-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 11 Apr 2025 16:29:46 +0200 Source: wpa Binary: eapoltest eapoltest-dbgsym hostapd hostapd-dbgsym libwpa-client-dev wpagui wpagui-dbgsym wpasupplicant wpasupplicant-dbgsym wpasupplicant-udeb Architecture: mipsel Version: 2:2.10-12+deb12u3 Distribution: bookworm Urgency: medium Maintainer: mipsel Build Daemon (mipsel-osuosl-04) Changed-By: Bastien Roucariès Description: eapoltest - EAPoL testing utility hostapd - access point and authentication server for Wi-Fi and Ethernet libwpa-client-dev - development files for WPA/WPA2 client support (IEEE 802.11i) wpagui - graphical user interface for wpa_supplicant wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i) wpasupplicant-udeb - client support for WPA and WPA2 (IEEE 802.11i) (udeb) Changes: wpa (2:2.10-12+deb12u3) bookworm; urgency=medium . * Non-maintainer upload by the LTS Security Team. * debian/patches/CVE-2022-37660.patch: Add hostapd_dpp_pkex_clear_code() and wpas_dpp_pkex_clear_code(), and clear code reusage in ./src/ap/dpp_hostapd.c and ./wpa_supplicant/dpp_supplicant.c * Fix CVE-2022-37660: the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the encrypting element Qi and subtracting it from the captured message M (X = M - Qi). This will result in the public ephemeral key X; the only element required to subvert the PKEX association Checksums-Sha1: 955e1dbc1421d7e847830f62aec63a69c4f85422 4171532 eapoltest-dbgsym_2.10-12+deb12u3_mipsel.deb d92ae596d913d3771da6ca1e49a4549b35c31bbe 1041656 eapoltest_2.10-12+deb12u3_mipsel.deb 368d82da01754f53d7c51dc4d8cc6b6678b80ffa 2848464 hostapd-dbgsym_2.10-12+deb12u3_mipsel.deb 2b4cbed77a3b68fe81202c5e028d202f19009e75 794840 hostapd_2.10-12+deb12u3_mipsel.deb 9035fbf55a18de664333cf28071bc6b84a8cecc3 34932 libwpa-client-dev_2.10-12+deb12u3_mipsel.deb be21582fcf67c0c7364e48fcac70df7c7f389d41 14977 wpa_2.10-12+deb12u3_mipsel-buildd.buildinfo 29243e3b8c8a63526054f55f4dcd05cd648fb973 2268108 wpagui-dbgsym_2.10-12+deb12u3_mipsel.deb 0eb373f25cd0fe3c8bdda18be77b4fb54071283c 304396 wpagui_2.10-12+deb12u3_mipsel.deb 9ea2f507df555fb7b594a786d68f48fa1fa51c1a 4696684 wpasupplicant-dbgsym_2.10-12+deb12u3_mipsel.deb f5653351d06bb492fe6375836710a741e8a8ce90 343920 wpasupplicant-udeb_2.10-12+deb12u3_mipsel.udeb 92e5e81f0b4bc62a0778a1d01cffe19d3194e643 1293484 wpasupplicant_2.10-12+deb12u3_mipsel.deb Checksums-Sha256: 89eff85515fc88942f8f33e80d757c70dc4a683fafd4860cb0ad3d295d5a07f3 4171532 eapoltest-dbgsym_2.10-12+deb12u3_mipsel.deb 59ae2e1ca27f8f22484e5c1146e0d82ebc32730e077efda738f2ccda06a832d7 1041656 eapoltest_2.10-12+deb12u3_mipsel.deb 6a4bcf19c238424131e6d2c04b0179373476b6aa0e192cd0a1fcbdc50a5d0361 2848464 hostapd-dbgsym_2.10-12+deb12u3_mipsel.deb c70e6b16e897185137fa15edd387239638b54e649430879245468a614f9438f0 