-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 30 Apr 2024 22:45:18 +0000
Source: wpa
Binary: eapoltest eapoltest-dbgsym hostapd hostapd-dbgsym libwpa-client-dev wpagui wpagui-dbgsym wpasupplicant wpasupplicant-dbgsym wpasupplicant-udeb
Architecture: i386
Version: 2:2.9.0-21+deb11u1
Distribution: bullseye
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-ubc-02) <buildd_amd64-x86-ubc-02@buildd.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Description:
 eapoltest  - EAPoL testing utility
 hostapd    - access point and authentication server for Wi-Fi and Ethernet
 libwpa-client-dev - development files for WPA/WPA2 client support (IEEE 802.11i)
 wpagui     - graphical user interface for wpa_supplicant
 wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i)
 wpasupplicant-udeb - client support for WPA and WPA2 (IEEE 802.11i) (udeb)
Closes: 1064061
Changes:
 wpa (2:2.9.0-21+deb11u1) bullseye; urgency=high
 .
   * Non-maintainer upload on behalf of the Security Team.
   * Fix CVE-2023-52160 (Closes: #1064061):
     The implementation of PEAP in wpa_supplicant allows
     authentication bypass. For a successful attack,
     wpa_supplicant must be configured to not verify
     the network's TLS certificate during Phase 1
     authentication, and an eap_peap_decrypt vulnerability
     can then be abused to skip Phase 2 authentication.
     The attack vector is sending an EAP-TLV Success packet
     instead of starting Phase 2. This allows an adversary
     to impersonate Enterprise Wi-Fi networks.
Checksums-Sha1:
 bce82f4a6e5bc566ddcd79576257473e55f98752 2930368 eapoltest-dbgsym_2.9.0-21+deb11u1_i386.deb
 fb3642613466b2bd6a77c1ccc71516e03884daee 1119464 eapoltest_2.9.0-21+deb11u1_i386.deb
 73158abde65f3e985ed546a7d8564b67e1d43b7f 2148008 hostapd-dbgsym_2.9.0-21+deb11u1_i386.deb
 7fa4751ff5d9e2ae6b9df05bd2f7fb5837b8601b 888908 hostapd_2.9.0-21+deb11u1_i386.deb
 670247579f44080a884ade751d94d7708c4608f6 73396 libwpa-client-dev_2.9.0-21+deb11u1_i386.deb
 7c9a8dbcc5ad0a23dda83ff3f40d119f946bc393 15154 wpa_2.9.0-21+deb11u1_i386-buildd.buildinfo
 b4f61b2ecf57995e2d5ba86aa2a858e9e4d85fd0 1720184 wpagui-dbgsym_2.9.0-21+deb11u1_i386.deb
 0f19b387ec15c8f4b16fd2556a8de6a5c0b27f99 359500 wpagui_2.9.0-21+deb11u1_i386.deb
 b90c2803174982644c0f5fd347aefd17863f9502 3320160 wpasupplicant-dbgsym_2.9.0-21+deb11u1_i386.deb
 1e00e2bb3478ddab8ace31c87b7a61ff28c724cf 362640 wpasupplicant-udeb_2.9.0-21+deb11u1_i386.udeb
 e628d0f8b6b99068dc4be2be67d5e91ca10b93f4 1379560 wpasupplicant_2.9.0-21+deb11u1_i386.deb
Checksums-Sha256:
 705edde259f2cd20369f6b54908b2b927b33eab2c8e774e7229f862cb5c67c19 2930368 eapoltest-dbgsym_2.9.0-21+deb11u1_i386.deb
 bc4ed6e5d9b035d44fa0cf718040e2135e72e5d41ab2201370ddeed34b715156 1119464 eapoltest_2.9.0-21+deb11u1_i386.deb
 05006151f090d11de8bd0797c270d1a4022a13ae23a23121b5f29baff5677145 2148008 hostapd-dbgsym_2.9.0-21+deb11u1_i386.deb
