[pkg-wpa-devel] Bug#795740: wpa: Incomplete WPS and P2P NFC NDEF record payload length validation
Salvatore Bonaccorso
carnil at debian.org
Sun Aug 16 14:40:44 UTC 2015
Source: wpa
Version: 1.0-1
Severity: important
Tags: security upstream patch fixed-upstream
Hi
This one has a CVE request in [1] but has not yet recieved a CVE.
Upstream advisory is at [2] including a patch[3].
[1] http://www.openwall.com/lists/oss-security/2015/07/08/3
[2] https://w1.fi/security/2015-5/incomplete-wps-and-p2p-nfc-ndef-record-payload-length-validation.txt
[3] https://w1.fi/security/2015-5/0001-NFC-Fix-payload-length-validation-in-NDEF-record-par.patch
Regards,
Salvatore
More information about the Pkg-wpa-devel
mailing list