[ubuntu/wily-proposed] wpa 2.1-0ubuntu8 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Tue Jun 16 12:11:14 UTC 2015
wpa (2.1-0ubuntu8) wily; urgency=medium
* SECURITY UPDATE: memcpy overflow in P2P functionality
- debian/patches/CVE-2015-1863.patch: validate SID element length in
src/p2p/p2p.c.
- CVE-2015-1863
* SECURITY UPDATE: denial of service via WPS UPnP
- debian/patches/CVE-2015-4141.patch: check chunk size in
src/wps/httpread.c.
- CVE-2015-4141
* SECURITY UPDATE: denial of service via AP mode WMM Action frame
- debian/patches/CVE-2015-4142.patch: check length in src/ap/wmm.c.
- CVE-2015-4142
* SECURITY UPDATE: denial of service via EAP-pwd
- debian/patches/CVE-2015-4143-4146.patch: check lengths in
src/eap_peer/eap_pwd.c, src/eap_server/eap_server_pwd.c.
- CVE-2015-4143
- CVE-2015-4144
- CVE-2015-4145
- CVE-2015-4146
Date: Mon, 15 Jun 2015 10:21:54 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu8
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 15 Jun 2015 10:21:54 -0400
Source: wpa
Binary: hostapd wpagui wpasupplicant wpasupplicant-udeb
Architecture: source
Version: 2.1-0ubuntu8
Distribution: wily
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
hostapd - user space IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authentica
wpagui - graphical user interface for wpa_supplicant
wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i)
wpasupplicant-udeb - Client support for WPA and WPA2 (IEEE 802.11i) (udeb)
Changes:
wpa (2.1-0ubuntu8) wily; urgency=medium
.
* SECURITY UPDATE: memcpy overflow in P2P functionality
- debian/patches/CVE-2015-1863.patch: validate SID element length in
src/p2p/p2p.c.
- CVE-2015-1863
* SECURITY UPDATE: denial of service via WPS UPnP
- debian/patches/CVE-2015-4141.patch: check chunk size in
src/wps/httpread.c.
- CVE-2015-4141
* SECURITY UPDATE: denial of service via AP mode WMM Action frame
- debian/patches/CVE-2015-4142.patch: check length in src/ap/wmm.c.
- CVE-2015-4142
* SECURITY UPDATE: denial of service via EAP-pwd
- debian/patches/CVE-2015-4143-4146.patch: check lengths in
src/eap_peer/eap_pwd.c, src/eap_server/eap_server_pwd.c.
- CVE-2015-4143
- CVE-2015-4144
- CVE-2015-4145
- CVE-2015-4146
Checksums-Sha1:
436b7af004ea9f417a2afdcabbf7962895d26ddf 2654 wpa_2.1-0ubuntu8.dsc
55ea7de7ec24fe2f2e0692ab51de5b80d306d5a8 82896 wpa_2.1-0ubuntu8.debian.tar.xz
Checksums-Sha256:
958dd0716371ed0e77a75a538d2ff750be5254a3c6daa4cece9f7d95a8711159 2654 wpa_2.1-0ubuntu8.dsc
6ce3c963992f6d19cbfe52788a8b90084d4f839e743df5f05cf051b790359573 82896 wpa_2.1-0ubuntu8.debian.tar.xz
Files:
4d6f28be32fbc06609521c67ee54928e 2654 net optional wpa_2.1-0ubuntu8.dsc
3c9bcf04558bec877e8247891d965837 82896 net optional wpa_2.1-0ubuntu8.debian.tar.xz
Original-Maintainer: Debian/Ubuntu wpasupplicant Maintainers <pkg-wpa-devel at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJVfuggAAoJEGVp2FWnRL6TAZwP/2l4I+1lNpOVZiO6eoT7P48B
rteAgbA9emhBu66xbYu8fFBy/EUPdzPW/5kTOOo00uQ+qVZsW3nvxRIePMEHO5AJ
SlBrBah3JOPQjrJ6djy4ckkGXGFC0BofD2rwDfcoEGCkip1EH+zoDvqL1S+5zIwy
AGVYObFmj+qURiBEu+cMqpzcQ4pEwdxd1axt21G48N8IMk3fAEGVJUqNMx5JmenN
bTCe5ehBC9sY8/Z57gVtB1H53AMfyBXz+rVjpU4FuHk1VfsZbrmBvA7Oy/LtqxFy
wAojKysLj8CwUnDj5rQwWYPgpUJBJDNRQkCFS1DiNDxXrMLxCG5hG53ovq4pXqu5
XKzbasmW9WHq9RMVGVlVTOPnoshelsEvXmxtUd8WWE8ZlmfppAkUyEU78F2WNmxh
nbKFiBF/KTZNIo/PTxxPlfFUHbwxr20bM3BK7ey0/6ZEzV+rktRvuySCj0YOPY2Y
Pf1hJ7HLLyyiJ5bnFCRcw+zOwGlB0u3/l9GmfIZiTjQOKPeoG/TysUu33BC/Z9gr
NPGnnD68Q25l5FzglLuW7RSa+N8N0LhzQfMJmV33PfLCkRvOuFdCnisREcggeLyw
GSn+TuwrOLjRkLX3sGdMm5+4w/QKIxOYrAHWNoVlQsndHAX+SyOX0ZRqas/xLZDt
WXDj4M2ogWFZw7P/GLMI
=v1Tn
-----END PGP SIGNATURE-----
More information about the Wily-changes
mailing list