[ubuntu/hirsute-proposed] wpa 2:2.9.0-17ubuntu1 (Accepted)
Julian Andres Klode
juliank at ubuntu.com
Fri Feb 12 10:37:14 UTC 2021
wpa (2:2.9.0-17ubuntu1) hirsute; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/patches/wpa_service_ignore-on-isolate.patch: add
IgnoreOnIsolate=yes so that when switching "runlevels" in oem-config
will not kill off wpa and cause wireless to be unavailable on first
boot.
- debian/patches/session-ticket.patch: disable the TLS Session Ticket
extension to fix auth with 802.1x PEAP on some hardware.
- debian/patches/git_roaming_interface.patch: backport upstream fix
'dbus: Move roam metrics to the correct interface', should reduces
the number of events
- debian/patches/nl80211-Unbreak-mode-processing-due-to-presence-of-S.patch:
backport upstream fix (commit 52a1b28345123c374fd0127cbce623c41a760730)
for S1G band (LP #1912609)
- debian/patches/git_dbus_bridge.patch: Allow changing an interface
bridge via D-Bus (LP #1893563)
wpa (2:2.9.0-17) unstable; urgency=medium
[ Salvatore Bonaccorso ]
* P2P: Fix copying of secondary device types for P2P group client
(CVE-2021-0326) (Closes: #981971).
wpa (2:2.9.0-16) unstable; urgency=high
* Restrict eapoltest to linux-any kfreebsd-any.
* Add an upstream patch to fix a crash with a long P2P interface name
(Closes: #976091).
* Security fix: CVE-2020-12695.
A vulnerability in the UPnP SUBSCRIBE command can trigger the AP to
initiate a HTTP (TCP/IP) connection to an arbitrary URL or to trigger
misbehavior in hostapd and cause the process to either get terminated
or to start using more CPU resources.
The issue can also be mitigated by building hostapd without UPnP support
(CONFIG_WPS_UPNP=n) or disabling it at runtime by removing the upnp_iface
parameter.
(Closes: #976106)
* Refresh patches.
wpa (2:2.9.0-15) unstable; urgency=medium
* Don’t fail the build on -Warray-bounds.
wpa (2:2.9.0-14) unstable; urgency=medium
[ Paul Menzel ]
* Fix unknown key warnings NetworkManager configuration drop-in.
* Update NetworkManager configuration drop-in.
* Remove defaults from NetworkManager configuration drop-in.
Closes: #951268, #966811.
[ Andrej Shadura ]
* Add fixes proposed upstream:
- Fix error message for radius_accept_attr config option
- Update WPS credentials on SIGHUP
wpa (2:2.9.0-13) unstable; urgency=medium
* Apply upstream patches:
- Avoid sending invalid mgmt frames at startup
- Increase introspection buffer size for D-Bus
wpa (2:2.9.0-12) unstable; urgency=medium
* Add an upstream patch to fix the MAC randomisation issue with some cards
(LP: #1867908).
wpa (2:2.9.0-11) unstable; urgency=medium
* Actually add autopkgtest for libwpa-client-dev and libwpa_test.c.
wpa (2:2.9.0-10) unstable; urgency=medium
* Rename the package with the client library to libwpa-client-dev.
wpa (2:2.9.0-9) unstable; urgency=medium
[ Terry Burton ]
* Build and install eapol_test in eapoltest package (Closes: #700870)
[ Didier Raboud ]
* Backport upstream patch to fix build with Debian's VERSION_STR.
[ Andrew Lee (李健秋) ]
* Build libwpa-dev binary package which contains a static
libwpa_client library and the wpa_ctrl header with an example program.
[ Andrej Shadura ]
* Add a patch to provide the BIT() macro locally in wpa_ctrl.h.
* Patch the example to use stddef.h and wpa_ctrl.h from the global location.
