-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 30 Apr 2024 22:45:18 +0000 Source: wpa Binary: eapoltest eapoltest-dbgsym hostapd hostapd-dbgsym libwpa-client-dev wpagui wpagui-dbgsym wpasupplicant wpasupplicant-dbgsym wpasupplicant-udeb Architecture: amd64 Version: 2:2.9.0-21+deb11u1 Distribution: bullseye Urgency: high Maintainer: amd64 Build Daemon (x86-grnet-03) Changed-By: Bastien Roucariès Description: eapoltest - EAPoL testing utility hostapd - access point and authentication server for Wi-Fi and Ethernet libwpa-client-dev - development files for WPA/WPA2 client support (IEEE 802.11i) wpagui - graphical user interface for wpa_supplicant wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i) wpasupplicant-udeb - client support for WPA and WPA2 (IEEE 802.11i) (udeb) Closes: 1064061 Changes: wpa (2:2.9.0-21+deb11u1) bullseye; urgency=high . * Non-maintainer upload on behalf of the Security Team. * Fix CVE-2023-52160 (Closes: #1064061): The implementation of PEAP in wpa_supplicant allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks. Checksums-Sha1: 1ca98775348c2f7f106e15af073f85c02a1ad4f0 3480604 eapoltest-dbgsym_2.9.0-21+deb11u1_amd64.deb 5dd3b104ebbb99992ce921b5e3b553f4c894ec35 1034356 eapoltest_2.9.0-21+deb11u1_amd64.deb ada51c8808a34719dbcf80b3cc17786c4c270a9f 2516212 hostapd-dbgsym_2.9.0-21+deb11u1_amd64.deb 2f362b7e9cdc52251949771b88ff32d6593bb2b3 821916 hostapd_2.9.0-21+deb11u1_amd64.deb 0bf62c43e9dea98b0d09041f38b24774366e2e3d 71564 libwpa-client-dev_2.9.0-21+deb11u1_amd64.deb 6c84fc33b2d441a87df3143c8c1d29762de14e13 15239 wpa_2.9.0-21+deb11u1_amd64-buildd.buildinfo 1692926460155592d0ad4ce7c5d9628ca736aed6 1776568 wpagui-dbgsym_2.9.0-21+deb11u1_amd64.deb 94e2431ae7df6b7cbc204efa3241fbf55b189e1a 352088 wpagui_2.9.0-21+deb11u1_amd64.deb 69cac68baa90d957b71f6582ce06786898d95053 3945448 wpasupplicant-dbgsym_2.9.0-21+deb11u1_amd64.deb e090c4785b1e129dca1c9d4dbe58d9cb8b47dd88 333524 wpasupplicant-udeb_2.9.0-21+deb11u1_amd64.udeb 02f53333d563d6b718eaa966848160570f41962f 1284948 wpasupplicant_2.9.0-21+deb11u1_amd64.deb Checksums-Sha256: db2e4c17b76fa0733a81ac4ed321a7e46e6280e5c18403c306bc9388b7969d22 3480604 eapoltest-dbgsym_2.9.0-21+deb11u1_amd64.deb cc4c8af810404231edd3d415f6cc65d12b67acd95adf6bfcd0e39eb923db2869 1034356 eapoltest_2.9.0-21+deb11u1_amd64.deb 6d370a2512c431a60d357da9fd544c098071656563d4e64e63f31ded08f583b3 2516212 hostapd-dbgsym_2.9.0-21+deb11u1_amd64.deb 024b9ed8c20c1fecbe82da586bac806e5a1a0c025ec964c4844f1744c77dfe4a 821916 hostapd_2.9.0-21+deb11u1_amd64.deb aa1c3e6c4e1aa078ae419972c28ae0d315a8bf9b3d7592059056fbe20702c034 71564 