-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 3.0 (quilt) Source: wpa Binary: hostapd, wpagui, wpasupplicant, wpasupplicant-udeb Architecture: linux-any kfreebsd-any Version: 2.3-2.2 Maintainer: Debian wpasupplicant Maintainers <[email protected]> Uploaders: Stefan Lippers-Hollmann <[email protected]>, Jan Dittberner <[email protected]> Homepage: http://w1.fi/wpa_supplicant/ Standards-Version: 3.9.6 Vcs-Browser: http://anonscm.debian.org/viewvc/pkg-wpa/wpa/trunk/ Vcs-Svn: svn://anonscm.debian.org/pkg-wpa/wpa/trunk/ Build-Depends: debhelper (>> 9.20120115), libdbus-1-dev, libssl-dev, libqt4-dev, libncurses5-dev, libpcsclite-dev, libnl-3-dev [linux-any], libnl-genl-3-dev [linux-any], libnl-route-3-dev [linux-any], libpcap-dev [kfreebsd-any], libbsd-dev [kfreebsd-any], libreadline-dev, pkg-config, qt4-qmake, docbook-to-man, docbook-utils Package-List: hostapd deb net optional arch=linux-any,kfreebsd-any wpagui deb net optional arch=linux-any,kfreebsd-any wpasupplicant deb net optional arch=linux-any,kfreebsd-any wpasupplicant-udeb udeb debian-installer standard arch=linux-any Checksums-Sha1: 7737a4306195ffaba8bb6777e2ede5a4a25e3ca0 1735544 wpa_2.3.orig.tar.xz 328926f300bcae025a18b0009dc873ffbcbb5c12 84500 wpa_2.3-2.2.debian.tar.xz Checksums-Sha256: 3d96034fa9e042c8aacb0812d8b2ab3d4c9aa6fc410802b4ee0da311e51c3eb3 1735544 wpa_2.3.orig.tar.xz 89a6cd317af34695d7aa4ff8d1e3b8c80de03d86b338935d8605cdb89a3b8789 84500 wpa_2.3-2.2.debian.tar.xz Files: d6dc9fa32a406506717ee6a4d076cd6d 1735544 wpa_2.3.orig.tar.xz db6f18f88aace7294e99d65d53440140 84500 wpa_2.3-2.2.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJWNMGWAAoJEAVMuPMTQ89E5/MP/1PaVZwIlRbr/jkrMyTovPLv XDrvv+xeg/vUSjeU2IXS90DkrisdGKrM2vWP2txPvWD/Ee15hBXZlsX5NMXkeYEW /fAevGYlC49MiWKLhbaz2X/3+qvnTCCi5tjJwC6gUQA3tGyqdcaKhugU2N2iM4R0 PsiSIGJaEQgLt5IVGT6HMsU+xLlQEFyUZoroSVMyacWzesnQve1lovqaYRvQaqn2 2Lw7P5EGMeGRO0eqoNFHAF/cDK2vHSO8CFvmkZaWChgp6f10M22y1cnlMv+is9Wt eArAHFSyLznLUhZRIvqZnVoj7qRksqvCqUq4+u8J3QoZZCTqG8tnQH7ZE2VEoEzt /f00jvz+2HWHA8BXFlaIRuHzUCnQabZEmRvdQdJKbsND2cTIBDt+WFoILpZhZx0y G24KemiT+1kJ3nJAl50kqQm+vXdKjDSoQ49JvB8c5CDiia7fakplXwGx923jEh7W nIPFbnv06+UkLhAFNgmuQ44Y7jtzhRxORs5LXyN47EXOwEcUdz0AbBYHsGg4ZgfI 9R44O7aR5E5vKPtb3b9qpExCDBGFgAOrKJomcH2embG65KDiINEaqztjI2FdqbMz mZ2f8fTu3gMulSM4hj5oA+nS69u7QNsCC/HOJqGAAAJkcbZ5wKmKbRhYdRr1G3QN B38m76Sgxs1t3yVq7W8c =AknN -----END PGP SIGNATURE----- Changes: wpa (2.3-2.2) unstable; urgency=high * Non-maintainer upload. * Add patch to address CVE-2015-4141. CVE-2015-4141: WPS UPnP vulnerability with HTTP chunked transfer encoding. (Closes: #787372) * Add patch to address CVE-2015-4142. CVE-2015-4142: Integer underflow in AP mode WMM Action frame processing. (Closes: #787373) * Add patches to address CVE-2015-414{3,4,5,6} CVE-2015-4143 CVE-2015-4144 CVE-2015-4145 CVE-2015-4146: EAP-pwd missing payload length validation. (Closes: #787371) * Add patch to address 2015-5 vulnerability. NFC: Fix payload length validation in NDEF record parser (Closes: #795740) * Thanks to Julian Wollrath <[email protected]> for the initial debdiff provided in #787371. -- Salvatore Bonaccorso <[email protected]> Sat, 31 Oct 2015 14:13:50 +0100
