-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 30 Apr 2024 22:45:18 +0000 Source: wpa Binary: eapoltest eapoltest-dbgsym hostapd hostapd-dbgsym libwpa-client-dev wpagui wpagui-dbgsym wpasupplicant wpasupplicant-dbgsym wpasupplicant-udeb Architecture: s390x Version: 2:2.10-12+deb12u1 Distribution: bookworm Urgency: high Maintainer: s390x Build Daemon (zani) Changed-By: Bastien Roucariès Description: eapoltest - EAPoL testing utility hostapd - access point and authentication server for Wi-Fi and Ethernet libwpa-client-dev - development files for WPA/WPA2 client support (IEEE 802.11i) wpagui - graphical user interface for wpa_supplicant wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i) wpasupplicant-udeb - client support for WPA and WPA2 (IEEE 802.11i) (udeb) Closes: 1064061 Changes: wpa (2:2.10-12+deb12u1) bookworm; urgency=high . * Non-maintainer upload on behalf of the Security Team. * Fix CVE-2023-52160 (Closes: #1064061): The implementation of PEAP in wpa_supplicant allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks. Checksums-Sha1: fe152d610e470c7e79609cd44ce941ca5928137d 4009892 eapoltest-dbgsym_2.10-12+deb12u1_s390x.deb b6e592d2e3a8ea2fbea9b03bb62f46a51fd02194 997100 eapoltest_2.10-12+deb12u1_s390x.deb 1a0722431376dc2000dc70f058c00cdd45ae4e34 2751016 hostapd-dbgsym_2.10-12+deb12u1_s390x.deb fda0ba70808f8ef5d99dab66d4cc4b749e64f16a 762172 hostapd_2.10-12+deb12u1_s390x.deb 43da415c78eed52d35cfa7c720c730980b54decc 32872 libwpa-client-dev_2.10-12+deb12u1_s390x.deb 15c225fce7aa1d3194f27b6c0033658e84d30e7e 14868 wpa_2.10-12+deb12u1_s390x-buildd.buildinfo 08cd870b5da67fb369b577cf35a33c1cfa606c1b 2179560 wpagui-dbgsym_2.10-12+deb12u1_s390x.deb 1809d43580084800a54da388ebf21f2823180583 302876 wpagui_2.10-12+deb12u1_s390x.deb 7b937008e4ed49b8fcbcf3eb9f9fd6c7fa30bb4d 4506508 wpasupplicant-dbgsym_2.10-12+deb12u1_s390x.deb 4b4c7c24b40af3dd99c983fd3ea57fac0cd39359 328160 wpasupplicant-udeb_2.10-12+deb12u1_s390x.udeb cd1978fe5f6ff7a4925e6b700bf4c4932d8a84d5 1251896 wpasupplicant_2.10-12+deb12u1_s390x.deb Checksums-Sha256: 5fd12f2c315c54b7f27a7f55d7dfcff79bdf13f4de344e15055e5947532984ac 4009892 eapoltest-dbgsym_2.10-12+deb12u1_s390x.deb cd9ebfc9802753da5da44a6d1e087d6e72955eb23660637e44c91266d9fd2f92 997100 eapoltest_2.10-12+deb12u1_s390x.deb e52bcb8d010e75b7b5cb80abf4aa57c6f6ca98c5775bc673ed8228fafd0a3b2f 2751016 hostapd-dbgsym_2.10-12+deb12u1_s390x.deb 677cff059b614d9cea1017b7bdf2b5abfd63d0bf930ee679970239df4e0876ce 762172 hostapd_2.10-12+deb12u1_s390x.deb 0056687e0e423aed503de1f77aa9fd66de306122291fcd85c35ebf76ab0ba11c 32872 