-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 11 Apr 2025 16:29:46 +0200 Source: wpa Binary: eapoltest eapoltest-dbgsym hostapd hostapd-dbgsym libwpa-client-dev wpagui wpagui-dbgsym wpasupplicant wpasupplicant-dbgsym wpasupplicant-udeb Architecture: amd64 Version: 2:2.10-12+deb12u3 Distribution: bookworm Urgency: medium Maintainer: all / amd64 / i386 Build Daemon (x86-grnet-03) Changed-By: Bastien Roucariès Description: eapoltest - EAPoL testing utility hostapd - access point and authentication server for Wi-Fi and Ethernet libwpa-client-dev - development files for WPA/WPA2 client support (IEEE 802.11i) wpagui - graphical user interface for wpa_supplicant wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i) wpasupplicant-udeb - client support for WPA and WPA2 (IEEE 802.11i) (udeb) Changes: wpa (2:2.10-12+deb12u3) bookworm; urgency=medium . * Non-maintainer upload by the LTS Security Team. * debian/patches/CVE-2022-37660.patch: Add hostapd_dpp_pkex_clear_code() and wpas_dpp_pkex_clear_code(), and clear code reusage in ./src/ap/dpp_hostapd.c and ./wpa_supplicant/dpp_supplicant.c * Fix CVE-2022-37660: the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the encrypting element Qi and subtracting it from the captured message M (X = M - Qi). This will result in the public ephemeral key X; the only element required to subvert the PKEX association Checksums-Sha1: ac6756531f6f05efa61c97b7a59dccb18b4ac8d6 4089464 eapoltest-dbgsym_2.10-12+deb12u3_amd64.deb 9fa365f9cca0059fd2e6d144cd563b24fa832a45 1151884 eapoltest_2.10-12+deb12u3_amd64.deb 6403050a7dbedffd775613291a001f14a492928c 2798048 hostapd-dbgsym_2.10-12+deb12u3_amd64.deb 77092915ceec85e57d383c4974deab6d345ea34b 866920 hostapd_2.10-12+deb12u3_amd64.deb ef43c2757634c274746ee6f21ead3a957f6f25d2 34060 libwpa-client-dev_2.10-12+deb12u3_amd64.deb 4058b20d939ba26905084d34c3941121d58642bd 15284 wpa_2.10-12+deb12u3_amd64-buildd.buildinfo e16edd097dfa8ed3771cfba98c3dbc239b344a8e 2212072 wpagui-dbgsym_2.10-12+deb12u3_amd64.deb eb6f74d86fcbe4ef564503dc0209ad39241aad91 315896 wpagui_2.10-12+deb12u3_amd64.deb 157339e758c1735a397081004497233a06f59083 4600192 wpasupplicant-dbgsym_2.10-12+deb12u3_amd64.deb 44f8c9bdb2e4f4c7f9d9c5f3c8e4006cd83e8c0f 374872 wpasupplicant-udeb_2.10-12+deb12u3_amd64.udeb f607520d1b18903f8dfdec27eeb5e5fdc0bf61da 1419440 wpasupplicant_2.10-12+deb12u3_amd64.deb Checksums-Sha256: 79b5f5c1a5bdc7c4797e4879cb8386bae28c9bfa2a4ad5ccf90e4f1837d3e3fd 4089464 eapoltest-dbgsym_2.10-12+deb12u3_amd64.deb 7e10f8956d8b40e31556f19d5ac7600d41db61ca801a3f00cf3e3f8009e8f27e 1151884 eapoltest_2.10-12+deb12u3_amd64.deb c696f81fad76ed28856147c5c42a8fa897a7c1fcf2bc43fe9172366c1bb75d54 2798048 hostapd-dbgsym_2.10-12+deb12u3_amd64.deb 523bf90ebad78b8856d7a4251b6901c224c4132f12bdd7ee3d296ae4a07435f4 