[pkg-wpa-devel] [wpa] 03/04: update patches details

[Yves-Alexis Perez]

This is an automated email from the git hooks/post-receive script.

corsac pushed a commit to branch debian/stretch-security
in repository wpa.

commit aca34cff189f7a84ead5e86397bcfd7474f9312f
Author: Yves-Alexis Perez <corsac at debian.org>
Date:   Sat Oct 14 14:18:22 2017 +0200

    update patches details
---
 debian/changelog | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/debian/changelog b/debian/changelog
index 7c69f79..2c9b96d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,7 +3,18 @@ wpa (2:2.4-1+deb9u1) stretch-security; urgency=high
   * Non-maintainer upload by the Security Team.
   * Fix multiple issues in WPA protocol (CVE-2017-13077, CVE-2017-13078,
     CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,
-    CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
+    CVE-2017-13086, CVE-2017-13087, CVE-2017-13088):
+    - hostapd: Avoid key reinstallation in FT handshake
+    - Prevent reinstallation of an already in-use group key
+    - Extend protection of GTK/IGTK reinstallation of
+    - Fix TK configuration to the driver in EAPOL-Key 3/4
+    - Prevent installation of an all-zero TK
+    - Fix PTK rekeying to generate a new ANonce
+    - TDLS: Reject TPK-TK reconfiguration
+    - WNM: Ignore WNM-Sleep Mode Response if WNM-Sleep Mode
+    - WNM: Ignore WNM-Sleep Mode Response without pending
+    - FT: Do not allow multiple Reassociation Response frames
+    - TDLS: Ignore incoming TDLS Setup Response retries
 
  -- Yves-Alexis Perez <corsac at debian.org>  Fri, 13 Oct 2017 16:14:09 +0200
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/collab-maint/wpa.git