[ubuntu/eoan-proposed] wpa 2:2.6-21ubuntu4 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Wed May 1 14:33:16 UTC 2019
wpa (2:2.6-21ubuntu4) eoan; urgency=medium
* SECURITY UPDATE: EAP-pwd DoS via unexpected fragment
- debian/patches/CVE-2019-11555-1.patch: fix reassembly buffer handling
in src/eap_server/eap_server_pwd.c.
- debian/patches/CVE-2019-11555-2.patch: fix reassembly buffer handling
in src/eap_peer/eap_pwd.c.
- CVE-2019-11555
Date: Wed, 01 May 2019 09:52:58 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/wpa/2:2.6-21ubuntu4
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 01 May 2019 09:52:58 -0400
Source: wpa
Architecture: source
Version: 2:2.6-21ubuntu4
Distribution: eoan
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
wpa (2:2.6-21ubuntu4) eoan; urgency=medium
.
* SECURITY UPDATE: EAP-pwd DoS via unexpected fragment
- debian/patches/CVE-2019-11555-1.patch: fix reassembly buffer handling
in src/eap_server/eap_server_pwd.c.
- debian/patches/CVE-2019-11555-2.patch: fix reassembly buffer handling
in src/eap_peer/eap_pwd.c.
- CVE-2019-11555
Checksums-Sha1:
1146920d707aa2de5135944813226109d69fbfed 2499 wpa_2.6-21ubuntu4.dsc
a5a844a445a450424dba7536af34d3e3aed525e8 123824 wpa_2.6-21ubuntu4.debian.tar.xz
8a70a05114e29f774c363611d771d9fc2a296940 13433 wpa_2.6-21ubuntu4_source.buildinfo
Checksums-Sha256:
fe750ebb362265ffdb20b086270c26cad47c6fb9579e9100dd933e32b123a10a 2499 wpa_2.6-21ubuntu4.dsc
d1a82f208456cc9a3d549b5bc47d54c2b6b6c4951cf5d5a865ec10aa97689835 123824 wpa_2.6-21ubuntu4.debian.tar.xz
b712211c310388727c6b75fb3166c98272f62fc24008465decb62f8c350b775d 13433 wpa_2.6-21ubuntu4_source.buildinfo
Files:
1cb2cd3455a4b58d658d6f71f2cc5bd4 2499 net optional wpa_2.6-21ubuntu4.dsc
efef749a4bd2158281ddcd9fc23f9cd4 123824 net optional wpa_2.6-21ubuntu4.debian.tar.xz
eefaf4245fd657763d0ba43654129801 13433 net optional wpa_2.6-21ubuntu4_source.buildinfo
Original-Maintainer: Debian wpasupplicant Maintainers <wpa at packages.debian.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlzJq0EACgkQZWnYVadE
vpPbghAAiIE6H3GB8YDLP+62lfdCCMGZJ6J+W1/VreomBApyB7VQ06l1oL//uFWW
vKvDszsJ0QONHkyVqzddGT+w9bfGpd5NGxrC+3gE6FviMY5mPzs10TdYhYCL2lHB
kqKMY4Q2gtERO5ocZVYGB/w44pONSDuNlu3epfa3xpgVUbwE4bPUUST742WxmhCB
ZQ/JXmzTaLl3Wx/h1GivwHnNEfOdzfs5zdjw7fNshdHE2nfopBxEcMy1KgOpUqkc
WyPa1KA1XRouP/6dhZlQO6okaWxA9x+EHVDHLDztPAzrOX//PCYk4EsFym/yIfyd
FE2+9TAvs9O2UrwbezUdbZksJTiHRYkP9ydTEFYXIMp3oJ8L1xj8sLmUW2XWs586
DXDsALrfrQV3DCBdPIOpc9c/BEi5P+CWbvr0FImssyqQiUXYvwKGdT2lffynIFnW
wJl5sU4CcMlUs1Dq4fzeeYx4q5su06M59I2DA48D17BaaDpX/QFc7QQ/9+pa1yL2
rnHmMdUqenYudQ14aQj838jlruAubsQ52W6SOmNgCs9ov2iqjpMHnpydX/B5+Tg0
b/L1AsaYtSH5mzWe1izx3MROQJB3rtMgO8q+MF7qQhn38PQprjo++RBqYbsl1LUQ
s/+CJpSczUeXlY/OmdBB5DQOEZKCDA9TA7va/uC7BX/azLFPyFc=
=MTD0
-----END PGP SIGNATURE-----
More information about the Eoan-changes
mailing list