-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 30 Apr 2024 22:45:18 +0000 Source: wpa Binary: eapoltest eapoltest-dbgsym hostapd hostapd-dbgsym libwpa-client-dev wpagui wpagui-dbgsym wpasupplicant wpasupplicant-dbgsym wpasupplicant-udeb Architecture: ppc64el Version: 2:2.9.0-21+deb11u1 Distribution: bullseye Urgency: high Maintainer: ppc64el Build Daemon (ppc64el-conova-02) Changed-By: Bastien Roucariès Description: eapoltest - EAPoL testing utility hostapd - access point and authentication server for Wi-Fi and Ethernet libwpa-client-dev - development files for WPA/WPA2 client support (IEEE 802.11i) wpagui - graphical user interface for wpa_supplicant wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i) wpasupplicant-udeb - client support for WPA and WPA2 (IEEE 802.11i) (udeb) Closes: 1064061 Changes: wpa (2:2.9.0-21+deb11u1) bullseye; urgency=high . * Non-maintainer upload on behalf of the Security Team. * Fix CVE-2023-52160 (Closes: #1064061): The implementation of PEAP in wpa_supplicant allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks. Checksums-Sha1: af4e8b25db5697bee51e794ded9cbec9c4cde448 3517920 eapoltest-dbgsym_2.9.0-21+deb11u1_ppc64el.deb 165e75651471591c1d471ad1efb189f141042837 1090948 eapoltest_2.9.0-21+deb11u1_ppc64el.deb ddcade35fd1d71a920dd501b51ada618aba379a1 2557616 hostapd-dbgsym_2.9.0-21+deb11u1_ppc64el.deb 93221a5f80ed6e3cdf826ad0331b69c80db8bd1c 850808 hostapd_2.9.0-21+deb11u1_ppc64el.deb 5a5a01cea6c808985dc85da0db6e18fa300b0148 75520 libwpa-client-dev_2.9.0-21+deb11u1_ppc64el.deb ad14ff673522b5ffd79d5b43f9cd7e814a66797a 15198 wpa_2.9.0-21+deb11u1_ppc64el-buildd.buildinfo 1aab6b22235639948aed26976d4d387e95f070a3 1751280 wpagui-dbgsym_2.9.0-21+deb11u1_ppc64el.deb da532a9aba2c7ba9a92525475cdb7247667e1313 350052 wpagui_2.9.0-21+deb11u1_ppc64el.deb 09e9750afe4d29918ec75405e7c059f4abb14314 3993780 wpasupplicant-dbgsym_2.9.0-21+deb11u1_ppc64el.deb f5c258e5b69e406c2782f6b7a60c67c43111f343 357408 wpasupplicant-udeb_2.9.0-21+deb11u1_ppc64el.udeb 4c1e576f08a7bb4ccee5c126a791cbe820271691 1348940 wpasupplicant_2.9.0-21+deb11u1_ppc64el.deb Checksums-Sha256: aa88c4196444b409fbde824dde5df4bcb7ea7771c33a7c97f820a78bbcfde1dd 3517920 eapoltest-dbgsym_2.9.0-21+deb11u1_ppc64el.deb c128dee1ab7a1728809743854296d73f2de06f6bdad9d2a639d9e90ee7113686 1090948 eapoltest_2.9.0-21+deb11u1_ppc64el.deb 52657367647a207f2221ae45bd95adf05b5e01b9f698d6dabf0e6123cb7442f3 2557616 hostapd-dbgsym_2.9.0-21+deb11u1_ppc64el.deb c79fdb7c67d9e2b82a0490ef774f6b6d274e2a9a9ce5d82d5e5997fcba765937 850808 hostapd_2.9.0-21+deb11u1_ppc64el.deb 03aec899953e2bc29995f7dd7554b7a4ec877dc28b1e45ea4f0dc40f08802b5b 75520 