-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 30 Apr 2024 22:45:18 +0000 Source: wpa Binary: eapoltest eapoltest-dbgsym hostapd hostapd-dbgsym libwpa-client-dev wpagui wpagui-dbgsym wpasupplicant wpasupplicant-dbgsym wpasupplicant-udeb Architecture: s390x Version: 2:2.9.0-21+deb11u1 Distribution: bullseye Urgency: high Maintainer: s390x Build Daemon (zani) Changed-By: Bastien Roucariès Description: eapoltest - EAPoL testing utility hostapd - access point and authentication server for Wi-Fi and Ethernet libwpa-client-dev - development files for WPA/WPA2 client support (IEEE 802.11i) wpagui - graphical user interface for wpa_supplicant wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i) wpasupplicant-udeb - client support for WPA and WPA2 (IEEE 802.11i) (udeb) Closes: 1064061 Changes: wpa (2:2.9.0-21+deb11u1) bullseye; urgency=high . * Non-maintainer upload on behalf of the Security Team. * Fix CVE-2023-52160 (Closes: #1064061): The implementation of PEAP in wpa_supplicant allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks. Checksums-Sha1: 6f848d27a1d6e4c5b20c887f920a28252c5bdcee 3511372 eapoltest-dbgsym_2.9.0-21+deb11u1_s390x.deb 06a5a9fb2bc07b0c4c2db421eefd87ff09cb1c66 901064 eapoltest_2.9.0-21+deb11u1_s390x.deb 51f70195a9d71cb29ba27a9a3543090794f3d869 2548476 hostapd-dbgsym_2.9.0-21+deb11u1_s390x.deb 489f1f4316a797d17e830d0ec088778a84b3f16e 728868 hostapd_2.9.0-21+deb11u1_s390x.deb d5e2cc4e1431f873ee8a5d6b33e6f7dd1f4afaa4 70972 libwpa-client-dev_2.9.0-21+deb11u1_s390x.deb db1caf494b36c43f1839366c4ab26da7812d9634 15065 wpa_2.9.0-21+deb11u1_s390x-buildd.buildinfo e11e12677ab7dbdb7b143ed499d9f7d626bbc0ef 1756944 wpagui-dbgsym_2.9.0-21+deb11u1_s390x.deb 6cd3f534f521a29995012b7af31d56ec8bba88cd 338984 wpagui_2.9.0-21+deb11u1_s390x.deb 29de194dd4d27947279c6dca9d4b95cda6249328 3981344 wpasupplicant-dbgsym_2.9.0-21+deb11u1_s390x.deb 618b26be5975c324590692a559027089c8b627c8 292320 wpasupplicant-udeb_2.9.0-21+deb11u1_s390x.udeb 4d4888eef6c345d03a0cdf79960a0722b477911f 1139376 wpasupplicant_2.9.0-21+deb11u1_s390x.deb Checksums-Sha256: d25483b8fff2ef506a215fd2eb1652fb3fea0153990f8337e4b8eda455634034 3511372 eapoltest-dbgsym_2.9.0-21+deb11u1_s390x.deb 56c5f517b7e899be937e9db7f9f3d26d7621a1caf8a1a4953abe1c130ac130d8 901064 eapoltest_2.9.0-21+deb11u1_s390x.deb 3a41b69a24a42ac8483cc86b73c4ed49221aef24b182c19170d6c0df0451f977 2548476 hostapd-dbgsym_2.9.0-21+deb11u1_s390x.deb c5fcd306e60e9ce88ad79ad88ae7c0d7dfff567163a8687eaee26faad028c140 728868 hostapd_2.9.0-21+deb11u1_s390x.deb f8e979e0d43e50e242fb7f71dcf3562067de3631c15cc68fa7ea255d1633b869 70972 