[pkg-wpa-devel] r1941 - /wpa/trunk/debian/changelog

slh-guest at users.alioth.debian.org slh-guest at users.alioth.debian.org
Sun Apr 26 00:59:33 UTC 2015 

Author: slh-guest
Date: Sun Apr 26 00:59:33 2015
New Revision: 1941

URL: http://svn.debian.org/wsvn/pkg-wpa/?sc=1&rev=1941
Log:
* import "P2P: Validate SSID element length before copying it
  (CVE-2015-1863)" from upstream (Closes: #783148).
* import "P2P: Validate SSID element length before copying it
  (CVE-2015-1863)" from upstream (Closes: #783148); this is essentially a
  no-op for the wheezy binaries distributed by Debian, as CONFIG_P2P is
  disabled there.
* Apply upstream patches for CVE-2014-3686 (Closes: #765352):
  - add os_exec() helper to run external programs
  - wpa_cli: Use os_exec() for action script execution
  - hostapd_cli: Use os_exec() for action script execution

Modified:
    wpa/trunk/debian/changelog

Modified: wpa/trunk/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/debian/changelog?rev=1941&op=diff
==============================================================================
--- wpa/trunk/debian/changelog	(original)
+++ wpa/trunk/debian/changelog	Sun Apr 26 00:59:33 2015
@@ -20,6 +20,13 @@
     (CVE-2015-1863)" from upstream (Closes: #783148).
 
  -- Stefan Lippers-Hollmann <s.l-h at gmx.de>  Thu, 23 Apr 2015 05:02:21 +0200
+
+wpa (2.3-1+deb8u1) jessie-security; urgency=high
+
+  * import "P2P: Validate SSID element length before copying it
+    (CVE-2015-1863)" from upstream (Closes: #783148).
+
+ -- Stefan Lippers-Hollmann <s.l-h at gmx.de>  Thu, 23 Apr 2015 19:32:29 +0200
 
 wpa (2.3-1) unstable; urgency=medium
 
@@ -153,6 +160,24 @@
     (Closes: #678147).
 
  -- Daniel Kahn Gillmor <dkg at fifthhorseman.net>  Thu, 05 Dec 2013 13:56:15 -0500
+
+wpa (1.0-3+deb7u2) wheezy-security; urgency=high
+
+  * import "P2P: Validate SSID element length before copying it
+    (CVE-2015-1863)" from upstream (Closes: #783148); this is essentially a
+    no-op for the wheezy binaries distributed by Debian, as CONFIG_P2P is
+    disabled there.
+
+ -- Stefan Lippers-Hollmann <s.l-h at gmx.de>  Thu, 23 Apr 2015 19:56:11 +0200
+
+wpa (1.0-3+deb7u1) wheezy-security; urgency=high
+
+  * Apply upstream patches for CVE-2014-3686 (Closes: #765352):
+    - add os_exec() helper to run external programs
+    - wpa_cli: Use os_exec() for action script execution
+    - hostapd_cli: Use os_exec() for action script execution
+
+ -- Stefan Lippers-Hollmann <s.l-h at gmx.de>  Wed, 15 Oct 2014 23:32:54 +0200
 
 wpa (1.0-3) unstable; urgency=high

More information about the Pkg-wpa-devel mailing list