-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 11 Apr 2025 16:29:46 +0200 Source: wpa Binary: eapoltest eapoltest-dbgsym hostapd hostapd-dbgsym libwpa-client-dev wpagui wpagui-dbgsym wpasupplicant wpasupplicant-dbgsym wpasupplicant-udeb Architecture: s390x Version: 2:2.10-12+deb12u3 Distribution: bookworm Urgency: medium Maintainer: s390x Build Daemon (zani) Changed-By: Bastien Roucariès Description: eapoltest - EAPoL testing utility hostapd - access point and authentication server for Wi-Fi and Ethernet libwpa-client-dev - development files for WPA/WPA2 client support (IEEE 802.11i) wpagui - graphical user interface for wpa_supplicant wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i) wpasupplicant-udeb - client support for WPA and WPA2 (IEEE 802.11i) (udeb) Changes: wpa (2:2.10-12+deb12u3) bookworm; urgency=medium . * Non-maintainer upload by the LTS Security Team. * debian/patches/CVE-2022-37660.patch: Add hostapd_dpp_pkex_clear_code() and wpas_dpp_pkex_clear_code(), and clear code reusage in ./src/ap/dpp_hostapd.c and ./wpa_supplicant/dpp_supplicant.c * Fix CVE-2022-37660: the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the encrypting element Qi and subtracting it from the captured message M (X = M - Qi). This will result in the public ephemeral key X; the only element required to subvert the PKEX association Checksums-Sha1: 876aa042b87fc984fe288d01fb44493052621de1 4010164 eapoltest-dbgsym_2.10-12+deb12u3_s390x.deb 9312faf664dcb32f31e67953314659e4d926d798 998164 eapoltest_2.10-12+deb12u3_s390x.deb 32b9254608e44dbb7f5788834536f07a04ec0860 2753120 hostapd-dbgsym_2.10-12+deb12u3_s390x.deb 87e6872acd6dd05aa659fa8cc5842ef08077f8c8 762676 hostapd_2.10-12+deb12u3_s390x.deb 9471d39efd0afe7605d9266cc1254747abafbaf3 33260 libwpa-client-dev_2.10-12+deb12u3_s390x.deb 9876f9318aea8e00057a91b53aa080edf27bae9a 15056 wpa_2.10-12+deb12u3_s390x-buildd.buildinfo 6e26b958b506bde1fcd0c636118e701bb92ce074 2179408 wpagui-dbgsym_2.10-12+deb12u3_s390x.deb 2a54b808495c878585332cc782c3e53fb5b15634 303328 wpagui_2.10-12+deb12u3_s390x.deb 9242816e29fba1266fb948518b901579af5ebecf 4509092 wpasupplicant-dbgsym_2.10-12+deb12u3_s390x.deb 1d3b7505f666b63a6bf84bce38b417dedd0ff331 328168 wpasupplicant-udeb_2.10-12+deb12u3_s390x.udeb 69e7bd4811584130648c6d752b1aa3eb067177df 1252380 wpasupplicant_2.10-12+deb12u3_s390x.deb Checksums-Sha256: 2fe59221c191d465bfb7308a758a0faa2513e95bc7c09d89acfb8276962f9321 4010164 eapoltest-dbgsym_2.10-12+deb12u3_s390x.deb 47a9e78a073ab2de56499baac5764d5e5f86387620354146ffa5007c5e4eb7ba 998164 eapoltest_2.10-12+deb12u3_s390x.deb b38d8c36e850b37c79b8d9dd22b2bebbcf95cc35d699dd3fc7350a2b7496d430 2753120 hostapd-dbgsym_2.10-12+deb12u3_s390x.deb 7b08ec9f2fb3b8df30fd1f222828163b7bf3c0ce6e887c591ccd7b11ee74c305 