794840 hostapd_2.10-12+deb12u3_mipsel.deb 290d688acd9773867d8e0ecd7d3ea3cbe5bc67c220172273b96cd393f009eb82 34932 libwpa-client-dev_2.10-12+deb12u3_mipsel.deb 9b0a90287166575da3f3de1ce6d11b984425dfd3b148dc7646d1c5f9b176e6e1 14977 wpa_2.10-12+deb12u3_mipsel-buildd.buildinfo 08b3ef78c9b8dd7a5424b22c301249301ce3b126df801517860732ea01d09003 2268108 wpagui-dbgsym_2.10-12+deb12u3_mipsel.deb 5f655e446c962b4560ef41f4ee102c199da350dad43ed0a795ee72d78d7184ab 304396 wpagui_2.10-12+deb12u3_mipsel.deb 07360f08482bc57222d9c68695d8454b12a130d9538f84d8bcbaae04c283e3ac 4696684 wpasupplicant-dbgsym_2.10-12+deb12u3_mipsel.deb caeedea2a131223a668621ca3c36cce7bb517f67328ce0b6189af1f93b7ab391 343920 wpasupplicant-udeb_2.10-12+deb12u3_mipsel.udeb 090cadfc9b7153b39bfbec95d8b8c3230e80034c3543ca4bc2aed866443fa573 1293484 wpasupplicant_2.10-12+deb12u3_mipsel.deb Files: 9940f3f2c2cb235e789053f1b5540afc 4171532 debug optional eapoltest-dbgsym_2.10-12+deb12u3_mipsel.deb c96eba4d2d3c5570a9638961ff1dc917 1041656 net optional eapoltest_2.10-12+deb12u3_mipsel.deb a6517dd899d2195fb4b20bfa88c42b9f 2848464 debug optional hostapd-dbgsym_2.10-12+deb12u3_mipsel.deb bde0192f08838c44a90b374f9826de74 794840 net optional hostapd_2.10-12+deb12u3_mipsel.deb 14b442254ed0586ac87dc0f2e38e673f 34932 libdevel optional libwpa-client-dev_2.10-12+deb12u3_mipsel.deb 457d5fe0c1c79af7f06b915fb00a77f4 14977 net optional wpa_2.10-12+deb12u3_mipsel-buildd.buildinfo 603c340438dd5386cc44704b6200edef 2268108 debug optional wpagui-dbgsym_2.10-12+deb12u3_mipsel.deb e6452054ca51d718f56ba35dc33b747c 304396 net optional wpagui_2.10-12+deb12u3_mipsel.deb 3e960c273c4db3bceaa29a75fb2644d8 4696684 debug optional wpasupplicant-dbgsym_2.10-12+deb12u3_mipsel.deb 726d86c0eb5a8bf71a0505a8fc25c818 343920 debian-installer standard wpasupplicant-udeb_2.10-12+deb12u3_mipsel.udeb 2d5148bb58f9ea5d770ac3590f5077e0 1293484 net optional wpasupplicant_2.10-12+deb12u3_mipsel.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEERbXMbY9VMQqnSaVEV4aVsMglzVcFAmhWf3MACgkQV4aVsMgl zVcAnRAAm+OxQLqbqxYKA63D6Kg85LRjuqPAmo1KqwizoBNZt9KJjV4zp1KbzZMs satgyCUIJi2ztOj6v4vbo0Adz7U4yo2Bh8xQEsDwhgZdF02Dd8E4poRgIfulkIXV j1hio7CLgfaRAJ5hD32IpnBviYmTF3KQZ9WUjuhcgWdTlGPFtesq5FmLKx4TolJt NeTErrDhNkjcfkWvDr8e7MbSx8Fc+0g+qeSQfLszWMgJ3RjaEisFNrdkq045qwNk 6ljXD83Byfp2uS4GSW//Y4Qni9QhL55zoHZ2cKfIz6aSnQPLmLU50uYLCFDiANLW ANj4TMPXoEwvdz29WupX66E8XYzg4sfL96WzjDktsIPUD5FPPhGaRUGSCs1WLlka LbUrv2FSuLcHKNb1BLL8QGdQcnmumxBvfqqvkVJi/wzaxEiT9MfNjRjDiroZVU5J i0r/QRzYJMo0ssR9pVLG2mfH6kqSlN4LFEGfQ1LWRcdqGscCrWeWmZIxDITdU4Zl PARaCA3uDcMh+q4lSqftm4T+L4SZ0YzRRddoM4KbnhEm936CIMXYCwPcY1S8QKA9 nChHmCzsz4PTOJpe/0DALZl7B/aT3FRtETIRXmtfgXOK5rFFBFSnwwJHvncyuO71 hYdvQCCkxmCyl7Zv86HfSZXT/SjeQMI9KERa5IeJq6TQ2tV7284= =DBXs -----END PGP SIGNATURE-----