866920 hostapd_2.10-12+deb12u3_amd64.deb cb9794155d1ebd508b5ef9ac98fc4febb7542fc7c64b8a4ba16b287d542f8abc 34060 libwpa-client-dev_2.10-12+deb12u3_amd64.deb 4aa8fbfcbc074adbcf454ff23df720c679872997f604ea7589415db4a7ee76f1 15284 wpa_2.10-12+deb12u3_amd64-buildd.buildinfo 1d8952acb1b4fe29d179af6af88be39f022facce5e72fc0ed92e0b953457f40a 2212072 wpagui-dbgsym_2.10-12+deb12u3_amd64.deb 35213ddf2559e1177da93d76cae2fc967db5755eb8653bc5814b693ac69f80c0 315896 wpagui_2.10-12+deb12u3_amd64.deb b0ff1a467316334ec5f001a888d4029390a522d3019faa12cee2b97f8a9e2454 4600192 wpasupplicant-dbgsym_2.10-12+deb12u3_amd64.deb 0591a98f3169ecc53ee0f8da56e80cc536319ae86e26ab49c1ba0b55b2a34ec8 374872 wpasupplicant-udeb_2.10-12+deb12u3_amd64.udeb 0fdc7a194d2daba4bb79cbae0f7638b68c1b51c5e71f54160468595fafd57f22 1419440 wpasupplicant_2.10-12+deb12u3_amd64.deb Files: 55e6990432f93ca75d70851866d5996a 4089464 debug optional eapoltest-dbgsym_2.10-12+deb12u3_amd64.deb 44ca4a7ee26fce5e7d006842d8ddc847 1151884 net optional eapoltest_2.10-12+deb12u3_amd64.deb 193800b8de13c4a4cc99195cc7de004c 2798048 debug optional hostapd-dbgsym_2.10-12+deb12u3_amd64.deb 7eb219349a7605ebb3eb4150bd113288 866920 net optional hostapd_2.10-12+deb12u3_amd64.deb c032f2a75da17bd9842e60e54c6b498d 34060 libdevel optional libwpa-client-dev_2.10-12+deb12u3_amd64.deb cc8b9c6894dfc3016e77c5b191ce029e 15284 net optional wpa_2.10-12+deb12u3_amd64-buildd.buildinfo 65a7e15d300cca57bf5a074c0f3c19d8 2212072 debug optional wpagui-dbgsym_2.10-12+deb12u3_amd64.deb 64dd22f6ee85300cda6e6f1ce30480bd 315896 net optional wpagui_2.10-12+deb12u3_amd64.deb c335c159f6c2de46a25a6841f60695ce 4600192 debug optional wpasupplicant-dbgsym_2.10-12+deb12u3_amd64.deb 7107af256d8d1428cfc3582829291a1c 374872 debian-installer standard wpasupplicant-udeb_2.10-12+deb12u3_amd64.udeb f6c44df3665be9dfbb55995a843fc4e1 1419440 net optional wpasupplicant_2.10-12+deb12u3_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEHqtYLkdKRyCY94K8fUw6/tXbAmMFAmhWe9EACgkQfUw6/tXb AmMjsw//S9Z62Pj3jAS7R6gU5N6coN0UKQaONPZIr08VTr8fqweMkXiOSrhhIeMq +ER4hmprrnL40ImMIp/F2yMX+uJKLrMPj0WPNG1vshxaz0FMkxRz9s7FDoPIf63p prnfHcN6m1yIKIfk2uNwsQjobgg9CzpYFj69Clj8VzcD3p0oZ9URV594CfmFwyH7 9ZuyHdR7hkoolKShe23LeKL2sb+aiKfLtMCUqRlloG8/FvOqJ1Nvc8V8Uq7ey7Vi 2bYiZvAZPMI+CSqs4ToS39UrdwSZACgOPBpoC1IK9Gf4a0U2/u1brHhPGbQuUZtA hGU5f37e1nB9PUYp6BW0M38xHOFrMQ3KoXvNdlScnGX6ZexpSmFrRQD9F2wmuJhA pHX7gn6hy+4HOX93CzjRkkuhfvTv8R1EKUZGNgXQsOD9ckecETZ//w2iVz31D8WS nmh08OF7+ZUJB/nGS3mI6/h9v3ija5Y6m4+EwbpNmzrJk/Zdga7SgD4QPN7KgnzZ V5dCYjNgrc2EY8pf0xmU6lD/pPnqBaW5cCtYn1wwfLpRwRC845rLRaQqSELuDQjj uOd7zFjBM2lbjogsZm+Z8O+qjdVFq9mjgkERznrqW52dLGVaQzSVYwvbJR8xijL8 H8/4tsVZ5TwTU0YdNi4aP4snYgXAYNM3J8t+058cMQ4o3qD5pDM= =zeM5 -----END PGP SIGNATURE-----