wpa_2.4-1+deb9u3.debian.tar.xz -BEGIN PGP SIGNATURE- iQEzBAEBCAAdFiEEeuS9ZL8A0js0NGiOXkCM2RzYOdIFAlyuWwkACgkQXkCM2RzY OdLdlwgAu3SCaLouEn2Co0zcjKLH3SM5oA4LNcwCQJrIuSit3wHRGcdWqn5Eid+T brL6pp4fWH+GzVXkob/0qJhvLiJa514Y/LDYUmwWO4KEMLlYGZJb/qrrY+SFEtsE g33f7FcRRKhbo/XJsIhpMfpD0Dh+iRpGZ/d8MgO0ORRVkrQLu5QCoHxSfTm61WiH brGP7Oaxpn/7ZI0t0ZHeRC+0j44pZYwdVj1ToW8MQnElWoh4BGYEZclNtPlG4y4P ilMpchX5XWeyqLCoToq40aUnOXA07HWhpJkjXoCixA3y3puI8CCsDMbKRU0tAqD5 /kPKn04Uu2FNL8IyNvB5JjFR6dzAKQ== =Aklv -END PGP SIGNATURE-
Accepted wpa 2:2.4-1+deb9u2 (source) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 09 Aug 2018 09:23:49 +0200 Source: wpa Binary: hostapd wpagui wpasupplicant wpasupplicant-udeb Architecture: source Version: 2:2.4-1+deb9u2 Distribution: stretch Urgency: high Maintainer: Debian wpasupplicant Maintainers Changed-By: Andrej Shadura Description: hostapd- IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator wpagui - graphical user interface for wpa_supplicant wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i) wpasupplicant-udeb - Client support for WPA and WPA2 (IEEE 802.11i) (udeb) Closes: 905739 Changes: wpa (2:2.4-1+deb9u2) stretch; urgency=high . * SECURITY UPDATE: - CVE-2018-14526: Ignore unauthenticated encrypted EAPOL-Key data (Closes: #905739) Checksums-Sha1: 90ef7a27f07b5a1175f68c34114d36ad3ad50cf9 2301 wpa_2.4-1+deb9u2.dsc 8036d8b0bf0f3ed938d9b5309489d5f63dfd2b62 96572 wpa_2.4-1+deb9u2.debian.tar.xz Checksums-Sha256: 1590d8a659ed4f4e5e1e693b45c57dc8a7ce4c831a0b8aced3a1b2458184622b 2301 wpa_2.4-1+deb9u2.dsc 983cd21ad7bf4ffa6e5a7f054d977c2331d4b2642198c4c825ee52ad6e86e088 96572 wpa_2.4-1+deb9u2.debian.tar.xz Files: 01d359e2fc0ac558dd7a77366c688956 2301 net optional wpa_2.4-1+deb9u2.dsc 003f2faff5c9203bd35ef7d6f542caaf 96572 net optional wpa_2.4-1+deb9u2.debian.tar.xz -BEGIN PGP SIGNATURE- iQEzBAEBCAAdFiEEeuS9ZL8A0js0NGiOXkCM2RzYOdIFAlt2bgoACgkQXkCM2RzY OdLc9QgAmhAeyK9Bxmv82t56ujrLx5r2dKvrc5EAv9YV8uMavV2IUu0VOhPN/Y8k dAiprG9ot2bfstcDX4SynB29E4ZqKt77Uwm1ObjUIZ4O7jRg6f8fNt5UgvhEXIYH sCiH6uj0xDqp/1S4rrIS/42PHBpA4AZjCbKCLwLinYinKz1Jmo4CpzBR1dv3MV2V hT9dQ8eicwEKiISPdMYCWgz3tMdkGj2SD/pl8gAurEYo/ogJffmCTAKgJUQ1nvCC +hIHGken8b3ZAS610TCGKRED2wHpknbJN840erigWVeKZZbu0iD+9+E2rjaEPvkz BODDeXww+ecsM1yQdChzk4Hay3e6QQ== =APSJ -END PGP SIGNATURE-
