Debian Package Tracker

From: Andrew Shadura <andrewsh@debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted wpa 2.3-2.4 (source) into unstable
Date: Thu, 21 Jul 2016 18:56:31 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 21 Jul 2016 09:01:51 +0200
Source: wpa
Binary: hostapd wpagui wpasupplicant wpasupplicant-udeb
Architecture: source
Version: 2.3-2.4
Distribution: unstable
Urgency: medium
Maintainer: Debian wpasupplicant Maintainers <pkg-wpa-devel@lists.alioth.debian.org>
Changed-By: Andrew Shadura <andrewsh@debian.org>
Description:
 hostapd    - IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator
 wpagui     - graphical user interface for wpa_supplicant
 wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i)
 wpasupplicant-udeb - Client support for WPA and WPA2 (IEEE 802.11i) (udeb)
Closes: 823411
Changes:
 wpa (2.3-2.4) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Add patches to address CVE-2016-4476 and CVE-2016-4477, thanks to
     Salvatore Bonaccorso <carnil@debian.org> (Closes: #823411):
     - WPS: Reject a Credential with invalid passphrase
     - Reject psk parameter set with invalid passphrase character
     - Remove newlines from wpa_supplicant config network output
     - Reject SET_CRED commands with newline characters in the string values
     - Reject SET commands with newline characters in the string values
   * Refresh patches to apply cleanly.
Checksums-Sha1:
 c711bba7b10cf7ee22802ba7787d084665db7ebc 2096 wpa_2.3-2.4.dsc
 4c849f528a04882a986e1972cddd98f04bad0c08 89572 wpa_2.3-2.4.debian.tar.xz
Checksums-Sha256:
 60b0a1e00cefd1e504a648f02942379f513ce55585c3408d87969847b3c8497c 2096 wpa_2.3-2.4.dsc
 f64d2bb4f4bcd1023e69edfb24b3b94d590f3923055943393fa7452c2e851c1b 89572 wpa_2.3-2.4.debian.tar.xz
Files:
 1192fab635a6d1c219289e95b3984645 2096 net optional wpa_2.3-2.4.dsc
 6a1659ea9519e0fd280922c8c23f2854 89572 net optional wpa_2.3-2.4.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJXkRc1AAoJEJ1bI/kYT6UUfPAH/AppxW4Vf2X7o3e12KCEHGjf
6FUy5I8Y+8RbEZ65uXp2Xo4jPKkwT9EN8LPcDetlYBavAfz2Fx8+CXt8PrVJFFxu
aqEz6yit4PyddJl1oZgYMRadGLPTMnuPoflGxzaCu/sWDokJdrhkwmnzFQVsQOGA
6f+LDT+qBlx0Y5KVeazVMvwplHOsx/xtG+k4Of8VZEbfyg8e/CocONfQ7CIc+Xzt
XoKMKFuwpZUzj/0O9u4KJuqkr6p9HtWecIpMEJqImIFd0zj5HxYtpD4s8JSf/Zhm
0ew+c1zOmyAqfFcvRw1FMkt0BULx9h94QZuQ5lS9xf5PFohYrIOvYEc/P7I2PNY=
=A2pg
-----END PGP SIGNATURE-----
News for package wpa
