There are new wpa_supplicant versions 2.2, 2.3 and 2.4 which bring a horde of improvements to eg WiFi Direct (P2P) and others: http://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog
The 2.3 is already part of the stable Debian 8.0 release so it would be useful to sync with at least that for 15.10 (and 16.04 LTS).
--- Debian stable changelog ---
wpa (2.3-1+deb8u1) jessie-security; urgency=high
.
* import "P2P: Validate SSID element length before copying it
(CVE-2015-1863)" from upstream (Closes: #783148).
wpa (2.3-1) unstable; urgency=medium
.
* New upstream release:
- fixed by the new upstream version:
+ wpa: arbitrary command execution via action scripts (Closes: #765352).
wpasupplicant: fixed wpa_cli action script execution to use more
robust mechanism (CVE-2014-3686).
hostapd: fixed hostapd_cli action script execution to use more robust
mechanism (CVE-2014-3686).
+ wpasupplicant: MAC addressing changing broken after updating to 2.2-1
(Closes: #763775).
+ drop ap_config_c_fix-typo-for-capabilities, applied upstream.
- backport "Include ieee802_11_common.c in wpa_supplicant build
unconditionally" from HEAD, to fix a newly introduced FTBS on, at least,
kfreebsd.
* bump standards version to 3.9.6, no changes necessary.
wpa (2.2-1) unstable; urgency=medium
.
* New upstream release:
- import suggested changes from Gerald Turner <email address hidden> (see
#718651 for details).
+ disable ACS for hostapd on kfreebsd-any (FTBS).
- fixed by the new upstream version:
+ wpa_supplicant: OpenSSL: tls_connection_handshake - Failed to read
(Closes: #561081).
+ wpasupplicant: new upstream release 2.2 (Closes: #718651).
+ wpasupplicant: -s option not documented in man page (Closes: #608135).
- refresh patches:
+ drop 13_human_readable_signal.patch, applied upstream.
+ drop hostapd_fix-WDS-VLAN-bridge-handling.patch, applied upstream.
+ drop fix-spelling-s-algorith-algorithm.patch, applied upstream.
- adapt build configs for hostapd/ wpa_supplicant 2.2:
+ sync with updated upstream defconfigs.
+ keep Hotspot 2.0 support disabled for the time being.
+ hostapd: keep sqlite3 support disabled for the time being.
- update debian/copyright manually, the wpa v2 branch was relicensed from
(BSD-3-clause || GPL-2) to BSD-3-clause only (for the most part). This
doesn't change the licensing state as the BSD-3-clause license is
compatible with GPL-2.
* drop pre-wheezy /lib/init/rw/sendsigs.omit.d/ migration support, invert the
versioned initscripts dependency to a versioned breaks relation.
* migrate from /var/run/ to /run/.
* adapt get-orig-source for wpa 2.2.
* drop version qualifiers for libnl3 build dependencies, as they're
fullfilled by wheezy.
* drop version qualifiers for the lsb-base build dependency, as they're
fullfilled by squeeze.
* shorten short description for hostapd.
* sort debian/control entries.
* make lintian happy (invalid-short-name-in-dep5-copyright bsd) and call it
BSD-3-clause.
* enable DEBUG_SYSLOG and set DEBUG_SYSLOG_FACILITY=LOG_DAEMON, as requested
by Cyril Brulebois <email address hidden> to improve logging options for d-i and
netcfg (Closes: #761922).
* fix various typos around "existence", thanks to A. Costa <email address hidden>,
(Closes: #683636).
* ap_config.c: fix typo for "capabilities".
* remove no longer required lintian override (spelling-error-in-binary for
the).
Status changed to 'Confirmed' because the bug affects multiple users.