New upstream version 2.4 / please merge with Debian 8's wpa 2.3
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
wpa (Ubuntu) |
Fix Released
|
Medium
|
Mathieu Trudel-Lapierre |
Bug Description
There are new wpa_supplicant versions 2.2, 2.3 and 2.4 which bring a horde of improvements to eg WiFi Direct (P2P) and others: http://
The 2.3 is already part of the stable Debian 8.0 release so it would be useful to sync with at least that for 15.10 (and 16.04 LTS).
--- Debian stable changelog ---
wpa (2.3-1+deb8u1) jessie-security; urgency=high
.
* import "P2P: Validate SSID element length before copying it
(CVE-
wpa (2.3-1) unstable; urgency=medium
.
* New upstream release:
- fixed by the new upstream version:
+ wpa: arbitrary command execution via action scripts (Closes: #765352).
robust mechanism (CVE-2014-3686).
hostapd: fixed hostapd_cli action script execution to use more robust
mechanism (CVE-2014-3686).
+ wpasupplicant: MAC addressing changing broken after updating to 2.2-1
(Closes: #763775).
+ drop ap_config_
- backport "Include ieee802_11_common.c in wpa_supplicant build
kfreebsd.
* bump standards version to 3.9.6, no changes necessary.
wpa (2.2-1) unstable; urgency=medium
.
* New upstream release:
- import suggested changes from Gerald Turner <email address hidden> (see
#718651 for details).
+ disable ACS for hostapd on kfreebsd-any (FTBS).
- fixed by the new upstream version:
+ wpa_supplicant: OpenSSL: tls_connection_
(Closes: #561081).
+ wpasupplicant: new upstream release 2.2 (Closes: #718651).
+ wpasupplicant: -s option not documented in man page (Closes: #608135).
- refresh patches:
+ drop 13_human_
+ drop hostapd_
+ drop fix-spelling-
- adapt build configs for hostapd/ wpa_supplicant 2.2:
+ sync with updated upstream defconfigs.
+ keep Hotspot 2.0 support disabled for the time being.
+ hostapd: keep sqlite3 support disabled for the time being.
- update debian/copyright manually, the wpa v2 branch was relicensed from
doesn't change the licensing state as the BSD-3-clause license is
compatible with GPL-2.
* drop pre-wheezy /lib/init/
versioned initscripts dependency to a versioned breaks relation.
* migrate from /var/run/ to /run/.
* adapt get-orig-source for wpa 2.2.
* drop version qualifiers for libnl3 build dependencies, as they're
fullfilled by wheezy.
* drop version qualifiers for the lsb-base build dependency, as they're
fullfilled by squeeze.
* shorten short description for hostapd.
* sort debian/control entries.
* make lintian happy (invalid-
BSD-3-clause.
* enable DEBUG_SYSLOG and set DEBUG_SYSLOG_
by Cyril Brulebois <email address hidden> to improve logging options for d-i and
netcfg (Closes: #761922).
* fix various typos around "existence", thanks to A. Costa <email address hidden>,
(Closes: #683636).
* ap_config.c: fix typo for "capabilities".
* remove no longer required lintian override (spelling-
the).
description: | updated |
Changed in wpa (Ubuntu): | |
status: | Confirmed → In Progress |
assignee: | nobody → Mathieu Trudel-Lapierre (mathieu-tl) |
importance: | Undecided → Medium |
Status changed to 'Confirmed' because the bug affects multiple users.