Debian Package Tracker

From: Salvatore Bonaccorso <carnil@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted wpa 2.3-1+deb8u2 (source) into proposed-updates->stable-new, proposed-updates
Date: Sun, 15 Nov 2015 22:47:12 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 31 Oct 2015 10:07:44 +0100
Source: wpa
Binary: hostapd wpagui wpasupplicant wpasupplicant-udeb
Architecture: source
Version: 2.3-1+deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Debian wpasupplicant Maintainers <pkg-wpa-devel@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 787371 787372 787373 795740
Description: 
 hostapd    - IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator
 wpagui     - graphical user interface for wpa_supplicant
 wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i)
 wpasupplicant-udeb - Client support for WPA and WPA2 (IEEE 802.11i) (udeb)
Changes:
 wpa (2.3-1+deb8u2) jessie-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Add patch to address CVE-2015-4141.
     CVE-2015-4141: WPS UPnP vulnerability with HTTP chunked transfer
     encoding. (Closes: #787372)
   * Add patch to address CVE-2015-4142.
     CVE-2015-4142: Integer underflow in AP mode WMM Action frame processing.
     (Closes: #787373)
   * Add patches to address CVE-2015-414{3,4,5,6}
     CVE-2015-4143 CVE-2015-4144 CVE-2015-4145 CVE-2015-4146: EAP-pwd missing
     payload length validation. (Closes: #787371)
   * Add patch to address 2015-5 vulnerability.
     NFC: Fix payload length validation in NDEF record parser (Closes: #795740)
   * Add patch to address CVE-2015-5310.
     CVE-2015-5310: wpa_supplicant unauthorized WNM Sleep Mode GTK control.
Checksums-Sha1: 
 2bd8c477e68b3e50fe985ef04c86d1edf199a885 2496 wpa_2.3-1+deb8u2.dsc
 ce5177ea6587fe13dfb6626b5c54a99d86d990d5 79656 wpa_2.3-1+deb8u2.debian.tar.xz
Checksums-Sha256: 
 81ece78630a18b622e00c98bd8080be0dbe624a9a717850d61d156a8d4923763 2496 wpa_2.3-1+deb8u2.dsc
 214421d0ff41ebe0ad8f0564ecbbfde7aaf8fb92a49d69d2ba6eb38611dbaf5f 79656 wpa_2.3-1+deb8u2.debian.tar.xz
Files: 
 8f7361599ef95fdea887d17766903b76 2496 net optional wpa_2.3-1+deb8u2.dsc
 e5b886814e66c4b2ab08005385dd8ee4 79656 net optional wpa_2.3-1+deb8u2.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJWNIoDAAoJEAVMuPMTQ89ER4kP/iVsz/89JxxQfJvuTJijQclo
3m1T6+ZkG1QopVYZJTruAsHo6l5gvYccVgqTmXKO6n7ZgFlw/DA14qZK/tOFLJdi
D4EZNIG3e42aNMkB6Z0NtgfixkIiemh6gzCEvix/WOAbiUUkhgTOyZaCRGXIiJ+1
pbsztfP8CnNYwd2nuaCgWMZAijAGVs++NrSpXoJ0qB7HZ9VsbDJpW1DFNNrxqq9c
0nk+tcCJRw6VebdW6Li7jY1I1fuI0rjvCUQnexUg/UVyR/TxW0iI74zQwHeS+w8t
QurvTIJSM6dZs2Yg/jq8kCh7NPVvluO8rSP7cV4oseObBObhnBPBwANdi3xNehx+
zU2d3H+Yuj2SGcaZl6I9y/LdqduqNSdDa8pHpui7ABltMxLqQqloCs2bZ8XUQZVQ
59ydcVqPAgweWD13NcRpMraMre8RRIyDYniiE4SNr6meZ/SB6PWCtPffE6zAMBnU
sPYN3CNxlZ923X9dfFn5yz7VqAG6RhMaNHdcSz3MKwabEfREfSb5XGTlB3ARn0ga
gJGRNzqvgdCfvojKueb5ZCf/IklaJeaoQa7i/DTYegcBtTa1GvbMqwxRIQKApn8H
cw1cp97rs/C/0ufghv7+oJkMCqzH/1k7619T5YrBPP+26DrhDx1eABC/TuHAJKm6
lHKO7uSj3QmCAcGqZkge
=HCUC
-----END PGP SIGNATURE-----
News for package wpa