libwpa-client-dev_2.9.0-21+deb11u1_ppc64el.deb 0ac752419bd896e05a56d4addd7634a2c9bdc7a18cd860416f7f879fdb2d8c7b 15198 wpa_2.9.0-21+deb11u1_ppc64el-buildd.buildinfo 038fe9e0385c803e5e48b900238b785c46e906788aa3d7ed4b4592374ebaf3e9 1751280 wpagui-dbgsym_2.9.0-21+deb11u1_ppc64el.deb 525cbcbdf599d34c6cedecd35bbefd5826b8bb63c62a10041cd936fcd31c6fbd 350052 wpagui_2.9.0-21+deb11u1_ppc64el.deb f5ea81127c535c4d95200ec30065a6899abca27bd398ca7aa8676d7aae2f6869 3993780 wpasupplicant-dbgsym_2.9.0-21+deb11u1_ppc64el.deb d37e9cabef726d92a95f4e676a19b6c6fd6cb064f2e918011c2e2aab8df1fcf1 357408 wpasupplicant-udeb_2.9.0-21+deb11u1_ppc64el.udeb 5f2588aa5e8ef64016b0c139103579f7939ab5cff805183fde80fb25116a9f29 1348940 wpasupplicant_2.9.0-21+deb11u1_ppc64el.deb Files: 57102bda95c3c4530fb893d2ca69828f 3517920 debug optional eapoltest-dbgsym_2.9.0-21+deb11u1_ppc64el.deb f3dd9a1c1de5be3cae438520583db81b 1090948 net optional eapoltest_2.9.0-21+deb11u1_ppc64el.deb ad30179c098e56d9c0d990fa02ddf4cf 2557616 debug optional hostapd-dbgsym_2.9.0-21+deb11u1_ppc64el.deb 51f7eab9a5725e0c3b87fbce50857bfc 850808 net optional hostapd_2.9.0-21+deb11u1_ppc64el.deb 170cf01a3080e355256e2e14ed77574d 75520 libdevel optional libwpa-client-dev_2.9.0-21+deb11u1_ppc64el.deb 92cc2540c3f956087707c53c852fe8ca 15198 net optional wpa_2.9.0-21+deb11u1_ppc64el-buildd.buildinfo 8c37f00b1f041d189572882e8b3075cb 1751280 debug optional wpagui-dbgsym_2.9.0-21+deb11u1_ppc64el.deb b7fed459d6735d6d01faec57dfbb6aa6 350052 net optional wpagui_2.9.0-21+deb11u1_ppc64el.deb a7911fafb838db3cccb44ddc404f4c6c 3993780 debug optional wpasupplicant-dbgsym_2.9.0-21+deb11u1_ppc64el.deb b3cacbd24b75e17e10a4d807381581c5 357408 debian-installer standard wpasupplicant-udeb_2.9.0-21+deb11u1_ppc64el.udeb cf6d79f038e8276a84ab6314dc7fdf1c 1348940 net optional wpasupplicant_2.9.0-21+deb11u1_ppc64el.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEmyxOicioak1AZZAyyPVDLEOGa2QFAmZ0gYgACgkQyPVDLEOG a2SI+RAAkKWANoyPfTeHUUPYhEN1CxuOk/WlIQS54HGJyUm8CQarGnieZWnKqmT4 oPiJdCx/zDcwF6LnOfIOjTQT4yUp0E7syXPyuWjb9UZbQASififBv3CnpBNi/Ynm FWQEsnCSLOEhdTMJLYKc1/tRmC45EbnO+m7s93oZb3sRDVUKXeS4P1OZA2a1U0wD dhj18JNjRcLGaumHrN4hSGSqJt3OZtxlcdrlTerZC6hOQh1QHULyOkfjNNdGfqrs fQ8pSnxZrB64hHWdfmdYe2VKcrUZrr6HILkIHKwJey+p3TzpFzlPbGu3ORd5tTc2 KJmWqfKA5BEdcOR8iMtVEJ9yNyEkjODHHfxWRmhnv0IIBDrYsIRG2obbG0IDA+XU uVrnKhKCu5BhJwS+vaTTj7FxJyWityaeNumi0aLnHuRlc036l7tS+4/ftXNqmQM6 Ym8R1CD82eWs+QfQH1uXzM64HcOCyQeWCmxErcFmSxTSiORbk4SalCVDgM3OhPYW RhyDXa0kNSu9SLGWEoyPPMvcoLkwcWhVxGe/X4SvHr95oenN5Ql7EClGSoq4rhWi yJzFV/jCNV/0IFkzdhpJU5xklt/w9zXipvPMh540ToaKOhRk7uWmkr4WHIVq4Lk2 G35IkThpf1e2hSAi/vJ5NTA6Il5gYsanOVjNerDGCsYhYN/Lx6w= =ffrv -----END PGP SIGNATURE-----