 56a8bdb13f6df6a79f87bbf656a8ac60c7ab8ef0048475dba4cf66c3812be606 888908 hostapd_2.9.0-21+deb11u1_i386.deb
 f4e7aa9e9830c961bebf0dd062e6d1b56df9e3a94be701cfc6806e2cd49da889 73396 libwpa-client-dev_2.9.0-21+deb11u1_i386.deb
 fea2992d7e32ccaa2890b017978778c7ce6b84d82e1190b2fee94e3ef16ed002 15154 wpa_2.9.0-21+deb11u1_i386-buildd.buildinfo
 555def85f0a753501095f2333d6d1729369271b18c0c800db71602c6e75aff22 1720184 wpagui-dbgsym_2.9.0-21+deb11u1_i386.deb
 9b431fbdc2642982faf4a79f1ad4fa1b0ae2d716cb18741b199c8b8d216020b2 359500 wpagui_2.9.0-21+deb11u1_i386.deb
 f984961565a39b6cc5ac38b5e6efd08e8c0f2358da07865354959be5fe438137 3320160 wpasupplicant-dbgsym_2.9.0-21+deb11u1_i386.deb
 fbe702bd08514af18b0a8a740d8602114a99ce9d0d930b0eb253ef0838c3214c 362640 wpasupplicant-udeb_2.9.0-21+deb11u1_i386.udeb
 d9d30e8b3b31e20c4f1aad9a501b3e20746ec6ba5c82c3d420ee748a432985ca 1379560 wpasupplicant_2.9.0-21+deb11u1_i386.deb
Files:
 c0da89a8cab0f650c58ed00cd39b1869 2930368 debug optional eapoltest-dbgsym_2.9.0-21+deb11u1_i386.deb
 79e6605f1d98dad460e19c057cf509e7 1119464 net optional eapoltest_2.9.0-21+deb11u1_i386.deb
 fbf5b1f88734eef8999ef05129f12057 2148008 debug optional hostapd-dbgsym_2.9.0-21+deb11u1_i386.deb
 352f9cb95a6d880d888069fec2a5c4fc 888908 net optional hostapd_2.9.0-21+deb11u1_i386.deb
 aa5e7b3699e651bd3c71540cc2f0d627 73396 libdevel optional libwpa-client-dev_2.9.0-21+deb11u1_i386.deb
 db5dec23975db5023d568150da6871e6 15154 net optional wpa_2.9.0-21+deb11u1_i386-buildd.buildinfo
 29d8bc42cc215928805026c5305e3041 1720184 debug optional wpagui-dbgsym_2.9.0-21+deb11u1_i386.deb
 23b8419cf1a718778d627446239feda8 359500 net optional wpagui_2.9.0-21+deb11u1_i386.deb
 4107db97d1535696a55484615cb28c0c 3320160 debug optional wpasupplicant-dbgsym_2.9.0-21+deb11u1_i386.deb
 fff6d4b2eeb711a6cb553ee78ac5a4fc 362640 debian-installer standard wpasupplicant-udeb_2.9.0-21+deb11u1_i386.udeb
 62fce2bd0756f39997cbaee27371652a 1379560 net optional wpasupplicant_2.9.0-21+deb11u1_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEGBeuno8wiDXCewDuqqLQG5ksqMMFAmZ0gkYACgkQqqLQG5ks
qMMgdBAAsLxmYJ6ow/YDzTmp+EcNrLHSoLfjMtff0IUnJEr7jWRcJccOCK3E8Rlc
Mtb6/II9s3uQIHd7PiJ2j3+c488G8yE2xYw5aJCnfM+tZ+hGn8MfA4994haFfb+p
yJsHluHLGesjrE8NPn9Rp7MlCcymo+RxwX2sYVWaXIJmtq2RizQm8l6bTcZORC5h
70IAQq5qDc9Q1quVLBris3VgE8/opmC3r8Q18HeJuEtYk+0X8oGimQ+BQ7YbcYi8
WInFVYs0e8b2sJ9N6Rm42x9DqMjeDyQCD0H1HheNqeR/LH7X4JaUxMr/aZYFwhCE
QJs5Kk8F3OYgyeoMmvtf9wpNhh0mWKdbPrzMna00rGufCWYSDT2IA4qvHW2zAJ34
B0PpoJZgqCwiVjexV0ad80fZXvHV/PwK8KbvDVw5tI22HuHR571nN0kEN5qmJ66O
ZIZwDmlnBX45AbWGZpr2VF9kJiKwWqIRAD17aIGXhxdpKOI96M1PY6XCexJDuJ9f
8yKWbuziCmdtRWiL7Jw2Ka3TE/SvhSO69MV9SEcxaRopPxe+LB9byxVxYEtZ3z5k
2TqJgnf8GLcXAOvYoPMSTUHkFH8IFTF11FnG+kTPY1H9zR1r7rUqNo2VxyGo4aAl
opor9xbDrGjIuklOk2i3+Jjj75B3IUhdo4whpLPVIASrzldeXho=
=6TXi
-----END PGP SIGNATURE-----