* Add an autopkgtest for libwpa-dev and libwpa_test.c.
wpa (2:2.9.0-8) unstable; urgency=medium
* Reupload as 2.9.0 to undo an accidental experimental upload to unstable.
wpa (2:2.9-7) unstable; urgency=medium
* Apply upstream patches:
- trace: handle binutils bfd.h breakage
- Check for FT support when selecting FT suites (Closes: #942164)
wpa (2:2.9-6) unstable; urgency=medium
[ Debian Janitor ]
* Use secure URI in Homepage field.
* Move source package lintian overrides to debian/source.
* Use canonical URL in Vcs-Browser.
* Rely on pre-initialized dpkg-architecture variables.
* Update standards version to 4.4.1, no changes needed.
[ Andrej Shadura ]
* Disable CONFIG_DRIVER_MACSEC_QCA on kfreebsd.
wpa (2:2.9-5) unstable; urgency=medium
* Fix erroneously inverted logic in postinst.
wpa (2:2.9-4) unstable; urgency=medium
[ Helmut Grohne ]
* Fix FTCBFS: Don’t export CC=cc (Closes: #921998).
[ Andrej Shadura ]
* Don’t act in hostapd.postinst if we’re running in a chrootless root.
* Apply an upstream patch:
- wpa_supplicant: Do not try to detect PSK mismatch during PTK rekeying.
wpa (2:2.9-3) unstable; urgency=medium
* Add pkg.wpa.nogui and noudeb build profiles.
wpa (2:2.9-2) unstable; urgency=medium
* SECURITY UPDATE:
- AP mode PMF disconnection protection bypass.
More details:
+ https://w1.fi/security/2019-7/
Closes: #940080 (CVE-2019-16275)
Date: Fri, 12 Feb 2021 11:25:17 +0100
Changed-By: Julian Andres Klode <juliank at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/wpa/2:2.9.0-17ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 12 Feb 2021 11:25:17 +0100
Source: wpa
Architecture: source
Version: 2:2.9.0-17ubuntu1
Distribution: hirsute
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Julian Andres Klode <juliank at ubuntu.com>
Closes: 700870 921998 940080 942164 951268 966811 976091 976106 981971
Launchpad-Bugs-Fixed: 1867908
Changes:
wpa (2:2.9.0-17ubuntu1) hirsute; urgency=low
.
* Merge from Debian unstable. Remaining changes:
- debian/patches/wpa_service_ignore-on-isolate.patch: add
IgnoreOnIsolate=yes so that when switching "runlevels" in oem-config
will not kill off wpa and cause wireless to be unavailable on first
boot.
- debian/patches/session-ticket.patch: disable the TLS Session Ticket
extension to fix auth with 802.1x PEAP on some hardware.
- debian/patches/git_roaming_interface.patch: backport upstream fix
'dbus: Move roam metrics to the correct interface', should reduces
the number of events
- debian/patches/nl80211-Unbreak-mode-processing-due-to-presence-of-S.patch:
backport upstream fix (commit 52a1b28345123c374fd0127cbce623c41a760730)
for S1G band (LP #1912609)
- debian/patches/git_dbus_bridge.patch: Allow changing an interface
bridge via D-Bus (LP #1893563)
.
wpa (2:2.9.0-17) unstable; urgency=medium
.
[ Salvatore Bonaccorso ]
* P2P: Fix copying of secondary device types for P2P group client
(CVE-2021-0326) (Closes: #981971).
.
wpa (2:2.9.0-16) unstable; urgency=high
.
* Restrict eapoltest to linux-any kfreebsd-any.
* Add an upstream patch to fix a crash with a long P2P interface name
(Closes: #976091).
* Security fix: CVE-2020-12695.
A vulnerability in the UPnP SUBSCRIBE command can trigger the AP to
initiate a HTTP (TCP/IP) connection to an arbitrary URL or to trigger
misbehavior in hostapd and cause the process to either get terminated
or to start using more CPU resources.
