wpa 2:2.8-2ubuntu2 source package in Ubuntu

Changelog

wpa (2:2.8-2ubuntu2) eoan; urgency=medium

  * SECURITY UPDATE: SAE/EAP-pwd side-channel attack w/Brainpool curves
    - debian/patches/CVE-2019-13377-1.patch: use const_time_memcmp() for
      pwd_value >= prime comparison in src/common/sae.c.
    - debian/patches/CVE-2019-13377-2.patch: use const_time_memcmp() for
      pwd_value >= prime comparison in src/eap_common/eap_pwd_common.c.
    - debian/patches/CVE-2019-13377-3.patch: use BN_bn2binpad() or
      BN_bn2bin_padded() if available in src/crypto/crypto_openssl.c.
    - debian/patches/CVE-2019-13377-4.patch: run through prf result
      processing even if it >= prime in src/common/sae.c.
    - debian/patches/CVE-2019-13377-5.patch: run through prf result
      processing even if it >= prime in src/eap_common/eap_pwd_common.c.
    - debian/patches/CVE-2019-13377-6.patch: disable use of groups using
      Brainpool curves in src/common/sae.c,
      src/eap_common/eap_pwd_common.c.
    - CVE-2019-13377

 -- Marc Deslauriers <email address hidden>  Tue, 13 Aug 2019 13:32:28 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2019-08-13
Uploaded to:
Eoan
Original maintainer:
Ubuntu Developers
Architectures:
linux-any kfreebsd-any
Section:
net
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
wpa_2.8.orig.tar.xz 2.2 MiB bdce00ad67810b56bf8da73214dd298aab8a4f873d5fca167f53501209b222c2
wpa_2.8-2ubuntu2.debian.tar.xz 86.7 KiB 7355c3b7d2efa7fb4a5906a60458884b45f4a91c45b85b7bbc583d5bf1ca79d8
wpa_2.8-2ubuntu2.dsc 2.4 KiB 01feed84345e0d48bd318530fc5fcca7e31792f382e2b2cb88d3bc34fc6c85ed

Available diffs

View changes file

Binary packages built by this source

hostapd: IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator

 Originally, hostapd was an optional user space component for Host AP
 driver. It adds more features to the basic IEEE 802.11 management
 included in the kernel driver: using external RADIUS authentication
 server for MAC address based access control, IEEE 802.1X Authenticator
 and dynamic WEP keying, RADIUS accounting, WPA/WPA2 (IEEE 802.11i/RSN)
 Authenticator and dynamic TKIP/CCMP keying.
 .
 The current version includes support for other drivers, an integrated
 EAP authenticator (i.e., allow full authentication without requiring
 an external RADIUS authentication server), and RADIUS authentication
 server for EAP authentication.
 .
 hostapd works with the following drivers:
 .
  * mac80211 based drivers with support for master mode [linux]
  * Host AP driver for Prism2/2.5/3 [linux]
  * Driver interface for FreeBSD net80211 layer [kfreebsd]
  * Any wired Ethernet driver for wired IEEE 802.1X authentication.

hostapd-dbgsym: debug symbols for hostapd
wpagui: graphical user interface for wpa_supplicant

 wpagui provides a Qt interface for choosing which configured network
 to connect to. It also provides a method for browsing 802.11 SSID scan
 results, an event history log of messages generated by wpa_supplicant,
 and a method to add or edit wpa_supplicant networks.

wpagui-dbgsym: debug symbols for wpagui
wpasupplicant: client support for WPA and WPA2 (IEEE 802.11i)

 WPA and WPA2 are methods for securing wireless networks, the former
 using IEEE 802.1X, and the latter using IEEE 802.11i. This software
 provides key negotiation with the WPA Authenticator, and controls
 association with IEEE 802.11i networks.

wpasupplicant-dbgsym: debug symbols for wpasupplicant
wpasupplicant-udeb: Client support for WPA and WPA2 (IEEE 802.11i)

 WPA and WPA2 are methods for securing wireless networks, the former
 using IEEE 802.1X, and the latter using IEEE 802.11i. This software
 provides key negotiation with the WPA Authenticator, and controls
 association with IEEE 802.11i networks.
 .
 This is a udeb of wpasupplicant for use by the debian-installer.