-
wpa (2.4-0ubuntu3.2) wily-security; urgency=medium
* SECURITY UPDATE: unauthorized WNM Sleep Mode GTK control
- debian/patches/CVE-2015-5310.patch: Ignore Key Data in WNM Sleep Mode
Response frame if no PMF in use in wpa_supplicant/wnm_sta.c.
- CVE-2015-5310
* SECURITY UPDATE: EAP-pwd missing last fragment length validation
- debian/patches/CVE-2015-5315-1.patch: Fix last fragment length
validation in src/eap_peer/eap_pwd.c.
- debian/patches/CVE-2015-5315-2.patch: Fix last fragment length
validation in src/eap_server/eap_server_pwd.c.
- CVE-2015-5315
* SECURITY UPDATE: EAP-pwd peer error path failure on unexpected Confirm
message
- debian/patches/CVE-2015-5316.patch: fix error path in
src/eap_peer/eap_pwd.c.
- CVE-2015-5316
* This package does _not_ contain the changes from 2.4-0ubuntu3.1 in
wily-proposed.
-- Marc Deslauriers <email address hidden> Mon, 09 Nov 2015 06:52:23 -0600
-
wpa (2.4-0ubuntu3.1) wily-proposed; urgency=medium
* Add debian/system-sleep/wpasupplicant: Call wpa_cli suspend/resume
before/after suspend, like the pm-utils hook. In some cases this brings
back missing Wifi connection after resuming. (LP: #1422143)
-- Martin Pitt <email address hidden> Mon, 26 Oct 2015 14:24:30 +0100
-
wpa (2.4-0ubuntu3) wily; urgency=medium
* debian/patches/dbus-fix-operations-for-p2p-mgmt.patch: fix operations
when P2P management interface is used (LP: #1482439)
-- Ricardo Salveti de Araujo <email address hidden> Wed, 07 Oct 2015 10:21:39 -0300
-
wpa (2.4-0ubuntu2) wily; urgency=medium
* debian/config/wpasupplicant/linux:
- Reduce the delta to Debian by removing the double setting of CONFIG_AP
and CONFIG_P2P. The only actual delta is CONFIG_ANDROID_HAL.
-- Timo Jyrinki <email address hidden> Mon, 03 Aug 2015 22:03:51 +0300
-
wpa (2.4-0ubuntu1) wily; urgency=medium
* New upstream release.
* Merge with Debian unstable; remaining changes:
- debian/patches/session-ticket.patch: disable the TLS Session Ticket
extension to fix auth with 802.1x PEAP on some hardware.
- debian/patches/android_hal_fw_path_change.patch: add a DBus method for
requesting a firmware change when working with the Android HAL; this is
used to set a device in P2P or AP mode; conditional to CONFIG_ANDROID_HAL
being enabled.
- debian/config/wpasupplicant/linux: enable CONFIG_ANDROID_HAL.
- debian/control: Build-Depends on android-headers to get the required wifi
headers for the HAL support.
- debian/patches/dbus-available-sta.patch: Make the list of connected
stations available on DBus for hotspot mode; along with some of the
station properties, such as rx/tx packets, bytes, capabilities, etc.
- debian/patches/CVE-2015-4141.patch: check chunk size: src/wps/httpread.c
- CVE-2015-4141
- debian/patches/CVE-2015-4142.patch: check length in src/ap/wmm.c.
- CVE-2015-4142
- debian/patches/CVE-2015-4143-4146.patch: check lengths in
src/eap_peer/eap_pwd.c, src/eap_server/eap_server_pwd.c.
- CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-4146
- debian/config/wpasupplicant/linux:
- Enable CONFIG_AP_MODE (AP mode support) (LP: #1209511).
- Enable CONFIG_P2P (Wi-Fi Direct support).
* debian/patches/wpa_supplicant-MACsec-fix-build-failure-for-IEEE8021.patch,
debian/patches/include-ieee802_11_common.c-in-wpa_supplicant-build-.patch,
d/p/hostapd_fix-hostapd-operation-without-hw_mode-driver-data.patch:
dropped patches included upstream.
* Refreshed all patches.
-- Mathieu Trudel-Lapierre <email address hidden> Mon, 27 Jul 2015 17:29:24 -0400
-
wpa (2.1-0ubuntu8) wily; urgency=medium
* SECURITY UPDATE: memcpy overflow in P2P functionality
- debian/patches/CVE-2015-1863.patch: validate SID element length in
src/p2p/p2p.c.
- CVE-2015-1863
* SECURITY UPDATE: denial of service via WPS UPnP
- debian/patches/CVE-2015-4141.patch: check chunk size in
src/wps/httpread.c.
- CVE-2015-4141
* SECURITY UPDATE: denial of service via AP mode WMM Action frame
- debian/patches/CVE-2015-4142.patch: check length in src/ap/wmm.c.
- CVE-2015-4142
* SECURITY UPDATE: denial of service via EAP-pwd
- debian/patches/CVE-2015-4143-4146.patch: check lengths in
src/eap_peer/eap_pwd.c, src/eap_server/eap_server_pwd.c.
- CVE-2015-4143
- CVE-2015-4144
- CVE-2015-4145
- CVE-2015-4146
-- Marc Deslauriers <email address hidden> Mon, 15 Jun 2015 10:21:54 -0400
-
wpa (2.1-0ubuntu7) vivid; urgency=medium
Cherry-pick from Debian svn:
* Add wpasupplicant_fix-systemd-unit-dependencies.patch: Fix systemd unit
dependencies for wpasupplicant, it needs to be started before the network
target (Closes: 780552, LP: #1431774).
-- Martin Pitt <email address hidden> Fri, 27 Mar 2015 14:07:35 +0100
