-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 30 Apr 2024 22:45:18 +0000 Source: wpa Binary: eapoltest eapoltest-dbgsym hostapd hostapd-dbgsym libwpa-client-dev wpagui wpagui-dbgsym wpasupplicant wpasupplicant-dbgsym wpasupplicant-udeb Architecture: ppc64el Version: 2:2.10-12+deb12u1 Distribution: bookworm Urgency: high Maintainer: ppc64el Build Daemon (ppc64el-osuosl-01) Changed-By: Bastien Roucariès Description: eapoltest - EAPoL testing utility hostapd - access point and authentication server for Wi-Fi and Ethernet libwpa-client-dev - development files for WPA/WPA2 client support (IEEE 802.11i) wpagui - graphical user interface for wpa_supplicant wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i) wpasupplicant-udeb - client support for WPA and WPA2 (IEEE 802.11i) (udeb) Closes: 1064061 Changes: wpa (2:2.10-12+deb12u1) bookworm; urgency=high . * Non-maintainer upload on behalf of the Security Team. * Fix CVE-2023-52160 (Closes: #1064061): The implementation of PEAP in wpa_supplicant allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks. Checksums-Sha1: b4d43d80bc62d25f12e34737ff073da97844a05f 4114192 eapoltest-dbgsym_2.10-12+deb12u1_ppc64el.deb d080a2ed74fc2ee97fe95049a5707d7554391a99 1208484 eapoltest_2.10-12+deb12u1_ppc64el.deb d4969ec2438be8981bf1737d18f18637d7d77586 2831300 hostapd-dbgsym_2.10-12+deb12u1_ppc64el.deb dbdbbc59e363bf8db9810e114caf17685584ebd7 895596 hostapd_2.10-12+deb12u1_ppc64el.deb 6aa9ce5269b718cc0fae8278c035631309cfbdb0 37484 libwpa-client-dev_2.10-12+deb12u1_ppc64el.deb 8af2e3e9b93a10e9d19b657eb94cc00dc57c69b8 15004 wpa_2.10-12+deb12u1_ppc64el-buildd.buildinfo 6d0e09c7b0aeb1e18e6dabd0e4f2becc4620b167 2255512 wpagui-dbgsym_2.10-12+deb12u1_ppc64el.deb cdde7a17cb2dce8c807842090a5620670b523188 314384 wpagui_2.10-12+deb12u1_ppc64el.deb 195170ffe79a17a5fdbeaff77767f56d176dae8a 4633328 wpasupplicant-dbgsym_2.10-12+deb12u1_ppc64el.deb a45780111aecb25ca7a8254f6fa93b51bc9aabc4 399600 wpasupplicant-udeb_2.10-12+deb12u1_ppc64el.udeb f38626712f0a2e20fb1fb73720a83bd5105a1c73 1484000 wpasupplicant_2.10-12+deb12u1_ppc64el.deb Checksums-Sha256: 2ae3b2970982df067643d9db6f246c93aced23e8516495d545718507e1be2326 4114192 eapoltest-dbgsym_2.10-12+deb12u1_ppc64el.deb 4d3010235bff1565346f3c50868d14f6ac2899bc17e80a9eff154553ab14bbb5 1208484 eapoltest_2.10-12+deb12u1_ppc64el.deb 6d69c6e69b655b137e0492c9c485a6655c28669bea84e9585262a87f3a591b33 2831300 hostapd-dbgsym_2.10-12+deb12u1_ppc64el.deb 95ba399edd410ba1729b4c0b82aa5550b5afe78e0dd68d3f2ec1a6ed4cf486d2 895596 hostapd_2.10-12+deb12u1_ppc64el.deb 6b77acc66f9fa1fa420ba77a82102f06ff97a5029733e2f47e78edcb1f10f12a 37484 