libwpa-client-dev_2.10-12+deb12u1_s390x.deb 816e1551fdc222a6d1d7581b4e45c7f6525fdcedc431af360041c015ecd49b10 14868 wpa_2.10-12+deb12u1_s390x-buildd.buildinfo cb8a3d6651b6c2a23b682e523af486197cbfbb7cceeb072534b3e4c752d5f75c 2179560 wpagui-dbgsym_2.10-12+deb12u1_s390x.deb 4d8519040b7e4d7eb5bad9a43c40df4e5a6e00f2af5a5b2598f0162d3009582a 302876 wpagui_2.10-12+deb12u1_s390x.deb 26cc16f53e3ae7aea6586055f04dc5818d80e83150c08fbc0fa0b36217904d50 4506508 wpasupplicant-dbgsym_2.10-12+deb12u1_s390x.deb bf290b8591f5dbfb218dcbfcc95137eef98cfa2c5476b58a9f17ded38b765199 328160 wpasupplicant-udeb_2.10-12+deb12u1_s390x.udeb 10afd596c4db13eb62f89118bf9b55d2fae193089d64980c3b259bd7b5dd352d 1251896 wpasupplicant_2.10-12+deb12u1_s390x.deb Files: 865aaaf5813cc5547f83ee4b8fefbf1a 4009892 debug optional eapoltest-dbgsym_2.10-12+deb12u1_s390x.deb 7fdc40fd528f019c521dfa8155cd2ac8 997100 net optional eapoltest_2.10-12+deb12u1_s390x.deb 1f3fa45f405c8c947e393e8a0261a5eb 2751016 debug optional hostapd-dbgsym_2.10-12+deb12u1_s390x.deb f02f3379a8035c060009072f0ca3dde7 762172 net optional hostapd_2.10-12+deb12u1_s390x.deb 099826dc4f64e656544a99ff1b5ee360 32872 libdevel optional libwpa-client-dev_2.10-12+deb12u1_s390x.deb 32f1f6741250cb1c189a82036ef51677 14868 net optional wpa_2.10-12+deb12u1_s390x-buildd.buildinfo 660d6a681f8740b83d66a1c1f948f2f7 2179560 debug optional wpagui-dbgsym_2.10-12+deb12u1_s390x.deb 24d635a31c0d724fa6eecbf1aed8c428 302876 net optional wpagui_2.10-12+deb12u1_s390x.deb af402ca0b7d906e92b82ab88b8bf38e1 4506508 debug optional wpasupplicant-dbgsym_2.10-12+deb12u1_s390x.deb 7b6c77a2025fd091d290743c7a35426e 328160 debian-installer standard wpasupplicant-udeb_2.10-12+deb12u1_s390x.udeb 8d7e000195e5ec59e03f7a1fec6f4ea1 1251896 net optional wpasupplicant_2.10-12+deb12u1_s390x.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEETdQgQHyJW2hcXsTC6b+AMjGgQHgFAmZ0h3EACgkQ6b+AMjGg QHhZvw/9GxtvOedLZolYayR85pNP8ea/g/9+mXTnh7D/OuYzFxrgfTr33ZVeW+gt w9/aFu5uDKliVYnCbnJVsR0urldt8Eq7TfVzyv9KSYMgDEeTeLAuN+0SbuLHU48f VjiU5HO7FKTGfXyiqMaMUjIkn1GJjgGrMVAdDEVRKtBdJRZ05sw24E+N+wa1SefJ M/7sVP9L+SjqwONHASToRTaKdhdmfVSaZc1aNDAsyTH2Eutc1W+j0UUv7486vPed 6Ctjh3WgiMu4+K+UK+LEFiXRNGse6cQFdIKV63nDAmo6yfTnXSLjOX8jc/6XDuaZ 2p/FUzvunF1K4iKNwM6nz76xMcKS2fHH3wz3TPkceK86Ln5HxoT7k4+q0omaHVvO CYk4KZy4uXGpYM+/I/Gt+eRE3hSlhi4yp1jrCDcvBou8rJDHguGPx4EZgDMBtUUE izogMd/kmvVa2QV15XE7oIGHK/LNVNtrznh7FRrhfyv6iFhXqXs3YrusO+4ZjQz+ v0qZmDdhpbJAtoo1sfxWv5ojhRqVyWfIFnx/nPDaTqigSD0d+yn8pszp4MWIr0/C n954a8FcIAwd4FdI6+v4QCLNrM83ZosboeZnaQWvHABeJapnPIQH8uBeVtj2k1cj X3uS0fjvapOMBBtXDwC9Qb9j+NJyqqHLTvH99HH4vSAlaOATM9I= =VlT0 -----END PGP SIGNATURE-----