762676 hostapd_2.10-12+deb12u3_s390x.deb 8d40dbbffc469d4abb3c6ae563d45b276d0c0f7cb5910023f5dcffcfcbb1f69d 33260 libwpa-client-dev_2.10-12+deb12u3_s390x.deb e110a392d2fda46747e1fe6364f9375ef7cdb02965891e98d8f284aa9200cf6c 15056 wpa_2.10-12+deb12u3_s390x-buildd.buildinfo 1cf9a5cd50d3784b449b7ed25ca5055773541646ddfff16a2fb0695e42d5f280 2179408 wpagui-dbgsym_2.10-12+deb12u3_s390x.deb 4709d188292293bf177781ca6e3c70cb4bf1a5d1d20b0d12ec99480263808b1b 303328 wpagui_2.10-12+deb12u3_s390x.deb 56e23c7c752ddb9872eb3850cecda89514e0753647ff5ae8032516681be04e44 4509092 wpasupplicant-dbgsym_2.10-12+deb12u3_s390x.deb 34c820ddfaea419e829fc36ae58a8cb2a52db91909e2a47eec860ff705f262bd 328168 wpasupplicant-udeb_2.10-12+deb12u3_s390x.udeb 0b70717ea924f179b8557731d5f2e2f5a1fc9afe978ceba6d01576b1466ec4b2 1252380 wpasupplicant_2.10-12+deb12u3_s390x.deb Files: 4f69ec432724337d4b474ec6c299fdf4 4010164 debug optional eapoltest-dbgsym_2.10-12+deb12u3_s390x.deb 5c77f737c98e94733d9ef7b5303d9e7b 998164 net optional eapoltest_2.10-12+deb12u3_s390x.deb 07fd539ebd41bc3ea1d8f44887f190a0 2753120 debug optional hostapd-dbgsym_2.10-12+deb12u3_s390x.deb aefa1d71c3f49ced12e3467fa616df48 762676 net optional hostapd_2.10-12+deb12u3_s390x.deb 6813717488135b2bc420fbb6b8ef62e6 33260 libdevel optional libwpa-client-dev_2.10-12+deb12u3_s390x.deb 3ab9da469db55fc341f7907b30653891 15056 net optional wpa_2.10-12+deb12u3_s390x-buildd.buildinfo a92cca69d7e225eacbeeb9cdc6f25dfc 2179408 debug optional wpagui-dbgsym_2.10-12+deb12u3_s390x.deb 80f6b4aeda259689a47fc4af001b7b14 303328 net optional wpagui_2.10-12+deb12u3_s390x.deb c73cd81f366e1fbc2ec0174c120adb52 4509092 debug optional wpasupplicant-dbgsym_2.10-12+deb12u3_s390x.deb ba89dbd5456509cffe7b2f60ff19012b 328168 debian-installer standard wpasupplicant-udeb_2.10-12+deb12u3_s390x.udeb 81035517de67f1268ef258ad4b87a59e 1252380 net optional wpasupplicant_2.10-12+deb12u3_s390x.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEZTC4/c20pi1/n7UBUhVQ83ojQ7QFAmhWe+YACgkQUhVQ83oj Q7ThAxAAzTZI6I+PZAq6qwJjrAGpx8Z0g42Y31MeuEI5ok+O3NeAWuyc6aKhrdcz QVQDa6Z/updI9/Zi0q2IVvFy+M/ULToAJU2U7HPq//G7njfLvL/HZsDObIs/yO43 kLvd+ckL3KWNWxJQvmc2huMwSRtJyYntVPTcq/se+hc6S0izJEkF5b7CUUOI7Rqn IRXEt0vsQunhTdD8HRMa2pmXkuK9K5JlwMLrjIygvpkr4+VrMmf4A/63Z62B6n09 Pb3mmzEjDcBY/lrgRtrHJHOTJUgga0DXw/Io3mJzKa4+ICqHI/SqawbSKp20ip78 PRgT0CuCgow++Hn2PZiLPylnvPDssZx0jFwoZA7VtVeBbsr3XoIs3tCW+lOiQkUf ZEtzssRrG6aX/m7uGFqYzDfhILmxk8mo0pi9FRRSR0So/7YXZWihaDEE2oM0cpw4 dhiaPTd1nZfcz4H1oMvJJAOoIVhdvheEo155DLrduQTH1x9c3v8lzO+m8iyCIjGk 0TFxfJiBdrdq/NcrrKe5mjrg/YboDGy305oncoItIWHsYAa4wGnsjKYUgyGlbdwB E7FCHznEDSW+eACoG7LmAxOjymEv0ZCPYKe3eXWosOSzLakrCUIHih7w6EWdv5Jb XjGpPyNuCcgt6ryAvQVKY1maJ3Wi9kSXU1OXsO5/F0nwGWZw8YI= =GxSW -----END PGP SIGNATURE-----