[ubuntu/bionic-proposed] wpa 2:2.6-15ubuntu1 (Accepted)
Julian Andres Klode
juliank at ubuntu.com
Thu Jan 18 18:52:13 UTC 2018
wpa (2:2.6-15ubuntu1) bionic; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/patches/wpa_service_ignore-on-isolate.patch: add
IgnoreOnIsolate=yes so that when switching "runlevels" in oem-config
will not kill off wpa and cause wireless to be unavailable on first
boot.
- debian/patches/session-ticket.patch: disable the TLS Session Ticket
extension to fix auth with 802.1x PEAP on some hardware.
- debian/patches/android_hal_fw_path_change.patch: add a DBus method
for requesting a firmware change when working with the Android HAL;
this is used to set a device in P2P or AP mode; conditional to
CONFIG_ANDROID_HAL being enabled.
- debian/config/wpasupplicant/linux: enable CONFIG_ANDROID_HAL.
- debian/control: Build-Depends on android-headers to get the required
wifi headers for the HAL support.
- debian/patches/dbus-available-sta.patch: Make the list of connected
stations available on DBus for hotspot mode; along with some of the
station properties, such as rx/tx packets, bytes, capabilities, etc.
* Updated debian/patches/dbus-available-sta.patch for new getter API
and refreshed other patches.
wpa (2:2.6-15) unstable; urgency=medium
* Update debian/control:
- Update Maintainer field to point to $package at packages.debian.org
- Update Vcs-* fields to point to salsa.d.o
- Drop no longer active uploaders.
wpa (2:2.6-14) unstable; urgency=medium
* Replace the PEM fix patch by Lukasz Siudut with an upstream patch.
Thanks to David Benjamin <davidben at google.com>.
* Apply patches from Beniamino Galvani:
- Fix race condition in detecting MAC address change
- Update MAC address when driver detects a change
* Disable WNM to resolve a compatibility issue with wl.
Thanks to YOSHINO Yoshihito <yy.y.ja.jp at gmail.com>.
Hopefully really closes: #833507.
wpa (2:2.6-13) unstable; urgency=medium
* Fix a typo in functions.sh (Closes: #883659).
wpa (2:2.6-12) unstable; urgency=medium
* Add wl to the blacklist for MAC randomisation. (Closes: #833507)
* Blacklist an out-of-tree driver for Realtek RTL8188EU too.
wpa (2:2.6-11) unstable; urgency=medium
* Unbreak EAP-TLS.
Thanks to Dmitry Borodaenko <angdraug at debian.org>
wpa (2:2.6-10) unstable; urgency=medium
* Mask hostapd every time it has no valid configuration.
wpa (2:2.6-9) unstable; urgency=medium
* Tell NetworkManager to not touch MAC addresses on unsupported drivers.
Hopefully, this will fix #849077.
wpa (2:2.6-8) unstable; urgency=medium
* Revert "Build wpa_supplicant with interface matching support."
(Closes: #882716).
* Drop override_dh_builddeb.
* Use dh 10.
* Prevent hostapd from failing on the package install when there
isn't a valid configuration file yet (Closes: #882740):
- Don't enable hostapd.service by default.
- Mask hostapd.service on the first install.
wpa (2:2.6-7) unstable; urgency=medium
* Upload to unstable.
* Optional AP side workaround for key reinstallation attacks (LP: #1730399).
wpa (2:2.6-6) experimental; urgency=medium
[ Reiner Herrmann ]
* Port wpa_gui to Qt5 (Closes: #875233).
[ Andrew Shadura ]
* Add a service file for hostapd.
* Build wpa_supplicant with interface matching support (Closes: #879208).
[ Benedikt Wildenhain (BO) ]
* Install wpa_supplicant-wired at .service (Closes: #871488).
[ Jan-Benedict Glaw ]
* Consider all ifupdown configuration, not only /etc/network/interfaces
(Closes: #853293).
wpa (2:2.6-5) experimental; urgency=medium
[ Yves-Alexis Perez ]
* Fix multiple issues in WPA protocol (CVE-2017-13077, CVE-2017-13078,
CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,
CVE-2017-13086, CVE-2017-13087, CVE-2017-13088):
- hostapd: Avoid key reinstallation in FT handshake
- Prevent reinstallation of an already in-use group key
- Extend protection of GTK/IGTK reinstallation of
- Fix TK configuration to the driver in EAPOL-Key 3/4
- Prevent installation of an all-zero TK
- Fix PTK rekeying to generate a new ANonce
- TDLS: Reject TPK-TK reconfiguration
- WNM: Ignore WNM-Sleep Mode Response if WNM-Sleep Mode
- WNM: Ignore WNM-Sleep Mode Response without pending
- FT: Do not allow multiple Reassociation Response frames
- TDLS: Ignore incoming TDLS Setup Response retries
wpa (2:2.6-4) experimental; urgency=medium
* Upload to experimental.
