[pkg-wpa-devel] [wpa] 02/03: Merge branch 'debian/experimental' into debian/master
Andrew Shadura
andrewsh at debian.org
Fri Nov 24 16:49:24 UTC 2017
This is an automated email from the git hooks/post-receive script.
andrewsh pushed a commit to branch debian/master
in repository wpa.
commit a90b4f4938d7215e0039ba31984f48237efb3c5c
Merge: f344388 6f9c360
Author: Andrew Shadura <andrew.shadura at collabora.co.uk>
Date: Fri Nov 24 16:34:09 2017 +0000
Merge branch 'debian/experimental' into debian/master
debian/changelog | 38 ++++++++++++++++++++++++++++++++++++++
1 file changed, 38 insertions(+)
diff --cc debian/changelog
index c4aaa5b,0f81993..9e338dc
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,90 -1,41 +1,128 @@@
+wpa (2:2.6-7) unstable; urgency=medium
+
+ * Optional AP side workaround for key reinstallation attacks (LP: #1730399).
+
+ -- Andrew Shadura <andrewsh at debian.org> Fri, 24 Nov 2017 16:29:25 +0000
+
+wpa (2:2.6-6) experimental; urgency=medium
+
+ [ Reiner Herrmann ]
+ * Port wpa_gui to Qt5 (Closes: #875233).
+
+ [ Andrew Shadura ]
+ * Add a service file for hostapd.
+ * Build wpa_supplicant with interface matching support (Closes: #879208).
+
+ [ Benedikt Wildenhain (BO) ]
+ * Install wpa_supplicant-wired at .service (Closes: #871488).
+
+ [ Jan-Benedict Glaw ]
+ * Consider all ifupdown configuration, not only /etc/network/interfaces
+ (Closes: #853293).
+
+ -- Andrew Shadura <andrewsh at debian.org> Fri, 24 Nov 2017 16:00:19 +0000
+
+wpa (2:2.6-5) experimental; urgency=medium
+
+ [ Yves-Alexis Perez ]
+ * Fix multiple issues in WPA protocol (CVE-2017-13077, CVE-2017-13078,
+ CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,
+ CVE-2017-13086, CVE-2017-13087, CVE-2017-13088):
+ - hostapd: Avoid key reinstallation in FT handshake
+ - Prevent reinstallation of an already in-use group key
+ - Extend protection of GTK/IGTK reinstallation of
+ - Fix TK configuration to the driver in EAPOL-Key 3/4
+ - Prevent installation of an all-zero TK
+ - Fix PTK rekeying to generate a new ANonce
+ - TDLS: Reject TPK-TK reconfiguration
+ - WNM: Ignore WNM-Sleep Mode Response if WNM-Sleep Mode
+ - WNM: Ignore WNM-Sleep Mode Response without pending
+ - FT: Do not allow multiple Reassociation Response frames
+ - TDLS: Ignore incoming TDLS Setup Response retries
+
+ -- Andrew Shadura <andrewsh at debian.org> Fri, 20 Oct 2017 15:34:09 +0100
+
+wpa (2:2.6-4) experimental; urgency=medium
+
+ * Upload to experimental.
+ * Bump the epoch to 2:, as the upload to unstable had to bump epoch.
+
+ -- Andrew Shadura <andrewsh at debian.org> Fri, 24 Feb 2017 16:45:48 +0100
+
+ wpa (2:2.4-1.1) unstable; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * Fix multiple issues in WPA protocol (CVE-2017-13077, CVE-2017-13078,
+ CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,
+ CVE-2017-13086, CVE-2017-13087, CVE-2017-13088):
+ - hostapd: Avoid key reinstallation in FT handshake
+ - Prevent reinstallation of an already in-use group key
+ - Extend protection of GTK/IGTK reinstallation of
+ - Fix TK configuration to the driver in EAPOL-Key 3/4
+ - Prevent installation of an all-zero TK
+ - Fix PTK rekeying to generate a new ANonce
+ - TDLS: Reject TPK-TK reconfiguration
+ - WNM: Ignore WNM-Sleep Mode Response if WNM-Sleep Mode
+ - WNM: Ignore WNM-Sleep Mode Response without pending
+ - FT: Do not allow multiple Reassociation Response frames
+ - TDLS: Ignore incoming TDLS Setup Response retries
+
+ -- Yves-Alexis Perez <corsac at debian.org> Mon, 16 Oct 2017 10:28:41 +0200
+
+ wpa (2:2.4-1) unstable; urgency=medium
+
+ [ Vincent Danjean ]
+ * Build with libssl1.0-dev (Closes: #828601).
+ * Add an upstream patch to fix hostapd in SMPS mode (Closes: #854719).
+
+ [ Andrew Shadura ]
+ * Don't install debian/system-sleep/wpasupplicant (originally introduced
+ to fix LP: #1422143), it doesn't improve the state of the things,
+ introduces regressions in some cases, and at all isn't supposed to
+ work with how wpa-supplicant is started these days (Closes: #835648).
+ * Bump the epoch to 2:, so that we can set the upstream version to
+ what we really mean. It also has to be higher than 2.6 in unstable
+ and 1:2.6 (what hostapd binary package in unstable has).
+ * Drop the binary package epoch override.
+
+ -- Andrew Shadura <andrewsh at debian.org> Mon, 20 Feb 2017 11:55:11 +0100
+
+wpa (2.6-3) unstable; urgency=medium
+
+ * Cherry-pick the following patches from the upstream:
+ - WPS: Force BSSID for WPS provisioning step connection
+ - Check for NULL qsort() base pointers
+ - Always propagate scan results to all interfaces
+ - wpa_supplicant: Restore permanent MAC address on reassociation
+ - nl80211: Update channel information after channel switch notification
+ - Extend ieee80211_freq_to_channel_ext() to cover channels 52-64
+ - Use estimated throughput to avoid signal based roaming decision
+ - Use random MAC address for scanning only in non-connected state
+
+ -- Andrew Shadura <andrewsh at debian.org> Thu, 26 Jan 2017 17:53:41 +0100
+
+wpa (2.6-2) unstable; urgency=medium
+
+ * Upload to unstable.
+ * Restore the patch descriptions.
+ * Don't install debian/system-sleep/wpasupplicant (originally introduced
+ to fix LP: #1422143), it doesn't improve the state of the things,
+ introduces regressions in some cases, and at all isn't supposed to
+ work with how wpa-supplicant is started these days.
+
+ -- Andrew Shadura <andrewsh at debian.org> Tue, 20 Dec 2016 21:50:26 +0100
+
+wpa (2.6-1) experimental; urgency=medium
+
+ [ Andrew Shadura ]
+ * New upstream version (Closes: #828601, #832034).
+ * Add gbp.conf.
+
+ [ Julian Wollrath ]
+ * Refresh patches.
+
+ -- Andrew Shadura <andrewsh at debian.org> Thu, 20 Oct 2016 18:28:10 +0200
+
wpa (2.5-2+v2.4-3) unstable; urgency=medium
[ Helmut Grohne ]
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/collab-maint/wpa.git
More information about the Pkg-wpa-devel
mailing list