[ubuntu/hirsute-proposed] wpa 2:2.9-1ubuntu10 (Accepted)

Sebastien Bacher seb128 at ubuntu.com
Thu Jan 28 14:25:14 UTC 2021 

wpa (2:2.9-1ubuntu10) hirsute; urgency=medium

  * debian/patches/git_dbus_bridge.patch
    - Allow changing an interface bridge via D-Bus (lp: #1893563)

  [ Andrej Shadura ]
  * Security fix: CVE-2020-12695.
    A vulnerability in the UPnP SUBSCRIBE command can trigger the AP to
    initiate a HTTP (TCP/IP) connection to an arbitrary URL or to trigger
    misbehavior in hostapd and cause the process to either get terminated
    or to start using more CPU resources.
    The issue can also be mitigated by building hostapd without UPnP support
    (CONFIG_WPS_UPNP=n) or disabling it at runtime by removing the upnp_iface
    parameter.
    (Closes: #976106)

  [ Paolo Pisati ]
  * debian/patches/nl80211-Unbreak-mode-processing-due-to-presence-of-S.patch:
    - backport upstream fix (commit 52a1b28345123c374fd0127cbce623c41a760730)
      for S1G band (lp: #1912609)

Date: Thu, 28 Jan 2021 15:10:07 +0100
Changed-By: Sebastien Bacher <seb128 at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/wpa/2:2.9-1ubuntu10
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 28 Jan 2021 15:10:07 +0100
Source: wpa
Architecture: source
Version: 2:2.9-1ubuntu10
Distribution: hirsute
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Sebastien Bacher <seb128 at ubuntu.com>
Closes: 976106
Launchpad-Bugs-Fixed: 1893563 1912609
Changes:
 wpa (2:2.9-1ubuntu10) hirsute; urgency=medium
 .
   * debian/patches/git_dbus_bridge.patch
     - Allow changing an interface bridge via D-Bus (lp: #1893563)
 .
   [ Andrej Shadura ]
   * Security fix: CVE-2020-12695.
     A vulnerability in the UPnP SUBSCRIBE command can trigger the AP to
     initiate a HTTP (TCP/IP) connection to an arbitrary URL or to trigger
     misbehavior in hostapd and cause the process to either get terminated
     or to start using more CPU resources.
     The issue can also be mitigated by building hostapd without UPnP support
     (CONFIG_WPS_UPNP=n) or disabling it at runtime by removing the upnp_iface
     parameter.
     (Closes: #976106)
 .
   [ Paolo Pisati ]
   * debian/patches/nl80211-Unbreak-mode-processing-due-to-presence-of-S.patch:
     - backport upstream fix (commit 52a1b28345123c374fd0127cbce623c41a760730)
       for S1G band (lp: #1912609)
Checksums-Sha1:
 0782cb4f08e76ca8ddbf9233628b019c76af2421 1857 wpa_2.9-1ubuntu10.dsc
 23edbba589bfdb43ea7b708e47d00e77f3ad4e49 93536 wpa_2.9-1ubuntu10.debian.tar.xz
 76c544b7714595523426830319c1f86bbaf782b1 10050 wpa_2.9-1ubuntu10_source.buildinfo
Checksums-Sha256:
 c4d838783b7a8a7e98dd500c90099c8c90e706483c6a332ac7646338fd42be57 1857 wpa_2.9-1ubuntu10.dsc
 11ae46c610e773a0a3ed810d8c8f5bd82e8a051a6692fcccfbf56d8362426d05 93536 wpa_2.9-1ubuntu10.debian.tar.xz
 91809f1622b3fb8dad6080d79822e44f7eba92a0d546c8095eb66dd480ec3877 10050 wpa_2.9-1ubuntu10_source.buildinfo
Files:
 af3606ce0bc105b42e065b1c89b41959 1857 net optional wpa_2.9-1ubuntu10.dsc
 48050706299d6fa663fdfdd348aebafa 93536 net optional wpa_2.9-1ubuntu10.debian.tar.xz
 910edd3c223af3759c787bad5bd6a77d 10050 net optional wpa_2.9-1ubuntu10_source.buildinfo
Original-Maintainer: Debian wpasupplicant Maintainers <wpa at packages.debian.org>

-----BEGIN PGP SIGNATURE-----

iF0EARECAB0WIQTgLv71TsYonmdA1hxDGjztotfSkgUCYBLJGwAKCRBDGjztotfS
kkDWAKCzFslOJa1mvXmi0FG4FPZvMxg8AACcDv3Gypcu1ws1/EL0ryPBgK3COr8=
=998r
-----END PGP SIGNATURE-----

More information about the Hirsute-changes mailing list