-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 11 Apr 2025 16:29:46 +0200 Source: wpa Binary: eapoltest eapoltest-dbgsym hostapd hostapd-dbgsym libwpa-client-dev wpagui wpagui-dbgsym wpasupplicant wpasupplicant-dbgsym wpasupplicant-udeb Architecture: ppc64el Version: 2:2.10-12+deb12u3 Distribution: bookworm Urgency: medium Maintainer: ppc64el Build Daemon (ppc64el-osuosl-02) Changed-By: Bastien Roucariès Description: eapoltest - EAPoL testing utility hostapd - access point and authentication server for Wi-Fi and Ethernet libwpa-client-dev - development files for WPA/WPA2 client support (IEEE 802.11i) wpagui - graphical user interface for wpa_supplicant wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i) wpasupplicant-udeb - client support for WPA and WPA2 (IEEE 802.11i) (udeb) Changes: wpa (2:2.10-12+deb12u3) bookworm; urgency=medium . * Non-maintainer upload by the LTS Security Team. * debian/patches/CVE-2022-37660.patch: Add hostapd_dpp_pkex_clear_code() and wpas_dpp_pkex_clear_code(), and clear code reusage in ./src/ap/dpp_hostapd.c and ./wpa_supplicant/dpp_supplicant.c * Fix CVE-2022-37660: the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the encrypting element Qi and subtracting it from the captured message M (X = M - Qi). This will result in the public ephemeral key X; the only element required to subvert the PKEX association Checksums-Sha1: ca87cee0557869537c80db43405577e28453c8ad 4113440 eapoltest-dbgsym_2.10-12+deb12u3_ppc64el.deb 9c8aef870283f71804023648441c109b9df9951c 1209280 eapoltest_2.10-12+deb12u3_ppc64el.deb ce612994bd346eecbf468c86d78712d4d3b3962d 2831360 hostapd-dbgsym_2.10-12+deb12u3_ppc64el.deb 104a82215c529a0da6e7fa8068edccae2a9990b5 896148 hostapd_2.10-12+deb12u3_ppc64el.deb 21b0264ba78a55afdd1015dc8a2d28e2477224f9 37864 libwpa-client-dev_2.10-12+deb12u3_ppc64el.deb 38009c10572b5a0b4be0e5076356fcef212d4798 15232 wpa_2.10-12+deb12u3_ppc64el-buildd.buildinfo 96e283c989942d84a9a3177b58cf0c79b7a9b17b 2255448 wpagui-dbgsym_2.10-12+deb12u3_ppc64el.deb e3f39c97d9eb624638a0112e5feffc5f461f29aa 314632 wpagui_2.10-12+deb12u3_ppc64el.deb 6df52623372f5ba73885cb1afdd8d203425859c0 4634732 wpasupplicant-dbgsym_2.10-12+deb12u3_ppc64el.deb bd6f7f7db5e99e8fd7b8b4a70e60e1cc995fd7ae 399512 wpasupplicant-udeb_2.10-12+deb12u3_ppc64el.udeb 2861375dde0b512c7f1a6128377186b70ece4584 1485092 wpasupplicant_2.10-12+deb12u3_ppc64el.deb Checksums-Sha256: 5cc3750209be5969ad42c1906b144eee2fbdd0fc4b69c8673c3ca8f62f6e9205 4113440 eapoltest-dbgsym_2.10-12+deb12u3_ppc64el.deb 20eece271ffca6493abf3707c569023c95f4a9d662114f1742f3e250fd532087 1209280 eapoltest_2.10-12+deb12u3_ppc64el.deb 9b8006b79ca29605316e67f2afc15f0143e1af8f0b5e298c564e87163747ec90 2831360 hostapd-dbgsym_2.10-12+deb12u3_ppc64el.deb c42c4919bc1d06b1f71cf412d13a9d4b94fe213387b7a960beebf912c7651d7b 