-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 16 Oct 2017 10:28:41 +0200 Source: wpa Binary: hostapd wpagui wpasupplicant wpasupplicant-udeb Architecture: source Version: 2:2.4-1.1 Distribution: unstable Urgency: high Maintainer: Debian wpasupplicant Maintainers <pkg-wpa-devel@lists.alioth.debian.org> Changed-By: Yves-Alexis Perez <corsac@debian.org> Description: hostapd - IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator wpagui - graphical user interface for wpa_supplicant wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i) wpasupplicant-udeb - Client support for WPA and WPA2 (IEEE 802.11i) (udeb) Changes: wpa (2:2.4-1.1) unstable; urgency=high . * Non-maintainer upload by the Security Team. * Fix multiple issues in WPA protocol (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088): - hostapd: Avoid key reinstallation in FT handshake - Prevent reinstallation of an already in-use group key - Extend protection of GTK/IGTK reinstallation of - Fix TK configuration to the driver in EAPOL-Key 3/4 - Prevent installation of an all-zero TK - Fix PTK rekeying to generate a new ANonce - TDLS: Reject TPK-TK reconfiguration - WNM: Ignore WNM-Sleep Mode Response if WNM-Sleep Mode - WNM: Ignore WNM-Sleep Mode Response without pending - FT: Do not allow multiple Reassociation Response frames - TDLS: Ignore incoming TDLS Setup Response retries Checksums-Sha1: 33f378c0dfb98916f1f6798e3d4ac26d3b3172a4 2166 wpa_2.4-1.1.dsc e2549c8698fd37a65910bb3fe9b4e0c567c6aad3 95864 wpa_2.4-1.1.debian.tar.xz 877f710a4fd6c75769c6b8e6ceb294dc6cb54766 11263 wpa_2.4-1.1_amd64.buildinfo Checksums-Sha256: 1a898d21866fe867ffe5b09dc7c6ef1689e2a88f1c818c09985205d1b86bcc22 2166 wpa_2.4-1.1.dsc 3b88db77ec1693407f2aa649384d065a8f2e85657e8cad8bab4c71955f96881b 95864 wpa_2.4-1.1.debian.tar.xz 3ff0a6db0539d4be8d00c5a779b8c3b9a0305b04dabe05adf1089a7cb8bece15 11263 wpa_2.4-1.1_amd64.buildinfo Files: e507f8c9340c522b51bc6ae2d9664b19 2166 net optional wpa_2.4-1.1.dsc 191086be22d62f67e9bb4d6ff7e9042b 95864 net optional wpa_2.4-1.1.debian.tar.xz 821607fad7d8b87e3a16e167e10f35ea 11263 net optional wpa_2.4-1.1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEl0WwInMjgf6efq/1bdtT8qZ1wKUFAlnkdxoACgkQbdtT8qZ1 wKX7Nwf8CaerjMpVclq7q2rgSBSwOUsLzzQwVDeDdft3OyOXp8Gk22kFljdbw2qI jSdsfvJtVP7aS4z2itYhlr4OotKdNXH4QwFan+xHjRLPp/W62olCwu6q+omNGBn1 HA6vE017FMP1YTVg/RtW4oloSSf/pqZxQ4ZOUgwMWxC7qtS/f+d0wKVf3xyAgOE9 bRW8pl4O5ezdvnVCTg2tPENmsW63JXcssDNt54o9tVPV0wDxTYylTEyl+/w/6xol XkPpHxfTf3bEHPA/vb53yQOoCq14nM77ew1emU96xz0gZcDn1IK829P6EFbge++P t1WtGMtVRz8lmGOmH4dHb1l3nMUqog== =zntY -----END PGP SIGNATURE-----