-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 30 Apr 2024 22:45:18 +0000 Source: wpa Binary: eapoltest eapoltest-dbgsym hostapd hostapd-dbgsym libwpa-client-dev wpagui wpagui-dbgsym wpasupplicant wpasupplicant-dbgsym wpasupplicant-udeb Architecture: mips64el Version: 2:2.10-12+deb12u1 Distribution: bookworm Urgency: high Maintainer: mipsel Build Daemon (mipsel-osuosl-05) Changed-By: Bastien Roucariès Description: eapoltest - EAPoL testing utility hostapd - access point and authentication server for Wi-Fi and Ethernet libwpa-client-dev - development files for WPA/WPA2 client support (IEEE 802.11i) wpagui - graphical user interface for wpa_supplicant wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i) wpasupplicant-udeb - client support for WPA and WPA2 (IEEE 802.11i) (udeb) Closes: 1064061 Changes: wpa (2:2.10-12+deb12u1) bookworm; urgency=high . * Non-maintainer upload on behalf of the Security Team. * Fix CVE-2023-52160 (Closes: #1064061): The implementation of PEAP in wpa_supplicant allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks. Checksums-Sha1: 928917a3eb4d4759f29c7aff10fff12e27847e68 4210420 eapoltest-dbgsym_2.10-12+deb12u1_mips64el.deb d59d962a8bd8d620a4248a6ab89f321b356602e4 1031164 eapoltest_2.10-12+deb12u1_mips64el.deb 2c842256bf644a5a020f08a48647c389c9e9459b 2890308 hostapd-dbgsym_2.10-12+deb12u1_mips64el.deb eea3ff30922da31070bfa4597030cfc825042a0e 791920 hostapd_2.10-12+deb12u1_mips64el.deb df45bd33a58edc09321226e20f29f60740bb2655 34996 libwpa-client-dev_2.10-12+deb12u1_mips64el.deb 8a3cc0136e16034f87b6728df6cc5b0c418cee39 14881 wpa_2.10-12+deb12u1_mips64el-buildd.buildinfo e5fc537aaf4322de609b1de92b046cbde0a287a3 2280504 wpagui-dbgsym_2.10-12+deb12u1_mips64el.deb 06c0449df262a33918c37587c5b819df0bc4326d 303308 wpagui_2.10-12+deb12u1_mips64el.deb 5121951b65e5f5abffbc67afe174b35bbe208275 4743988 wpasupplicant-dbgsym_2.10-12+deb12u1_mips64el.deb 2c0da6d69fd93450cf331ec1424f73ef75d03089 340840 wpasupplicant-udeb_2.10-12+deb12u1_mips64el.udeb da0d08aa604784fe7686ef3d078f1f7500fae47f 1283392 wpasupplicant_2.10-12+deb12u1_mips64el.deb Checksums-Sha256: 04e8000db57bedf5234cbd073e8b3c366adf791bc150b4307f2ddaf70d8d5ea6 4210420 eapoltest-dbgsym_2.10-12+deb12u1_mips64el.deb 4549e6823924025182912733d9aa253ae896acaf99aca5495dbfe5a11424aa4e 1031164 eapoltest_2.10-12+deb12u1_mips64el.deb 783a6ebb6275995eec2618daae385a51cc15431ecde9b8f447d421c24769f48d 2890308 hostapd-dbgsym_2.10-12+deb12u1_mips64el.deb ebcde10ae4c46a631257662b24a1c56eed3d9c16311aee4e8e72a49984cbefeb 791920 hostapd_2.10-12+deb12u1_mips64el.deb a788124091795b82581f254ab66ba623b7992b5974418c524ffbc0fbb878e2d8 34996 