-
wpa (2.1-0ubuntu7.3) vivid-security; urgency=medium
* SECURITY UPDATE: unauthorized WNM Sleep Mode GTK control
- debian/patches/CVE-2015-5310.patch: Ignore Key Data in WNM Sleep Mode
Response frame if no PMF in use in wpa_supplicant/wnm_sta.c.
- CVE-2015-5310
* SECURITY UPDATE: EAP-pwd missing last fragment length validation
- debian/patches/CVE-2015-5315-1.patch: Fix last fragment length
validation in src/eap_peer/eap_pwd.c.
- debian/patches/CVE-2015-5315-2.patch: Fix last fragment length
validation in src/eap_server/eap_server_pwd.c.
- CVE-2015-5315
-- Marc Deslauriers <email address hidden> Mon, 09 Nov 2015 07:22:31 -0600
-
wpa (2.1-0ubuntu7.2) vivid-security; urgency=medium
* SECURITY UPDATE: denial of service via WPS UPnP
- debian/patches/CVE-2015-4141.patch: check chunk size in
src/wps/httpread.c.
- CVE-2015-4141
* SECURITY UPDATE: denial of service via AP mode WMM Action frame
- debian/patches/CVE-2015-4142.patch: check length in src/ap/wmm.c.
- CVE-2015-4142
* SECURITY UPDATE: denial of service via EAP-pwd
- debian/patches/CVE-2015-4143-4146.patch: check lengths in
src/eap_peer/eap_pwd.c, src/eap_server/eap_server_pwd.c.
- CVE-2015-4143
- CVE-2015-4144
- CVE-2015-4145
- CVE-2015-4146
-- Marc Deslauriers <email address hidden> Mon, 15 Jun 2015 10:32:33 -0400
-
wpa (2.1-0ubuntu7.1) vivid-security; urgency=medium
* SECURITY UPDATE: memcpy overflow in P2P functionality
- debian/patches/CVE-2015-1863.patch: validate SID element length in
src/p2p/p2p.c.
- CVE-2015-1863
-- Marc Deslauriers <email address hidden> Mon, 20 Apr 2015 13:42:02 -0400
-
wpa (2.1-0ubuntu7) vivid; urgency=medium
Cherry-pick from Debian svn:
* Add wpasupplicant_fix-systemd-unit-dependencies.patch: Fix systemd unit
dependencies for wpasupplicant, it needs to be started before the network
target (Closes: 780552, LP: #1431774).
-- Martin Pitt <email address hidden> Fri, 27 Mar 2015 14:07:35 +0100
-
wpa (2.1-0ubuntu6) vivid; urgency=medium
* debian/patches/dbus-available-sta.patch: Make the list of connected
stations available on DBus for hotspot mode; along with some of the
station properties, such as rx/tx packets, bytes, capabilities, etc.
-- Mathieu Trudel-Lapierre <email address hidden> Fri, 19 Dec 2014 13:29:30 -0500
-
wpa (2.1-0ubuntu5) vivid; urgency=medium
* debian/patches/android_hal_fw_path_change.patch: add a DBus method for
requesting a firmware change when working with the Android HAL; this is
used to set a device in P2P or AP mode; conditional to CONFIG_ANDROID_HAL
being enabled.
* debian/config/wpasupplicant/linux: enable CONFIG_ANDROID_HAL.
* debian/control: Build-Depends on android-headers to get the required wifi
headers for the HAL support.
-- Mathieu Trudel-Lapierre <email address hidden> Mon, 08 Dec 2014 21:05:25 -0500
-
wpa (2.1-0ubuntu4) utopic; urgency=medium
* SECURITY UPDATE: arbitrary command execution via unsanitized string
passed to action scripts by wpa_cli and hostapd_cli
- debian/patches/CVE-2014-3686.patch: added os_exec() helper to
src/utils/os.h, src/utils/os_unix.c, src/utils/os_win32.c,
use instead of system() in wpa_supplicant/wpa_cli.c,
hostapd/hostapd_cli.c.
- CVE-2014-3686
-- Marc Deslauriers <email address hidden> Fri, 10 Oct 2014 09:15:39 -0400