libwpa-client-dev_2.10-12+deb12u1_ppc64el.deb e48f57014b0d6b569b10004d9e6cfb214178929b0d33aa45a1b9eb00f29afd5b 15004 wpa_2.10-12+deb12u1_ppc64el-buildd.buildinfo b64b276c10b46f468a0367337c8bc2018d4a44c5706202722053ff0d5cccc5a0 2255512 wpagui-dbgsym_2.10-12+deb12u1_ppc64el.deb 0eca1b3cb56ea3a125bb450058b48966a178d208cf79d1d288d22f2eca534a9b 314384 wpagui_2.10-12+deb12u1_ppc64el.deb 6e6ef0dbe5ee99ef9879f6b0801b4205747e2c1f2237efa8225134a544f9af80 4633328 wpasupplicant-dbgsym_2.10-12+deb12u1_ppc64el.deb cad413381cb7f616228ab92122a2e755f2fbcd6d17598368c30768c05c1ce899 399600 wpasupplicant-udeb_2.10-12+deb12u1_ppc64el.udeb 16155778c27ff18fa416770c6298a09bb0240905f0e01ac54942bbc573a26fdc 1484000 wpasupplicant_2.10-12+deb12u1_ppc64el.deb Files: 7b48e0e5685bd0ae057a21d966bd0279 4114192 debug optional eapoltest-dbgsym_2.10-12+deb12u1_ppc64el.deb b3a24b12b78467cf53457dbe2b9d4a5b 1208484 net optional eapoltest_2.10-12+deb12u1_ppc64el.deb 655c7ab54d1de4c5ded61ad31023844f 2831300 debug optional hostapd-dbgsym_2.10-12+deb12u1_ppc64el.deb 3ca20b59d1860c79d6d678bc262031b3 895596 net optional hostapd_2.10-12+deb12u1_ppc64el.deb 1f99d1e097c4f23e3f97cf6e362d09f5 37484 libdevel optional libwpa-client-dev_2.10-12+deb12u1_ppc64el.deb 1793a39b671730989bdccabb904d31b1 15004 net optional wpa_2.10-12+deb12u1_ppc64el-buildd.buildinfo ebd0493ea5b55e6ade2cc13ee99c1031 2255512 debug optional wpagui-dbgsym_2.10-12+deb12u1_ppc64el.deb c5024f54f76aa0bea9d88ef77cd349e3 314384 net optional wpagui_2.10-12+deb12u1_ppc64el.deb ce390b38737747140e4d010a72e09d1e 4633328 debug optional wpasupplicant-dbgsym_2.10-12+deb12u1_ppc64el.deb f865b6e99c4ca6bc1b13793856310006 399600 debian-installer standard wpasupplicant-udeb_2.10-12+deb12u1_ppc64el.udeb 69d0ee6e532c7103586798ed4450a9f3 1484000 net optional wpasupplicant_2.10-12+deb12u1_ppc64el.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE5v3ycPFoB5xoBEprvMjydu+xvRMFAmZ0fMMACgkQvMjydu+x vRNf9xAAgwh8Gyf/6ClZqLI7Pm74SSV0hfWxrmWs/teh6Z8vQXXAvUEbPfQO6BpZ YZTOtrkJlJ+NQ/9cNvL5VdQyW88kziozJKZH3CJY3BQvcWsczdZQEN2vqBmHmCn+ 3G9WjClAP4hQR36+ZQ3+C+uf2e1eNqyycYOEY5/KQBbK0EMbqoQbsd77hMifql9n DImaFuO7Jxhr/aH3nyBzQhqe8iDGmJqE6PdcM2vqTnV4vaZCGfvkPbSHMq7wLigE oIt31ixOcr6Cq4ySb5PdsD7nqMbQrNXw8z34TPqomgO/v2or/qiAO7f+lPsLZ55i 99ZK0YMHSJo5CcckBefQ2ZTpYmaEGZdRJMpKImAuUpbWz5UJeFfAxwZ/OZWC61Bz xCn7usPOyDwyTfxqtjnqnig9QWT9HxZ1+vHud3l/BXbviec6HpynsfDS5YBpiMbd cKlCO1eFg2PTzwFgDSXy4m5IR85Q6Nk1UHsFfLUk2mlGxr1mLS5Gh0XruU14r6FT eAx9u8LNLIm7bEFplDbGvEHr2U54gAG/eGLN6qfbOXFsSgycmy7W1v97UhTD6OHp vVcCVSCEk26e6wzzIbS8R+4PSN6BTalBA0BRz6nEaR+zeS8ZBxWjlmDt9RIVm0E8 oGWrnzvrF+vJ6aLq2Jlm/o+UAcRuS2MjLFLBcTgBX0THQ+2lWWc= =DfVF -----END PGP SIGNATURE-----