libwpa-client-dev_2.10-12+deb12u1_mips64el.deb 060dd43916a655da9a70dc9360c57d4d4148a360990d81e0cfcfc63947f82109 14881 wpa_2.10-12+deb12u1_mips64el-buildd.buildinfo 1e5510642c6f7f7d31c9208e0b225bb93aa8235134f353e3e0658a7d5d57b6f9 2280504 wpagui-dbgsym_2.10-12+deb12u1_mips64el.deb 371f8fbb58a589979d2b8a5505ef095ad7dbbedf4b3786caa5e3b450d96aad76 303308 wpagui_2.10-12+deb12u1_mips64el.deb deef5a9c4fdab96d582abb5c6d75b4742bf7295424325c843a24847cc7d37fd5 4743988 wpasupplicant-dbgsym_2.10-12+deb12u1_mips64el.deb b6291cd7e05ac8e3f3fe048351786341c35be442049d12ebb317651df5fdacc4 340840 wpasupplicant-udeb_2.10-12+deb12u1_mips64el.udeb 993a80605a596f086f15f00b6a92a08c3a6283f11ab65b9c14cc922e54a77b94 1283392 wpasupplicant_2.10-12+deb12u1_mips64el.deb Files: efe119bafbf73df65bb8d7d3c61f1d01 4210420 debug optional eapoltest-dbgsym_2.10-12+deb12u1_mips64el.deb 07acc376834273f4469a71db27ea45fc 1031164 net optional eapoltest_2.10-12+deb12u1_mips64el.deb e19bfdd1b9005fe1d3ae402a849ad60d 2890308 debug optional hostapd-dbgsym_2.10-12+deb12u1_mips64el.deb 8df2e3715eb307364bd691fbb7815b6c 791920 net optional hostapd_2.10-12+deb12u1_mips64el.deb c846545ffbb2550ba54e82e0178a49c3 34996 libdevel optional libwpa-client-dev_2.10-12+deb12u1_mips64el.deb 7eaa439c67804065be84c96b67dfd88e 14881 net optional wpa_2.10-12+deb12u1_mips64el-buildd.buildinfo 7408ab74e7e8d6669c268d50c195873a 2280504 debug optional wpagui-dbgsym_2.10-12+deb12u1_mips64el.deb af85fa675a905a7995f2a1d9d66581b2 303308 net optional wpagui_2.10-12+deb12u1_mips64el.deb a2930945c9cd1ec067645c9f4aa130f6 4743988 debug optional wpasupplicant-dbgsym_2.10-12+deb12u1_mips64el.deb c3f0e2563287197561c69623f1f03b85 340840 debian-installer standard wpasupplicant-udeb_2.10-12+deb12u1_mips64el.udeb fe560a3d15ea09cbd0361a3e99e1374c 1283392 net optional wpasupplicant_2.10-12+deb12u1_mips64el.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEuQAPGkYIXAAfq7z1C2Vm2FYVKKAFAmZ0hmkACgkQC2Vm2FYV KKBmwRAAwrnZg0+PfzQlFhGuLAi6T1HC9ZJj3HHN20XwMY/wq/WQP/6faCPH7zQY q14xEckGmd3ur/sMs0+fVEToh/ATrBsUsD21BWvqHd2waFtzDL5CNQqBMHEHEgBZ Y/0qmZUJEqYS9Ocn2iMxzUtQbC33Z3hJm4JkWPC/xAhqb7kwUU28fPUvzm/Esb5m 4MDkn6quAXYrhRZkOeBDcp/OyqECd9iloaQ2yKK+vCIjZiLVIK7eS4aLU1bJciZC O9kTtA8tCDDJFji8kPiUiydrj8fOTOBs7E++1+jeGxNaLtAHBpJaaptZ+hZ0gsOe XRyJCq+ozBqmT+qu/grbYRw3mn+YFwDcYscSJfhTaSY5PWAvKiy4HoJEKTbC7KTa 4wLQQsAqEVIhIYpMJ7O2AGomHRJFsJFLpY6sV9jJkkMLT41SZxqmKOOYwpTM3Y20 TepgEXoMKb7oZYkjGxVW0WPhxnggSo00uhs4IG0UOTy6dAjVtbE1sjpHBiIVAw4o PcWpihctV3LuZx3EiiniqTlzMwmo81PdJALKFV82Qoz78N/Nfge3pRZNt8qJUaB9 XILG9YyCN8urNA5vm/2izQR+akzCDsOocc/BGASi40Sb9mYWLtiO6hV6WyRt3ZjB /wBr5vbClAoP9boM5LEVEe/iZUry03Z/MZF37kCwvLAnFS4c9Rg= =9Le+ -----END PGP SIGNATURE-----