-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 30 Apr 2024 22:45:18 +0000 Source: wpa Binary: eapoltest eapoltest-dbgsym hostapd hostapd-dbgsym libwpa-client-dev wpagui wpagui-dbgsym wpasupplicant wpasupplicant-dbgsym wpasupplicant-udeb Architecture: armel Version: 2:2.9.0-21+deb11u1 Distribution: bullseye Urgency: high Maintainer: arm Build Daemon (arm-arm-04) Changed-By: Bastien Roucariès Description: eapoltest - EAPoL testing utility hostapd - access point and authentication server for Wi-Fi and Ethernet libwpa-client-dev - development files for WPA/WPA2 client support (IEEE 802.11i) wpagui - graphical user interface for wpa_supplicant wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i) wpasupplicant-udeb - client support for WPA and WPA2 (IEEE 802.11i) (udeb) Closes: 1064061 Changes: wpa (2:2.9.0-21+deb11u1) bullseye; urgency=high . * Non-maintainer upload on behalf of the Security Team. * Fix CVE-2023-52160 (Closes: #1064061): The implementation of PEAP in wpa_supplicant allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks. Checksums-Sha1: da1d3c47e6e5cd8c5f6be53d44bc765f6fff196c 3310856 eapoltest-dbgsym_2.9.0-21+deb11u1_armel.deb d0d2dcd7007681b7a5b506fc4649a605f60d1ac1 842696 eapoltest_2.9.0-21+deb11u1_armel.deb 5bbb60914cd9204b31065439b9a303b2d2b73078 2401664 hostapd-dbgsym_2.9.0-21+deb11u1_armel.deb 3cedd6aa492ba19b846b3395eee2b5c1fd852e22 691644 hostapd_2.9.0-21+deb11u1_armel.deb c164ca5f8f0a6b803f23b945452ae1b56307aa61 69476 libwpa-client-dev_2.9.0-21+deb11u1_armel.deb c98053e57359209416ef33c5180bd3cdaa4e3f70 15092 wpa_2.9.0-21+deb11u1_armel-buildd.buildinfo e7d5c0b08539fdc283bef294a4145d4d9111ce22 1838416 wpagui-dbgsym_2.9.0-21+deb11u1_armel.deb 24a10576bb4f9b460417e289bf91270ff6e7a73d 337728 wpagui_2.9.0-21+deb11u1_armel.deb 2b2b8cea58b2ddf5f1ee3891408d44ec9bb0e2fb 3754848 wpasupplicant-dbgsym_2.9.0-21+deb11u1_armel.deb 4be6f50dda578c48b20c0ada6a99381ebeda03c2 268344 wpasupplicant-udeb_2.9.0-21+deb11u1_armel.udeb 05bc84448c5ecfbb14be5199b4cc7a7c2cc6a27e 1069832 wpasupplicant_2.9.0-21+deb11u1_armel.deb Checksums-Sha256: c27a11a4eacbe50b502cfee34cb88cf8d490190a86b1f6306ba0a64fe06e8d2d 3310856 eapoltest-dbgsym_2.9.0-21+deb11u1_armel.deb 2e5cd53c5513e5bb38751529d43ad2deb0ab783181a35dad06a76d266c21ec90 842696 eapoltest_2.9.0-21+deb11u1_armel.deb 59d5a8ec845c75b84e43153d0f13433441784f8eea6c82aa330093dd6f4a4de3 2401664 hostapd-dbgsym_2.9.0-21+deb11u1_armel.deb 478258745849bbea85e7064de910d981993b78c769bed98d03acdc843e08b02e 691644 hostapd_2.9.0-21+deb11u1_armel.deb 015b73c64cebdd4f5ffa26a81969d8873c094fddcf28d16498a5f9afd7e4f37b 69476 