[ubuntu/utopic-proposed] wpa 2.1-0ubuntu4 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Fri Oct 10 14:50:13 UTC 2014 

wpa (2.1-0ubuntu4) utopic; urgency=medium

  * SECURITY UPDATE: arbitrary command execution via unsanitized string
    passed to action scripts by wpa_cli and hostapd_cli
    - debian/patches/CVE-2014-3686.patch: added os_exec() helper to
      src/utils/os.h, src/utils/os_unix.c, src/utils/os_win32.c,
      use instead of system() in wpa_supplicant/wpa_cli.c,
      hostapd/hostapd_cli.c.
    - CVE-2014-3686

Date: Fri, 10 Oct 2014 09:15:39 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/utopic/+source/wpa/2.1-0ubuntu4
-------------- next part --------------
Format: 1.8
Date: Fri, 10 Oct 2014 09:15:39 -0400
Source: wpa
Binary: hostapd wpagui wpasupplicant wpasupplicant-udeb
Architecture: source
Version: 2.1-0ubuntu4
Distribution: utopic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 hostapd    - user space IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authentica
 wpagui     - graphical user interface for wpa_supplicant
 wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i)
 wpasupplicant-udeb - Client support for WPA and WPA2 (IEEE 802.11i) (udeb)
Changes:
 wpa (2.1-0ubuntu4) utopic; urgency=medium
 .
   * SECURITY UPDATE: arbitrary command execution via unsanitized string
     passed to action scripts by wpa_cli and hostapd_cli
     - debian/patches/CVE-2014-3686.patch: added os_exec() helper to
       src/utils/os.h, src/utils/os_unix.c, src/utils/os_win32.c,
       use instead of system() in wpa_supplicant/wpa_cli.c,
       hostapd/hostapd_cli.c.
     - CVE-2014-3686
Checksums-Sha1:
 b541183d93ebf50f850cfef7ab3dfc058d829e4a 2637 wpa_2.1-0ubuntu4.dsc
 18c58f726722a887bd7a0ae8e6b53490f097f540 74468 wpa_2.1-0ubuntu4.debian.tar.xz
Checksums-Sha256:
 8d575f069c8854c9318814b577e3d687a0cccb2b48310f61d813012edc6f677a 2637 wpa_2.1-0ubuntu4.dsc
 e169356551d093feca6d6cbe9762111abc4fbaaa32b95a8f402af148c31b519c 74468 wpa_2.1-0ubuntu4.debian.tar.xz
Files:
 71e9a100b4839402d36ddda588ac18a0 2637 net optional wpa_2.1-0ubuntu4.dsc
 d0834d1095215364c8ca5396dd1291d2 74468 net optional wpa_2.1-0ubuntu4.debian.tar.xz
Original-Maintainer: Debian/Ubuntu wpasupplicant Maintainers <pkg-wpa-devel at lists.alioth.debian.org>

More information about the Utopic-changes mailing list