-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 11 Apr 2025 16:29:46 +0200 Source: wpa Binary: eapoltest eapoltest-dbgsym hostapd hostapd-dbgsym libwpa-client-dev wpagui wpagui-dbgsym wpasupplicant wpasupplicant-dbgsym wpasupplicant-udeb Architecture: armel Version: 2:2.10-12+deb12u3 Distribution: bookworm Urgency: medium Maintainer: arm Build Daemon (arm-ubc-01) Changed-By: Bastien Roucariès Description: eapoltest - EAPoL testing utility hostapd - access point and authentication server for Wi-Fi and Ethernet libwpa-client-dev - development files for WPA/WPA2 client support (IEEE 802.11i) wpagui - graphical user interface for wpa_supplicant wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i) wpasupplicant-udeb - client support for WPA and WPA2 (IEEE 802.11i) (udeb) Changes: wpa (2:2.10-12+deb12u3) bookworm; urgency=medium . * Non-maintainer upload by the LTS Security Team. * debian/patches/CVE-2022-37660.patch: Add hostapd_dpp_pkex_clear_code() and wpas_dpp_pkex_clear_code(), and clear code reusage in ./src/ap/dpp_hostapd.c and ./wpa_supplicant/dpp_supplicant.c * Fix CVE-2022-37660: the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the encrypting element Qi and subtracting it from the captured message M (X = M - Qi). This will result in the public ephemeral key X; the only element required to subvert the PKEX association Checksums-Sha1: 29a338a9a8e2dd220ca5115f5b4a2440a3924e77 3958236 eapoltest-dbgsym_2.10-12+deb12u3_armel.deb b5e8957b33644e1e630890523ee77f5b6729e3c9 934956 eapoltest_2.10-12+deb12u3_armel.deb 240f7cacec86d1abad1d7f7afb00f7cb0ac6239a 2700320 hostapd-dbgsym_2.10-12+deb12u3_armel.deb 20e499de3481531b023a2ece9a30b000bc21d07b 718172 hostapd_2.10-12+deb12u3_armel.deb 530ca3112eb3c180a2636cd6bf828a3c20565f54 31600 libwpa-client-dev_2.10-12+deb12u3_armel.deb 6e39b9d386f358a5ed54fa849ee7de8e901277ea 15019 wpa_2.10-12+deb12u3_armel-buildd.buildinfo 0a5762716da5d7cc21c33b1718cdbffc346890db 2191988 wpagui-dbgsym_2.10-12+deb12u3_armel.deb 2a4d50ccf6d953023c7fc64c9cc2b7577af27988 299672 wpagui_2.10-12+deb12u3_armel.deb 4aefcfb3bfe1b0569cac8e86446c9ed79bc29355 4453468 wpasupplicant-dbgsym_2.10-12+deb12u3_armel.deb 2ae839589a64c655afcfb08341f4b4f12f614a77 303260 wpasupplicant-udeb_2.10-12+deb12u3_armel.udeb b90847a46090943a0fe2c914f507517498a17259 1173456 wpasupplicant_2.10-12+deb12u3_armel.deb Checksums-Sha256: fc0c0702c680b27f3a1fcdc19a5d8b0a4fea77a1aae131d5456bb7b5c6ca15ae 3958236 eapoltest-dbgsym_2.10-12+deb12u3_armel.deb 6a90eabc04870b68104167db07a2605c139793cf31d14387ba30a81f245c1ed6 934956 eapoltest_2.10-12+deb12u3_armel.deb 0e5aaffef5e28c605e57ab128abf24d5d3c5f93d4bf7d5d1d167219dc7c25906 2700320 hostapd-dbgsym_2.10-12+deb12u3_armel.deb 2019757875a2e868b9f22a6b032e4cf31c25c63fe6f847664ccbbc7b5a6e947a 