libwpa-client-dev_2.9.0-21+deb11u1_armel.deb 5940c9a17a8bca6cf8b7cd0c4d3688fb27101cdc821c11a8f861b2cb74b6485d 15092 wpa_2.9.0-21+deb11u1_armel-buildd.buildinfo ad016310b58865e5d6e29273de076801112a2b630024d11d85cd9f601ed171fa 1838416 wpagui-dbgsym_2.9.0-21+deb11u1_armel.deb f309cf0288d18f6f33767f42df193ed45499ca890aef2e9d4eb28848e3ccc0e4 337728 wpagui_2.9.0-21+deb11u1_armel.deb e9fab0671cf2f75eebd671f944f6b7f755fbca1a7b7c9365534a55b143d348fe 3754848 wpasupplicant-dbgsym_2.9.0-21+deb11u1_armel.deb 1a4657e759215aea911160b2f9181d8010c04d249eaaeb1dee724ee86b719648 268344 wpasupplicant-udeb_2.9.0-21+deb11u1_armel.udeb ac6a7864f11326ef1a612394435525473242bf92bc7ea9efc23b0de38e128d10 1069832 wpasupplicant_2.9.0-21+deb11u1_armel.deb Files: 04e208cd70bb6481957ba7723cd0e0dd 3310856 debug optional eapoltest-dbgsym_2.9.0-21+deb11u1_armel.deb 111905777b64be753d62d5fda7b64318 842696 net optional eapoltest_2.9.0-21+deb11u1_armel.deb 03fdfb0bf603440df5ad295a6e4a4d0a 2401664 debug optional hostapd-dbgsym_2.9.0-21+deb11u1_armel.deb 4a12c9fc7a9301c00445c361fcbf0373 691644 net optional hostapd_2.9.0-21+deb11u1_armel.deb 30ae0326c78807973d94c55fe9232ee1 69476 libdevel optional libwpa-client-dev_2.9.0-21+deb11u1_armel.deb a9feed2e49d432be35f97e36527fa402 15092 net optional wpa_2.9.0-21+deb11u1_armel-buildd.buildinfo b728683285e5b02452b6f8d1fb022df3 1838416 debug optional wpagui-dbgsym_2.9.0-21+deb11u1_armel.deb f850c9cbafc1db070a0c54fe3efcd8f6 337728 net optional wpagui_2.9.0-21+deb11u1_armel.deb ea2cdcf1a4b46d80e277586e3e1785a0 3754848 debug optional wpasupplicant-dbgsym_2.9.0-21+deb11u1_armel.deb 5ad7397dfa551267cf9f23a814bedcac 268344 debian-installer standard wpasupplicant-udeb_2.9.0-21+deb11u1_armel.udeb 158e1aba33840b0eed00809d6d820661 1069832 net optional wpasupplicant_2.9.0-21+deb11u1_armel.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEI50kmNpDqaVj/srT9SjIc4+ajYAFAmZ0gmkACgkQ9SjIc4+a jYBWvw/+KR2JF8huh+HMkKJERUXFtDDTqomkvgaz0od126QfTotEohxqk6Pm8qJL m4G82jUK6hxF93pelt+PE6qJuBJwSMWkvH75DU6+nxzme5N975WvfVOMwBMEk8zc WMtRBkOccTLIOO7Aw6f6V8Y7E4REJQxuFe8JWdh4p3fW688iOay08kf6uM4MTlJG Heqz4uXQk5BOx9wpcfsRBmsvMBASpYNuZqn4xH4+TJTeHNzK+SsqW7cO2NUZl2+D xLEqHOcv0SnHtXF6+ZTwYv8ptB637M9kh051/7LuzWZLYixgt0toRXntD2/TSf56 8HptywNyqxpt4uxTxppRsgCxx8Bt/IelAcDl7jQTXFvie8P42II1t1eV0qvrGEJH /Cq+gUGvTuM1dCQWKJ+UYE5U6+yPd6e+xHhYFTZ1HfBYLeBZKfsDIgApL+lhHQ9E GdTJne7YNqYOejW2NFA5Bh9iNETf+ppx1hVCs6CBPfXWLCJxeCOBt5800zSYLmES I6e1t4PvVOFN6Ru1n8bnNUu6nfNNFleq8/P4g5d76bykICf9JlqnA9TBpYbtsZ4d OdXnXiPvSGb9J5kdpwNUWnase/EEKALVzm29MBSR87oPdoVvQqqafSTREGREVdwZ zi/1AvCXRsNme/G/MUwohrlHc0Y2WtHdf0JIgUGYpZYi7a/Yq6c= =7jwv -----END PGP SIGNATURE-----