Debian
wpa package

wpa 2:2.9.0-16 source package in Debian

Changelog

wpa (2:2.9.0-16) unstable; urgency=high

  * Restrict eapoltest to linux-any kfreebsd-any.
  * Add an upstream patch to fix a crash with a long P2P interface name
    (Closes: #976091).
  * Security fix: CVE-2020-12695.
    A vulnerability in the UPnP SUBSCRIBE command can trigger the AP to
    initiate a HTTP (TCP/IP) connection to an arbitrary URL or to trigger
    misbehavior in hostapd and cause the process to either get terminated
    or to start using more CPU resources.
    The issue can also be mitigated by building hostapd without UPnP support
    (CONFIG_WPS_UPNP=n) or disabling it at runtime by removing the upnp_iface
    parameter.
    (Closes: #976106)
  * Refresh patches.

 -- Andrej Shadura <email address hidden>  Mon, 30 Nov 2020 10:02:04 +0100

Upload details

Uploaded by:
Debian wpasupplicant Maintainers
Uploaded to:
Sid
Original maintainer:
Debian wpasupplicant Maintainers
Architectures:
linux-any kfreebsd-any
Section:
net
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
wpa_2.9.0-16.dsc 2.4 KiB 71c2dbf31868953ae65239912e39164143399c20e9cec80d689953193c0f71c1
wpa_2.9.0.orig.tar.xz 2.2 MiB 4032da92d97cb555053d94d514d590d0ce066ca13ba5ef144063450bc56161a7
wpa_2.9.0-16.debian.tar.xz 91.0 KiB ebf1c641c919933fb8065220c61057282148fedac3091328a938d81b3095bfee

No changes file available.

Binary packages built by this source