718172 hostapd_2.10-12+deb12u3_armel.deb ce88cf00de1801f7a87c012a0a1b03a7bcfbbf1e31c438be8410f110a20f0502 31600 libwpa-client-dev_2.10-12+deb12u3_armel.deb 869e8176ac27e8f92486acd67bbcf47f4024129f145ef1bf97d720c4777ea9b3 15019 wpa_2.10-12+deb12u3_armel-buildd.buildinfo a85baa25629c37813fa8d20cc1403aa504753a9733ad810ddec49dff96e9eb0d 2191988 wpagui-dbgsym_2.10-12+deb12u3_armel.deb 73f2d9aaaa1639a3acb1e79dcc7dbc8d4c7dd57d8f412adf74899418d311508c 299672 wpagui_2.10-12+deb12u3_armel.deb 8c6a8c6252c4493cfa0974c9d13bd4bb6b95f5352448a0618e48711c3e5762ae 4453468 wpasupplicant-dbgsym_2.10-12+deb12u3_armel.deb 118495f68a2addbce8b13b8e9344456f55ecd4f9b388ab0e53171e8a0263bd42 303260 wpasupplicant-udeb_2.10-12+deb12u3_armel.udeb d74f7ecd21841755563ea969839100e92790e7756875b2e93ffa32e99bc7b935 1173456 wpasupplicant_2.10-12+deb12u3_armel.deb Files: 0fe6afcd9a0f3e5a64a6dcfc6f4a8f6b 3958236 debug optional eapoltest-dbgsym_2.10-12+deb12u3_armel.deb 3c4cc6c60661aafa67ff80c9f2f7f7a3 934956 net optional eapoltest_2.10-12+deb12u3_armel.deb 05a94566b20653423416ce735246c9d5 2700320 debug optional hostapd-dbgsym_2.10-12+deb12u3_armel.deb 84ba15f6eaec03a08d1f509265bcbd30 718172 net optional hostapd_2.10-12+deb12u3_armel.deb b2181260736e9d9d21d5740e17dbaafe 31600 libdevel optional libwpa-client-dev_2.10-12+deb12u3_armel.deb ec4256e672933050803777d8ce3ccb5a 15019 net optional wpa_2.10-12+deb12u3_armel-buildd.buildinfo 9157014571a95dccc084ce357ed8d92d 2191988 debug optional wpagui-dbgsym_2.10-12+deb12u3_armel.deb c59c8e94f683ddacdb04f623d8111bab 299672 net optional wpagui_2.10-12+deb12u3_armel.deb 6f043f992bb3722896b74b2c2960fb45 4453468 debug optional wpasupplicant-dbgsym_2.10-12+deb12u3_armel.deb 9bf28fd7a130852c9fc5e85fe6ba8f11 303260 debian-installer standard wpasupplicant-udeb_2.10-12+deb12u3_armel.udeb 30d0c709295c4f508765eca24f0ee9e2 1173456 net optional wpasupplicant_2.10-12+deb12u3_armel.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEq41qkgEcGaML+/CnCr/D/stJkDwFAmhWfdgACgkQCr/D/stJ kDwHJQ//VqHKYneo0T63y46fJ+thJwNii7jdCyurmpOEacLwWNl2JiZaEoWNNW2n qNNPOLxVh7hBE1dt+z5wJ9lyLsjLRcyCrY09lHVsF6lLPoWr9WaADRsoVvQZLfhp cazb/T+fUxZh580+D0MEzABpYL6T1deqSQT/jHYBqW/Yopb66/x9tejmTXgN0H9A aHbLmD6ReUjGENOx0rxAtdNpIgZrwh2WEwlmSelcRRKStPHrOrl+KIlHyV1JWxIn 2uQkDECTf1eeKiEMU/NU+5HXwOvzQJ2rCLByIvXfrw+PxlXMUf2LwRNZwHdgkbAn 37pBYtZ51l4741SE1HpmORB6h+3+3ipvniX29/5b4S6uOL5R8bJmoKbVk4Js7ez8 5OAghuB8171TxCpVVr6yA2gjU1tfkijYV8NtdGqZwUG+RcUlUZsEF4sHBwRTIIXx rXOfNw7LlFuyO0MXAMfVyKZhHVYtYIvwyKcdQ9etl5TZCHO9VK/eR49yWi7CDB1C 3bS3ADgAD6rcTXwEXFpb50Bn5ItosWNsGuyBNzJSax/0gddSOT6DKpFwE2BP+MQL me7P69MdyJbVGqHj7u1R6WQ4CzX4EhaeADwLdgRxmW8lzIlkKWoa4h4WKYuJopQr m/v3fdjgJ+MF5ztQmTyxQGJHDtOGzDlFFH+c0nJP5JWTfePEeJc= =398w -----END PGP SIGNATURE-----