The issue can also be mitigated by building hostapd without UPnP support
(CONFIG_WPS_UPNP=n) or disabling it at runtime by removing the upnp_iface
parameter.
(Closes: #976106)
* Refresh patches.
.
wpa (2:2.9.0-15) unstable; urgency=medium
.
* Don’t fail the build on -Warray-bounds.
.
wpa (2:2.9.0-14) unstable; urgency=medium
.
[ Paul Menzel ]
* Fix unknown key warnings NetworkManager configuration drop-in.
* Update NetworkManager configuration drop-in.
* Remove defaults from NetworkManager configuration drop-in.
Closes: #951268, #966811.
.
[ Andrej Shadura ]
* Add fixes proposed upstream:
- Fix error message for radius_accept_attr config option
- Update WPS credentials on SIGHUP
.
wpa (2:2.9.0-13) unstable; urgency=medium
.
* Apply upstream patches:
- Avoid sending invalid mgmt frames at startup
- Increase introspection buffer size for D-Bus
.
wpa (2:2.9.0-12) unstable; urgency=medium
.
* Add an upstream patch to fix the MAC randomisation issue with some cards
(LP: #1867908).
.
wpa (2:2.9.0-11) unstable; urgency=medium
.
* Actually add autopkgtest for libwpa-client-dev and libwpa_test.c.
.
wpa (2:2.9.0-10) unstable; urgency=medium
.
* Rename the package with the client library to libwpa-client-dev.
.
wpa (2:2.9.0-9) unstable; urgency=medium
.
[ Terry Burton ]
* Build and install eapol_test in eapoltest package (Closes: #700870)
.
[ Didier Raboud ]
* Backport upstream patch to fix build with Debian's VERSION_STR.
.
[ Andrew Lee (李健秋) ]
* Build libwpa-dev binary package which contains a static
libwpa_client library and the wpa_ctrl header with an example program.
.
[ Andrej Shadura ]
* Add a patch to provide the BIT() macro locally in wpa_ctrl.h.
* Patch the example to use stddef.h and wpa_ctrl.h from the global location.
* Add an autopkgtest for libwpa-dev and libwpa_test.c.
.
wpa (2:2.9.0-8) unstable; urgency=medium
.
* Reupload as 2.9.0 to undo an accidental experimental upload to unstable.
.
wpa (2:2.9-7) unstable; urgency=medium
.
* Apply upstream patches:
- trace: handle binutils bfd.h breakage
- Check for FT support when selecting FT suites (Closes: #942164)
.
wpa (2:2.9-6) unstable; urgency=medium
.
[ Debian Janitor ]
* Use secure URI in Homepage field.
* Move source package lintian overrides to debian/source.
* Use canonical URL in Vcs-Browser.
* Rely on pre-initialized dpkg-architecture variables.
* Update standards version to 4.4.1, no changes needed.
.
[ Andrej Shadura ]
* Disable CONFIG_DRIVER_MACSEC_QCA on kfreebsd.
.
wpa (2:2.9-5) unstable; urgency=medium
.
* Fix erroneously inverted logic in postinst.
.
wpa (2:2.9-4) unstable; urgency=medium
.
[ Helmut Grohne ]
* Fix FTCBFS: Don’t export CC=cc (Closes: #921998).
.
[ Andrej Shadura ]
* Don’t act in hostapd.postinst if we’re running in a chrootless root.
* Apply an upstream patch:
- wpa_supplicant: Do not try to detect PSK mismatch during PTK rekeying.
.
wpa (2:2.9-3) unstable; urgency=medium
.
* Add pkg.wpa.nogui and noudeb build profiles.
.
wpa (2:2.9-2) unstable; urgency=medium
.
* SECURITY UPDATE:
- AP mode PMF disconnection protection bypass.