* Bump the epoch to 2:, as the upload to unstable had to bump epoch.
Date: Thu, 18 Jan 2018 19:47:17 +0100
Changed-By: Julian Andres Klode <juliank at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/wpa/2:2.6-15ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 18 Jan 2018 19:47:17 +0100
Source: wpa
Binary: hostapd wpagui wpasupplicant wpasupplicant-udeb
Architecture: source
Version: 2:2.6-15ubuntu1
Distribution: bionic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Julian Andres Klode <juliank at ubuntu.com>
Description:
hostapd - IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator
wpagui - graphical user interface for wpa_supplicant
wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i)
wpasupplicant-udeb - Client support for WPA and WPA2 (IEEE 802.11i) (udeb)
Closes: 833507 853293 871488 875233 879208 882716 882740 883659
Launchpad-Bugs-Fixed: 1730399
Changes:
wpa (2:2.6-15ubuntu1) bionic; urgency=low
.
* Merge from Debian unstable. Remaining changes:
- debian/patches/wpa_service_ignore-on-isolate.patch: add
IgnoreOnIsolate=yes so that when switching "runlevels" in oem-config
will not kill off wpa and cause wireless to be unavailable on first
boot.
- debian/patches/session-ticket.patch: disable the TLS Session Ticket
extension to fix auth with 802.1x PEAP on some hardware.
- debian/patches/android_hal_fw_path_change.patch: add a DBus method
for requesting a firmware change when working with the Android HAL;
this is used to set a device in P2P or AP mode; conditional to
CONFIG_ANDROID_HAL being enabled.
- debian/config/wpasupplicant/linux: enable CONFIG_ANDROID_HAL.
- debian/control: Build-Depends on android-headers to get the required
wifi headers for the HAL support.
- debian/patches/dbus-available-sta.patch: Make the list of connected
stations available on DBus for hotspot mode; along with some of the
station properties, such as rx/tx packets, bytes, capabilities, etc.
* Updated debian/patches/dbus-available-sta.patch for new getter API
and refreshed other patches.
.
wpa (2:2.6-15) unstable; urgency=medium
.
* Update debian/control:
- Update Maintainer field to point to $package at packages.debian.org
- Update Vcs-* fields to point to salsa.d.o
- Drop no longer active uploaders.
.
wpa (2:2.6-14) unstable; urgency=medium
.
* Replace the PEM fix patch by Lukasz Siudut with an upstream patch.
Thanks to David Benjamin <davidben at google.com>.
* Apply patches from Beniamino Galvani:
- Fix race condition in detecting MAC address change
- Update MAC address when driver detects a change
* Disable WNM to resolve a compatibility issue with wl.
Thanks to YOSHINO Yoshihito <yy.y.ja.jp at gmail.com>.
Hopefully really closes: #833507.
.
wpa (2:2.6-13) unstable; urgency=medium
.
* Fix a typo in functions.sh (Closes: #883659).
.
wpa (2:2.6-12) unstable; urgency=medium
.
* Add wl to the blacklist for MAC randomisation. (Closes: #833507)
* Blacklist an out-of-tree driver for Realtek RTL8188EU too.
.
wpa (2:2.6-11) unstable; urgency=medium
.
* Unbreak EAP-TLS.
Thanks to Dmitry Borodaenko <angdraug at debian.org>
.
wpa (2:2.6-10) unstable; urgency=medium
.
* Mask hostapd every time it has no valid configuration.
.
wpa (2:2.6-9) unstable; urgency=medium
.
* Tell NetworkManager to not touch MAC addresses on unsupported drivers.
Hopefully, this will fix #849077.
.
wpa (2:2.6-8) unstable; urgency=medium
.
* Revert "Build wpa_supplicant with interface matching support."
(Closes: #882716).
* Drop override_dh_builddeb.
* Use dh 10.
* Prevent hostapd from failing on the package install when there
isn't a valid configuration file yet (Closes: #882740):
- Don't enable hostapd.service by default.
- Mask hostapd.service on the first install.
.
wpa (2:2.6-7) unstable; urgency=medium
.
* Upload to unstable.
* Optional AP side workaround for key reinstallation attacks (LP: #1730399).
.
wpa (2:2.6-6) experimental; urgency=medium
.
[ Reiner Herrmann ]
* Port wpa_gui to Qt5 (Closes: #875233).
.
[ Andrew Shadura ]
* Add a service file for hostapd.
* Build wpa_supplicant with interface matching support (Closes: #879208).
.
[ Benedikt Wildenhain (BO) ]
* Install wpa_supplicant-wired at .service (Closes: #871488).
.
[ Jan-Benedict Glaw ]
* Consider all ifupdown configuration, not only /etc/network/interfaces
(Closes: #853293).
.
wpa (2:2.6-5) experimental; urgency=medium
.