libwpa-client-dev_2.9.0-21+deb11u1_amd64.deb 54ca10ba3a3a659545e56db3726a276d15f301295ce781959709a9f11f47974d 15239 wpa_2.9.0-21+deb11u1_amd64-buildd.buildinfo 4cfdf26385ef33448bf8fd7d252fcdc19b726ca553723e0f6664d8392ee74084 1776568 wpagui-dbgsym_2.9.0-21+deb11u1_amd64.deb 97234a7131cec4ccb43003bbd129b0850015dec3ccb9f6c62ac673e1d10c8fd6 352088 wpagui_2.9.0-21+deb11u1_amd64.deb f518b8c7d64341c159ebbbb1dba56587600988abbe7744438501cfef0405ab9d 3945448 wpasupplicant-dbgsym_2.9.0-21+deb11u1_amd64.deb 200ae2c22decc6457b22f3977f51025c29aa36eb96b0c4fc72cc9b14a29a3540 333524 wpasupplicant-udeb_2.9.0-21+deb11u1_amd64.udeb ae380466aeaa4bc932f1bd275361f8c4b42d1c8eef01875e5803f8e59c69f923 1284948 wpasupplicant_2.9.0-21+deb11u1_amd64.deb Files: ea4aa08bf367266d9e357da4be4b4d67 3480604 debug optional eapoltest-dbgsym_2.9.0-21+deb11u1_amd64.deb 63a7b1844b576f054480c62f912f73a4 1034356 net optional eapoltest_2.9.0-21+deb11u1_amd64.deb ec6081db0ee1b64597b6d5d2fbd2914d 2516212 debug optional hostapd-dbgsym_2.9.0-21+deb11u1_amd64.deb 7a75a2cc6ddfa3fcfb78c927c990cb72 821916 net optional hostapd_2.9.0-21+deb11u1_amd64.deb 9bcf268ebf812ce02e5e73141b371eee 71564 libdevel optional libwpa-client-dev_2.9.0-21+deb11u1_amd64.deb 69465dea158048d3a55c4e0be2c07c8e 15239 net optional wpa_2.9.0-21+deb11u1_amd64-buildd.buildinfo 2246f4d526ca48fbe10bd2694aad5d5b 1776568 debug optional wpagui-dbgsym_2.9.0-21+deb11u1_amd64.deb 83fc7b226015d92955f7d14694b7a786 352088 net optional wpagui_2.9.0-21+deb11u1_amd64.deb 40e1a1f2daa0ae66a30a30668aee00ad 3945448 debug optional wpasupplicant-dbgsym_2.9.0-21+deb11u1_amd64.deb 5d9d63cd03ebc640f228b0679dca956a 333524 debian-installer standard wpasupplicant-udeb_2.9.0-21+deb11u1_amd64.udeb ce08f213cbc83a7c93aa68e7636c9eb6 1284948 net optional wpasupplicant_2.9.0-21+deb11u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEe8x49oT2k+seQstpgDm7h4zfCpIFAmZ0gdgACgkQgDm7h4zf CpKRHg/8D0cytruFQYX1sbmRHnj6eJjq6XCC7viR+iHQdPZ8YKqTfHS2dZs4NrhL ZtuWDJU+z/XzgNJOCZVv940vmy1CLdPYjbdvE+1iM423IUmLgjRR/thovop8VyTP T8PSUFXdm2FSOimtFDo+6HrXZD1V6jw9yr66IYCbqm679b2nATjnzBatiAuSLYDS r7jxeFnkWzYLOkpgg6kSt30AMh5LKoK+Y+jd4/QQI2oW6K3UFGYtprFrFAJ3O853 rp6PaTsCWiXoFvGIxuNjz8AEYVtN9qu47JNSEKQbFPYbzqGgqpUD3Obsc/lbbHJ0 zu+HOjHm7eVtiXwTU5kIzgNtfN/kzm83cXVqdjnZ/8tyjxiUyR2LOlS2KR/8gmTx QBute/Int0qssEi0HqZAnVSMb9wNMMDKzuaE/EboIuDN803ZWZlvS0grIwTF48E9 s0QaiW8YAWlIKgkLXzkW6MqSgmNjC86fLKt8Tt1C/XjsTsEt/fEVvyQwhWPV6gKq bv7wnvKSGNoEqsGZra2qKwAcvUtrEH4VkGTFRo6lyUq2t4m2YtNViYotzOuo4gxd O9L24xUXoeVkQR5XV/XYZ3+ZSCFYVLKhps4sdy7Bjsvp+PwemmbRb8aeQLNReQf5 qmmWLulCJl8sSUFcsZ14sC+Jb0oK8S7yN/K6zm0j0wfn62eU9iE= =VrWs -----END PGP SIGNATURE-----