896148 hostapd_2.10-12+deb12u3_ppc64el.deb 341aaa437eb951b5e3b686378596303c31e8f0dc3a5af1548b9a7950da8c06a7 37864 libwpa-client-dev_2.10-12+deb12u3_ppc64el.deb 738fb7d14ad415f74ab00b01b137d0744518321fdecb964a51d2e941525e719d 15232 wpa_2.10-12+deb12u3_ppc64el-buildd.buildinfo 1f9c3ffa0511311104d10b040138aee83089a90f969e3368688f87c14b5ec785 2255448 wpagui-dbgsym_2.10-12+deb12u3_ppc64el.deb 6d08702e66d8e9ff04c542ae68794acfa0bf32fc900bcd7976857a174990efad 314632 wpagui_2.10-12+deb12u3_ppc64el.deb d0b750333f4827dcccc0a1651f749cf9760496b645b7cab50251b05d4f79adcd 4634732 wpasupplicant-dbgsym_2.10-12+deb12u3_ppc64el.deb 5ab4a65aa2e577b0b33ffea34fb27bc238f87b99c812331f13eb28154ca3275b 399512 wpasupplicant-udeb_2.10-12+deb12u3_ppc64el.udeb a233eb0584becc7f641dc1ed57799d96a77ca96459b1de085f31d36996a6bc58 1485092 wpasupplicant_2.10-12+deb12u3_ppc64el.deb Files: d86d14c4b80ad5a59128dc39c705e9b6 4113440 debug optional eapoltest-dbgsym_2.10-12+deb12u3_ppc64el.deb 683e6ead5491d40c4b754ef3d4574885 1209280 net optional eapoltest_2.10-12+deb12u3_ppc64el.deb b4572899e26553fd3ad2744dc7364d9c 2831360 debug optional hostapd-dbgsym_2.10-12+deb12u3_ppc64el.deb afdcb5f21ea1dd82ba4f72fdce40d672 896148 net optional hostapd_2.10-12+deb12u3_ppc64el.deb 5ff68f83f7edfa59a0274648168375f5 37864 libdevel optional libwpa-client-dev_2.10-12+deb12u3_ppc64el.deb 80d285e4b785a4e557f91630d9a0db46 15232 net optional wpa_2.10-12+deb12u3_ppc64el-buildd.buildinfo 9e66567dd9e2d37a7f24f76d78c44b97 2255448 debug optional wpagui-dbgsym_2.10-12+deb12u3_ppc64el.deb 5ead61981fdd3ea0d4a7662820f8e797 314632 net optional wpagui_2.10-12+deb12u3_ppc64el.deb 12571c5ae4c9b99f2a9083be7e6750ae 4634732 debug optional wpasupplicant-dbgsym_2.10-12+deb12u3_ppc64el.deb 84abec032654ff573262fed7e340f976 399512 debian-installer standard wpasupplicant-udeb_2.10-12+deb12u3_ppc64el.udeb 7f21b79ddadb44895e07ea61309af119 1485092 net optional wpasupplicant_2.10-12+deb12u3_ppc64el.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEYo4fOZBRi9qmvTxH1PowSTJ8+YQFAmhWe+cACgkQ1PowSTJ8 +YQnVQ/8DoCs7yNFDbpiKrpcQa6W43oiK9Fe+poGePx9D5Ln4M/JufeOvJ+tz6uj 16Ss2M0TSgfMF7KDMlUTl+WH4D3ycdC6dSehK4e6w0TR3kUbt6bMTc1YklP2Mm+M Mm3wpYtwURF3g3PmGzsDeaEZ/FyJhRk+OaYXI3MErzeKo+GW1pz7aryOKZEkHnSN KYmSrkRAF/9Qu3WbjapsEbjl0up8X2vQWqENOh+qrHPqviEJ26Yu4V6xNJlmh5/o ooy1YfMlI8mEdmnwb+OkKv+1wpgxvMABuEZoESGe+HheRSabddJGLOOqiXzsWuTx VJVu0XXrm+grzg01cN/CZvuDnN5fl8+vokZwkxanUelo2XIuI09Yu/W7+1nn5geO OY7uh4+ezUCoyNJuMPH1a3OhzOOEqENkMin0nA7O48LdKmqF92a4Baa7kTnd57iT DB3JaUxi4mRSuGRn9JjdARCd2KZ509kI2s11hbem5EXR3IXjHlrOLo9HpI2ncDU/ q+bTwos54J4bvF8CN7/Q8RkFK2z8wpDONOG0jVncl1D+qqZQ8dzzqyMbzr8kZp5V zanHBqNg6RDoiQj1j6RCg1osNz0XWD73YF1VzBLhci70hwwhWENfZ4RfLleC3ZCc vHLbICnQ0S7XAxM8w3+EJphiIChx1nc0BoVo5ghdMO58Av+p+rc= =jC7B -----END PGP SIGNATURE-----