Univention Bugzilla – Bug 52821
wpa: Multiple issues (4.4)
Last modified: 2021-03-17 13:59:56 CET
New Debian wpa 2:2.4-1+deb9u8A~4.4.7.202102220936 fixes: This update addresses the following issue: * P2P group information processing vulnerability (CVE-2021-0326)
--- mirror/ftp/4.4/unmaintained/4.4-6/source/wpa_2.4-1+deb9u7A~4.4.5.202008100901.dsc +++ apt/ucs_4.4-0-errata4.4-7/source/wpa_2.4-1+deb9u8A~4.4.7.202102220936.dsc @@ -1,7 +1,16 @@ -2:2.4-1+deb9u7A~4.4.5.202008100901 [Mon, 10 Aug 2020 09:10:09 +0200] Univention builddaemon <buildd@univention.de>: +2:2.4-1+deb9u8A~4.4.7.202102220936 [Mon, 22 Feb 2021 10:31:16 +0100] Univention builddaemon <buildd@univention.de>: * UCS auto build. The following patches have been applied to the original source package eapol_test + +2:2.4-1+deb9u8 [Thu, 18 Feb 2021 22:03:02 +0100] Thorsten Alteholz <debian@alteholz.de>: + + * Non-maintainer upload by the LTS Team. + * CVE-2021-0326 + Missing validation of data can result in a buffer over-write, + which might lead to a DoS of the wpa_supplicant process or + potentially arbitrary code execution. + * Enable support for WPA-EAP-SUITE-B(-192) (Closes: #982548). 2:2.4-1+deb9u7 [Sun, 09 Aug 2020 00:22:36 +0530] Utkarsh Gupta <utkarsh@debian.org>: <http://piuparts.knut.univention.de/4.4-7/#9174478015281990001>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-7] ee95efbe38 Bug #52821: wpa 2:2.4-1+deb9u8A~4.4.7.202102220936 doc/errata/staging/wpa.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+)
--- mirror/ftp/4.4/unmaintained/4.4-6/source/wpa_2.4-1+deb9u7A~4.4.5.202008100901.dsc +++ apt/ucs_4.4-0-errata4.4-7/source/wpa_2.4-1+deb9u9A~4.4.7.202103150947.dsc @@ -1,7 +1,22 @@ -2:2.4-1+deb9u7A~4.4.5.202008100901 [Mon, 10 Aug 2020 09:10:09 +0200] Univention builddaemon <buildd@univention.de>: +2:2.4-1+deb9u9A~4.4.7.202103150947 [Mon, 15 Mar 2021 09:51:40 +0100] Univention builddaemon <buildd@univention.de>: * UCS auto build. The following patches have been applied to the original source package eapol_test + +2:2.4-1+deb9u9 [Wed, 03 Mar 2021 01:41:01 +0530] Utkarsh Gupta <utkarsh@debian.org>: + + * Non-maintainer upload by the LTS Team. + * P2P: Fix a corner case in peer addition based on PD Request. + (Fixes: CVE-2021-27803) + +2:2.4-1+deb9u8 [Thu, 18 Feb 2021 22:03:02 +0100] Thorsten Alteholz <debian@alteholz.de>: + + * Non-maintainer upload by the LTS Team. + * CVE-2021-0326 + Missing validation of data can result in a buffer over-write, + which might lead to a DoS of the wpa_supplicant process or + potentially arbitrary code execution. + * Enable support for WPA-EAP-SUITE-B(-192) (Closes: #982548). 2:2.4-1+deb9u7 [Sun, 09 Aug 2020 00:22:36 +0530] Utkarsh Gupta <utkarsh@debian.org>: <http://piuparts.knut.univention.de/4.4-7/#6408620401991714439>
OK: yaml OK: announce_errata OK: patch OK: piuparts
<https://errata.software-univention.de/#/?erratum=4.4x921>