[ Yves-Alexis Perez ]
* Fix multiple issues in WPA protocol (CVE-2017-13077, CVE-2017-13078,
CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,
CVE-2017-13086, CVE-2017-13087, CVE-2017-13088):
- hostapd: Avoid key reinstallation in FT handshake
- Prevent reinstallation of an already in-use group key
- Extend protection of GTK/IGTK reinstallation of
- Fix TK configuration to the driver in EAPOL-Key 3/4
- Prevent installation of an all-zero TK
- Fix PTK rekeying to generate a new ANonce
- TDLS: Reject TPK-TK reconfiguration
- WNM: Ignore WNM-Sleep Mode Response if WNM-Sleep Mode
- WNM: Ignore WNM-Sleep Mode Response without pending
- FT: Do not allow multiple Reassociation Response frames
- TDLS: Ignore incoming TDLS Setup Response retries
.
wpa (2:2.6-4) experimental; urgency=medium
.
* Upload to experimental.
* Bump the epoch to 2:, as the upload to unstable had to bump epoch.
Checksums-Sha1:
ec52518bba8ac1a8a92d857d004d016a97074e36 2520 wpa_2.6-15ubuntu1.dsc
ab85ae8b6a36ae063537c1bd253742b9950c7a37 2009476 wpa_2.6.orig.tar.xz
117efe22039e613f280995fb88f55c5b9204801a 105300 wpa_2.6-15ubuntu1.debian.tar.xz
d5a22480bd69c2d40c8cc7a77bb041cd4040aa65 14663 wpa_2.6-15ubuntu1_source.buildinfo
Checksums-Sha256:
3e497b619471464face4fe983fbc149fe838194ee957512630859d8be2b7f0d5 2520 wpa_2.6-15ubuntu1.dsc
4492629ea15c9b571ac5e41679dca6703a25b637828272a0e72f3349dd1b4eac 2009476 wpa_2.6.orig.tar.xz
d6059b280c5e858b1c5f12fd25d1ee82908d79408ba9230695fc008b59397019 105300 wpa_2.6-15ubuntu1.debian.tar.xz
f58140408096422314c89bd9ffaca45ea107f6dced2d3e442318ba69b7a18e12 14663 wpa_2.6-15ubuntu1_source.buildinfo
Files:
c89e5ace15a4d678563c192db59115ff 2520 net optional wpa_2.6-15ubuntu1.dsc
a4f338bb230895a03182d59222e79a87 2009476 net optional wpa_2.6.orig.tar.xz
433a783d9809b97dab835f05fac52be8 105300 net optional wpa_2.6-15ubuntu1.debian.tar.xz
c8b06ceddaf2d7b84c4b825c57d6d7a0 14663 net optional wpa_2.6-15ubuntu1_source.buildinfo
Original-Maintainer: Debian wpasupplicant Maintainers <wpa at packages.debian.org>
-----BEGIN PGP SIGNATURE-----
iQJDBAEBCgAtFiEEzeVhi4gF/W4gLOnC1zw55WWAs4YFAlpg7FsPHGpha0BkZWJp
YW4ub3JnAAoJENc8OeVlgLOGHdsP/iMCh1B9dlT1eJDipaUz1XJ7rrBjbMEA4bDX
4nceKNZLVcGgcjTqNZzKnflXn9uUrfcXtw7Ybf3k71Bi6iC2dPNbtJd1J9CZu3dS
BAawymheJq2h43sr/k/YvmR7IT0iAhR2TBVTwtsYEEUdpgcz+DqhlHagKYmGOoo3
IRICGlCYTBNOhOwrSHhwpJzTuA6B9X0NUqVrlb/0gzZxpgDnIN2R0uwBXfqwtOqq
PYd3V4mxmad66xtjVJjlUUmk8WT0VulA49p9mhO+4Zn6vQuF/ONGAziu0T2qzKQU
nClbA0c7DPqhBG8aW8P9k9BG1Bu1vYBhsdImpJm9RaDL9YuAWLqKH/ryB72ugFxu
sccAa9ESMiPUdDBEL6WrIBh38mzhlyTAlrvPfLnWg9h2b9R+PaHj6ftsyvymIsr7
3R+AnPSy+3FI/YeUQGJeEAwprKWagxPHWUFpaYURHKrGzbEhEwab23tS4rGoH5Fl
PDi/9mxnh2kGVjz6G6FNX06QvbhoBb7bmYe/ed+WkRt2gfJH27J4PVK3rLZfSEJC
bSbq6rG6mgANXua6sZ4ERE59qGVu2rudXuFxChoZeNhv/GPNTPeHjowSKQ/LjgLa
f94E6tOBbvJv1T0Ro+QJwSuPWD9hj6aTWUMhsJljJ1yXq4eN2pCXjjE3/ph7iAfn
u7ArBkFp
=QSkB
-----END PGP SIGNATURE-----
More information about the Bionic-changes
mailing list