News for package wpa

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 3.0 (quilt)
Source: wpa
Binary: hostapd, wpagui, wpasupplicant, wpasupplicant-udeb
Architecture: linux-any kfreebsd-any
Version: 2.3-2.3
Maintainer: Debian wpasupplicant Maintainers <[email protected]>
Uploaders: Stefan Lippers-Hollmann <[email protected]>, Jan Dittberner <[email protected]>
Homepage: http://w1.fi/wpa_supplicant/
Standards-Version: 3.9.6
Vcs-Browser: http://anonscm.debian.org/viewvc/pkg-wpa/wpa/trunk/
Vcs-Svn: svn://anonscm.debian.org/pkg-wpa/wpa/trunk/
Build-Depends: debhelper (>> 9.20120115), libdbus-1-dev, libssl-dev, libqt4-dev, libncurses5-dev, libpcsclite-dev, libnl-3-dev [linux-any], libnl-genl-3-dev [linux-any], libnl-route-3-dev [linux-any], libpcap-dev [kfreebsd-any], libbsd-dev [kfreebsd-any], libreadline-dev, pkg-config, qt4-qmake, docbook-to-man, docbook-utils
Package-List:
 hostapd deb net optional arch=linux-any,kfreebsd-any
 wpagui deb net optional arch=linux-any,kfreebsd-any
 wpasupplicant deb net optional arch=linux-any,kfreebsd-any
 wpasupplicant-udeb udeb debian-installer standard arch=linux-any
Checksums-Sha1:
 7737a4306195ffaba8bb6777e2ede5a4a25e3ca0 1735544 wpa_2.3.orig.tar.xz
 cf0c60abfffd5c3ed98de1f326d9196a0e20e457 86156 wpa_2.3-2.3.debian.tar.xz
Checksums-Sha256:
 3d96034fa9e042c8aacb0812d8b2ab3d4c9aa6fc410802b4ee0da311e51c3eb3 1735544 wpa_2.3.orig.tar.xz
 aebdeda11461e93d7f37df5f45643a3fc3c203853c884d983ed4f558604f0b2f 86156 wpa_2.3-2.3.debian.tar.xz
Files:
 d6dc9fa32a406506717ee6a4d076cd6d 1735544 wpa_2.3.orig.tar.xz
 38dedea3056ee103fb70c544ae1b99b8 86156 wpa_2.3-2.3.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJWRPC2AAoJEAVMuPMTQ89EL/0P/00vse9OjWHEfY0zRfiE9qXL
7l6ekazAxWALcxSLrPtEvni3Ag/sFO1Iv0Woc+Pd1viZhycFkMnJ+ASJCuZVMOB6
AdstwqoEfJv/9kUl+WWB1BxZu+rXKjIL1Kx3IcXQpzC3XxHe0Jhxii/+VDrI8eqq
fQwUcW6mnNSASncjNjIrYZ7PU3X1jr/4sFr4f/85lYL93gH22dMYhTCPkyuZAANI
y6sZXCe2kVqE26CtKLvdAj6lOQvWcconpVnsSEdHVAfGZie9WmrtJHS7gUZT26yA
jV4BXnrkQZivre800gfu6WBGWhtcukfQs8qtA8GDeQxsI3gfSD7xIZmEhg1wnbSd
Srjl3ercqx50BhM8hExCVsuHfL4Bop/LwUszvyKueElHWVjeMG978sao8KGdJthl
i0ncCzelR3ZByBDPPgi2NlE96TuX8b9IqDVPAsei+z3q5v7s2l+Gs2QsbAcrrKVB
E+Ox85ZUCo30bm/eHtKwMCKzZuzYFONAf2pSsJbByrRx27dT4IUv0sWHsJ1X8V9V
gITn08p/KaYonhyPbDX1QYkqKdt9hv8LcONsnf7xWcQrv9cMH3tObWh/ZD/z6ZDT
s0UqC+wpQYk+1/V5TuqaqpL70CLucFsbG4O+OKT4psCucgZwtjCUaZ+gqJpKFQ6T
379mb1U4dizkfqaevBYx
=ZFoD
-----END PGP SIGNATURE-----

Changes:
wpa (2.3-2.3) unstable; urgency=high

  * Non-maintainer upload.
  * Add patch to address CVE-2015-5310.
    CVE-2015-5310: wpa_supplicant unauthorized WNM Sleep Mode GTK control.
    (Closes: #804707)
  * Add patches to address CVE-2015-5314 and CVE-2015-5315.
    CVE-2015-5314: hostapd: EAP-pwd missing last fragment length validation.
    CVE-2015-5315: wpa_supplicant: EAP-pwd missing last fragment length
    validation. (Closes: #804708)
  * Add patch to address CVE-2015-5316.
    CVE-2015-5316: EAP-pwd peer error path failure on unexpected Confirm
    message. (Closes: #804710)

 -- Salvatore Bonaccorso <[email protected]>  Thu, 12 Nov 2015 20:54:12 +0100