More details:
+ https://w1.fi/security/2019-7/
Closes: #940080 (CVE-2019-16275)
Checksums-Sha1:
618c06ff0d1c1dc642890441f6f753b687f407e6 2806 wpa_2.9.0-17ubuntu1.dsc
8c4bafede40b32890ab65ac120e1c24757878248 2347080 wpa_2.9.0.orig.tar.xz
e3d3238079ba820ce43d451b2eb3353a075708a7 100424 wpa_2.9.0-17ubuntu1.debian.tar.xz
21fed1c9ecdd7be6898bb473bc5f7a2f894a725d 11874 wpa_2.9.0-17ubuntu1_source.buildinfo
Checksums-Sha256:
46286523d431292cb2564b769402d50196ba001e38425a39d80b6e3f61159788 2806 wpa_2.9.0-17ubuntu1.dsc
4032da92d97cb555053d94d514d590d0ce066ca13ba5ef144063450bc56161a7 2347080 wpa_2.9.0.orig.tar.xz
e24846910045822dbea18d8bb757cfd33f7e278aae972f368eb312b09358099e 100424 wpa_2.9.0-17ubuntu1.debian.tar.xz
1fd8fd2ac0781016237756965559abbc39cdf01f87fa81798f258eeab3058dd1 11874 wpa_2.9.0-17ubuntu1_source.buildinfo
Files:
a871292d990642d51323d1fe4ffb0157 2806 net optional wpa_2.9.0-17ubuntu1.dsc
132953a85df36d0fca4df129b036ca06 2347080 net optional wpa_2.9.0.orig.tar.xz
cb3ec1ae8ba9859fb5f3d39f44af434f 100424 net optional wpa_2.9.0-17ubuntu1.debian.tar.xz
075a4298ded574c2d611b90c7ab90481 11874 net optional wpa_2.9.0-17ubuntu1_source.buildinfo
Original-Maintainer: Debian wpasupplicant Maintainers <wpa at packages.debian.org>
-----BEGIN PGP SIGNATURE-----
iQJDBAEBCgAtFiEET7WIqEwt3nmnTHeHb6RY3R2wP3EFAmAmWg8PHGpha0BkZWJp
YW4ub3JnAAoJEG+kWN0dsD9xg/sP/jpTcDmmFYjO9dloxYr+a9nvw8EUk/ciwdEH
YNEzWnduYXmG5fqH4TYXJVhgLHmgBjgwhMa4OEFjUX2e3Ima+kr2P0OXXH3//8Nw
d12e/qvQhftwbEPU8BDONPKCv+64pmLEOQ8y8/hWNqoxBBzCdVwndFKtpG5ZvYuA
cVpTfCsxx8QsuogWPoIbyeZeEM+r0/2Ccuc2aW8uEweEI0nLVNkja9Lge0caD1MF
TomR9zFrraKFY0nvsuGMYQLlaqS10oDmj60BcZMaDUh80i8wfvz7GanPXtGgD44z
KhzZkF8+xP7n5MQJd0XbM1p6CzNWJqx99+Pu6mYGSjbHuda6MiA10wtdSOoljbGG
SmGbGeuWHpsZeh40xj92iXcE1R39eSfOvG19GaWiDccqQSCm99VlTlNTs6ZvAORF
b+hW9BmYXJWr9XlHepFklRm0frpLqOk9MTs2jq39XoScOb/wuyyaUpa+ebEjR9vp
HnYM21JoIx1ef5gsQVv8MidEBDFoSmtmtLGHPIbz4NwonHL2oPS4KInQYrMQvnLz
oPtz9Z8+RGZOqOo3NeMD1V5xAcaiSfhheYFPaEFRvtNUPeoC12IdeBLG6F5KltNY
flPd/Vji5rtgwnbAeU+BfjIyCDni94N18DjOOVzNoLY/s2iJGFEO0p59+zesMvdG
d/adlho+
=AuCi
-----END PGP SIGNATURE-----
More information about the Hirsute-changes
mailing list