Accepted wpa 2:2.4-1+deb9u1 (source) into proposed-updates->stable-new, proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 14 Oct 2017 14:18:32 +0200
Source: wpa
Binary: hostapd wpagui wpasupplicant wpasupplicant-udeb
Architecture: source
Version: 2:2.4-1+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Debian wpasupplicant Maintainers <pkg-wpa-devel@lists.alioth.debian.org>
Changed-By: Yves-Alexis Perez <corsac@debian.org>
Description:
hostapd - IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator
wpagui - graphical user interface for wpa_supplicant
wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i)
wpasupplicant-udeb - Client support for WPA and WPA2 (IEEE 802.11i) (udeb)
Changes:
wpa (2:2.4-1+deb9u1) stretch-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Fix multiple issues in WPA protocol (CVE-2017-13077, CVE-2017-13078,
CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,
CVE-2017-13086, CVE-2017-13087, CVE-2017-13088):
- hostapd: Avoid key reinstallation in FT handshake
- Prevent reinstallation of an already in-use group key
- Extend protection of GTK/IGTK reinstallation of
- Fix TK configuration to the driver in EAPOL-Key 3/4
- Prevent installation of an all-zero TK
- Fix PTK rekeying to generate a new ANonce
- TDLS: Reject TPK-TK reconfiguration
- WNM: Ignore WNM-Sleep Mode Response if WNM-Sleep Mode
- WNM: Ignore WNM-Sleep Mode Response without pending
- FT: Do not allow multiple Reassociation Response frames
- TDLS: Ignore incoming TDLS Setup Response retries
Checksums-Sha1:
f3af36a0fff7f148d06d3b9c8ce51b9b7e1e33b7 2186 wpa_2.4-1+deb9u1.dsc
be9f0c01074cebe981a168eb747eab252eeff5f6 1834600 wpa_2.4.orig.tar.xz
940182e4cfe5282665ea1c97f9eb0f31565847f0 95876 wpa_2.4-1+deb9u1.debian.tar.xz
Checksums-Sha256:
9281f757f1af46789339bedcf520756af765f304f125033a93a39b4a7afeb30b 2186 wpa_2.4-1+deb9u1.dsc
a1e4eda50796b2234a6cd2f00748bbe09f38f3f621919187289162faeb50b6b8 1834600 wpa_2.4.orig.tar.xz
2d847cc3047deb7d36e3442b6337e2095f9269125dc41c3518ccbe9c8af4adc9 95876 wpa_2.4-1+deb9u1.debian.tar.xz
Files:
9cdd1d1201390403227f78e1af183102 2186 net optional wpa_2.4-1+deb9u1.dsc
6a77b9fe6838b4fca9b92cb22e14de1d 1834600 net optional wpa_2.4.orig.tar.xz
0d05bd80c3548ff052dae9e864046332 95876 net optional wpa_2.4-1+deb9u1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEEl0WwInMjgf6efq/1bdtT8qZ1wKUFAlniGjMACgkQbdtT8qZ1
wKVnTAf+Nlai6HcoCU0A9WospMhzm+446uMVcXoe6GaMhrSJYu0SqA2o65Xvqplo
j3ReePWPdM+vICunArDlG38QnrnisXSR0b/1pD69YQU0I0cgOHnhxbn6/J4DNj7T
szlALIaeZp54NwYAsxiQ1c6GaxS4YhXOIOma7S3cuSCQ5JgGDYKHuwUck9QWcDUr
rIwKke2V3ZlqqMYAWJiPgA2IpKQ9vLwBR2GjxTbuntBZ2RRe08ft8KGO98ooIxBR
2fbSQ6OqJcYKcBMskWi6yhPRmP4sioasNagMPX9JxM9+xPjS1fIWQ/ZMtG/bBTaA
+WGKh/zHqVMf8LvLCFtD1K6E8754PQ==
=+YKc
-----END PGP SIGNATURE-----