libwpa-client-dev_2.9.0-21+deb11u1_s390x.deb f0d42b42a3b6c71c2cd6aedcac6b544e7b0d7ad40ec1e0ebcabea566e83b6b8a 15065 wpa_2.9.0-21+deb11u1_s390x-buildd.buildinfo 77fb6316d8e08509b23322ce19eb902230d02ef8e06f0cbe2ae25724cacb6dc1 1756944 wpagui-dbgsym_2.9.0-21+deb11u1_s390x.deb 92f16d99d76b410435bf3aaa20361ff7ca7221faba7210931d9392709b15ad0d 338984 wpagui_2.9.0-21+deb11u1_s390x.deb 59a257392d60a50fc4f46b5132f27682e2d22193ee0488a47a31d0824312ad8a 3981344 wpasupplicant-dbgsym_2.9.0-21+deb11u1_s390x.deb ec6617b9a04b8ace910dd8ecf94a5130644badd5d59b067c0c13a685d2b536b3 292320 wpasupplicant-udeb_2.9.0-21+deb11u1_s390x.udeb 813bc605fcdf755d46eef11cd22b849e000b02c86680a45dad7da9af0bb82ea6 1139376 wpasupplicant_2.9.0-21+deb11u1_s390x.deb Files: b29d757142bfa9d1c3aa9a1d3124c30d 3511372 debug optional eapoltest-dbgsym_2.9.0-21+deb11u1_s390x.deb e0bf4ab99d347dc3bfcab7d26062d83f 901064 net optional eapoltest_2.9.0-21+deb11u1_s390x.deb 858da028048ec74d1328e5ea14a3d898 2548476 debug optional hostapd-dbgsym_2.9.0-21+deb11u1_s390x.deb ef3de970a1f01e6901f1c40b39893adf 728868 net optional hostapd_2.9.0-21+deb11u1_s390x.deb bd47adc5a334c66fa719c4a0117927d0 70972 libdevel optional libwpa-client-dev_2.9.0-21+deb11u1_s390x.deb 733cd788f35020a72ad84633d05b1ed8 15065 net optional wpa_2.9.0-21+deb11u1_s390x-buildd.buildinfo 4fc7bd51e1bf6ada13453755816fa1a5 1756944 debug optional wpagui-dbgsym_2.9.0-21+deb11u1_s390x.deb a6924df244ddb9d6158505245ed4527b 338984 net optional wpagui_2.9.0-21+deb11u1_s390x.deb 4b4243d2e467a26395bac71ea343809f 3981344 debug optional wpasupplicant-dbgsym_2.9.0-21+deb11u1_s390x.deb 0216dc3df035c5bb29820a25fadfd9a7 292320 debian-installer standard wpasupplicant-udeb_2.9.0-21+deb11u1_s390x.udeb e0d37858346775fe2b0e684230f957e4 1139376 net optional wpasupplicant_2.9.0-21+deb11u1_s390x.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEETdQgQHyJW2hcXsTC6b+AMjGgQHgFAmZ0gkQACgkQ6b+AMjGg QHj2JBAAkH4hyIb/z79I1Tv1c6EHndeRqeuoRb+fgFztpMSc/RXjDNni7HJFcNkz nfBEJ1D/Z5gchkCMqvow2stiLJ9goq2dgvjE3KLB4Fc83kzz8+2J5IgyPIDh/Foy Hdi4H6yrwEC8u6kKooPCgyA/CPDnZ0jozY2SNuRojT6aGJNfRjKKNNwjVLwBZNoG zNBQ5NSe0ymM+XcWGJ7+UejGYhVadQSmnNv/5o+u+5sRl7bc9rxcITJf0clucR2B pFApCC9a0MpZV+e4jMKHW1QwWPTTh1D/Vmy/fepMWRqeWC47uwr9RAaw5sO9Q4ML 1zNb1rcIq67Hhc2l3D2XMvVUQofecIkRGg1rvph5yEZcNVlYYcfIApaUTmVVUGKq ZOnnyKceuttd19wEf6fp6hWYVocjRVSkOGY67X6TMqyaBiyWc83ag0doO06jIGow SGkuPHhmjnWDaQogUS+qQT9mZyO95yVsjoB4tnSrgU2uDvoFIXG9rBWIeReJPKbT OJqPUwYJ9AEMpAk8H+89QIN1QJa5YVT9K4cEon1nhHehf4alSqvIk4zxChU/4pFV pzCJYi650m/CSeEqbi4E6uCKPrkpbQ0yn5Vayt8igFII/HUObNfWhATKzV1X9L0b fW4zq177kEF69uy/PNIXw6eJDz6MKldqYURhaM+MUYsODuOnSus= =ldDe -----END PGP SIGNATURE-----