Accepted wpa 2:2.6-7 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 24 Nov 2017 16:29:25 +0000
Source: wpa
Binary: hostapd wpagui wpasupplicant wpasupplicant-udeb
Architecture: source
Version: 2:2.6-7
Distribution: unstable
Urgency: medium
Maintainer: Debian wpasupplicant Maintainers <pkg-wpa-devel@lists.alioth.debian.org>
Changed-By: Andrew Shadura <andrewsh@debian.org>
Description:
hostapd - IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator
wpagui - graphical user interface for wpa_supplicant
wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i)
wpasupplicant-udeb - Client support for WPA and WPA2 (IEEE 802.11i) (udeb)
Closes: 853293 871488 875233 879208
Launchpad-Bugs-Fixed: 1730399
Changes:
wpa (2:2.6-7) unstable; urgency=medium
.
* Upload to unstable.
* Optional AP side workaround for key reinstallation attacks (LP: #1730399).
.
wpa (2:2.6-6) experimental; urgency=medium
.
[ Reiner Herrmann ]
* Port wpa_gui to Qt5 (Closes: #875233).
.
[ Andrew Shadura ]
* Add a service file for hostapd.
* Build wpa_supplicant with interface matching support (Closes: #879208).
.
[ Benedikt Wildenhain (BO) ]
* Install wpa_supplicant-wired@.service (Closes: #871488).
.
[ Jan-Benedict Glaw ]
* Consider all ifupdown configuration, not only /etc/network/interfaces
(Closes: #853293).
.
wpa (2:2.6-5) experimental; urgency=medium
.
[ Yves-Alexis Perez ]
* Fix multiple issues in WPA protocol (CVE-2017-13077, CVE-2017-13078,
CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,
CVE-2017-13086, CVE-2017-13087, CVE-2017-13088):
- hostapd: Avoid key reinstallation in FT handshake
- Prevent reinstallation of an already in-use group key
- Extend protection of GTK/IGTK reinstallation of
- Fix TK configuration to the driver in EAPOL-Key 3/4
- Prevent installation of an all-zero TK
- Fix PTK rekeying to generate a new ANonce
- TDLS: Reject TPK-TK reconfiguration
- WNM: Ignore WNM-Sleep Mode Response if WNM-Sleep Mode
- WNM: Ignore WNM-Sleep Mode Response without pending
- FT: Do not allow multiple Reassociation Response frames
- TDLS: Ignore incoming TDLS Setup Response retries
.
wpa (2:2.6-4) experimental; urgency=medium
.
* Upload to experimental.
* Bump the epoch to 2:, as the upload to unstable had to bump epoch.
Checksums-Sha1:
a6abfdfbe661f1cbd1f8105e4312033010412ba0 2220 wpa_2.6-7.dsc
ac3cbc937fb71c07f8a0d96a5a8eeee83ff281d8 93040 wpa_2.6-7.debian.tar.xz
Checksums-Sha256:
63c21768e08b8d74b761c759db75f1e9e3b7f6e6d3fb602da0d37c481113c8ec 2220 wpa_2.6-7.dsc
a14f3d63a8ad3456e4b638351731a4ede36322c37e53979316e160d8c31e8849 93040 wpa_2.6-7.debian.tar.xz
Files:
ae765dc21e2dc7733ee497ab2119a4b6 2220 net optional wpa_2.6-7.dsc
cc22fa751e722f3dfa9e8f650affed0e 93040 net optional wpa_2.6-7.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQEcBAEBCAAGBQJaGE0AAAoJEJ1bI/kYT6UUyaAH/RNZJegtmuZVgyQHbbzVSamR
QQbfIo8yMt2DiVpgXQY0FUS9WimCL3mOPQ2KnXx+6xLkbHD51ZpHFwXixFDd83zX
dy3308OHkovJlZrDLhb9vCUyheRMcqsUtWzvbUIVBNN9c1+82ZUaWkDKmFMRVMgw
wRHcZwiua+4iVtx2WSLtPWjPGs0Zpffnkj+M/uhpRNDBwd0rCb/HD0yKj43sFHfp
6xAm0eEK1mSaZbxpU282+iOv1QLM0KIwcs+DZo/jeE62BrQzDgBs5AEP/1oJPrzH
st09C7W0WfpfGGENmAoY+JOakRmfGEQnaG3qi3If8lhF//fX4XLBgNa/6AEupo8=
=nX3E
-----END PGP SIGNATURE-----