-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 11 Apr 2025 16:29:46 +0200 Source: wpa Binary: eapoltest eapoltest-dbgsym hostapd hostapd-dbgsym libwpa-client-dev wpagui wpagui-dbgsym wpasupplicant wpasupplicant-dbgsym wpasupplicant-udeb Architecture: i386 Version: 2:2.10-12+deb12u3 Distribution: bookworm Urgency: medium Maintainer: all / amd64 / i386 Build Daemon (x86-conova-02) Changed-By: Bastien Roucariès Description: eapoltest - EAPoL testing utility hostapd - access point and authentication server for Wi-Fi and Ethernet libwpa-client-dev - development files for WPA/WPA2 client support (IEEE 802.11i) wpagui - graphical user interface for wpa_supplicant wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i) wpasupplicant-udeb - client support for WPA and WPA2 (IEEE 802.11i) (udeb) Changes: wpa (2:2.10-12+deb12u3) bookworm; urgency=medium . * Non-maintainer upload by the LTS Security Team. * debian/patches/CVE-2022-37660.patch: Add hostapd_dpp_pkex_clear_code() and wpas_dpp_pkex_clear_code(), and clear code reusage in ./src/ap/dpp_hostapd.c and ./wpa_supplicant/dpp_supplicant.c * Fix CVE-2022-37660: the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the encrypting element Qi and subtracting it from the captured message M (X = M - Qi). This will result in the public ephemeral key X; the only element required to subvert the PKEX association Checksums-Sha1: ceec39bb43c8bd34ab0402e31aa7b53bd4d1ca63 3530304 eapoltest-dbgsym_2.10-12+deb12u3_i386.deb 7d808f2fdb51dbcdd2620d67032c355258b11328 1255828 eapoltest_2.10-12+deb12u3_i386.deb c71180296bbe84b745b21cf2fd1dcf4785a8bd0f 2428376 hostapd-dbgsym_2.10-12+deb12u3_i386.deb 36ce562fa91709ba986e605ab9df147b4d4fde8e 941672 hostapd_2.10-12+deb12u3_i386.deb ff4b732bd095c97cff0433f2099e347051096da3 35980 libwpa-client-dev_2.10-12+deb12u3_i386.deb 8b4133295d2d2e54487e9de6b0861b3060408321 15132 wpa_2.10-12+deb12u3_i386-buildd.buildinfo f664029ed1c6e8ec1f2f227815aa187c852a6c7c 2223500 wpagui-dbgsym_2.10-12+deb12u3_i386.deb 865eb98bb134face059f7757d9f91cd9a1f9f183 322892 wpagui_2.10-12+deb12u3_i386.deb b9d983f53482f8834ce45cb831d3f0a99aa58877 3967720 wpasupplicant-dbgsym_2.10-12+deb12u3_i386.deb 8fd2845dbddb3dea46da72c85f05a599734da376 408460 wpasupplicant-udeb_2.10-12+deb12u3_i386.udeb 38e4c78d95e409ca823063441447aba16d997435 1533136 wpasupplicant_2.10-12+deb12u3_i386.deb Checksums-Sha256: a7b71bd75ba4ae5754adf0980d4993f22195ebca69ddf7cd39d9ca51c37783da 3530304 eapoltest-dbgsym_2.10-12+deb12u3_i386.deb 8172513652696042334c347432a61d96a8bc0626e959f4298bfe2d59cb66ace0 1255828 eapoltest_2.10-12+deb12u3_i386.deb 3c072a97ef0ef4b31af795d8fff42e03ec3499cd9ef14d3ca0e4aefc6040ac64 2428376 hostapd-dbgsym_2.10-12+deb12u3_i386.deb ea04db4eb7000bc8cea1163848928f9699203ea10d087da958fbd2067c5e33d1 941672 hostapd_2.10-12+deb12u3_i386.deb 9eb1511a5d40d85b36152d102a692a155f6225ad0b439eddc40a0d17c544e569 35980 libwpa-client-dev_2.10-12+deb12u3_i386.deb 7dc909faea943535ac92d4505fc333492e08202d1486c6f58bb2f622e6be76bb 15132 wpa_2.10-12+deb12u3_i386-buildd.buildinfo e8688baafe07717ae886b5cce6c6abb83ea8f25005b1c364fd93b027a1a1423a 2223500 wpagui-dbgsym_2.10-12+deb12u3_i386.deb f8ba7222abc1e0c9854b8d99fc93f1b24a722b8fe30f2aa578ba4e238a165af8 322892 wpagui_2.10-12+deb12u3_i386.deb 89f8751844bba8c934c6c0d16dd47ac9c415c38a442f3e0dd759e323a88db0cb 3967720 wpasupplicant-dbgsym_2.10-12+deb12u3_i386.deb c09a96b5e5e144aeb2107f3911dc4771b61d019ec79c98648eecf24fdff62c9e 408460 wpasupplicant-udeb_2.10-12+deb12u3_i386.udeb f549b78b5d52158df581569324ed29ae949aa05477e7569a594ecbfb4f9897fa 1533136 wpasupplicant_2.10-12+deb12u3_i386.deb Files: bf6079d2bbd5a60d7779140289da23e6 3530304 debug optional eapoltest-dbgsym_2.10-12+deb12u3_i386.deb 60be77d45de5771ec50c9bf57ee40242 1255828 net optional eapoltest_2.10-12+deb12u3_i386.deb 93a94d56abbfedf6e246e608edf30e38 2428376 debug optional hostapd-dbgsym_2.10-12+deb12u3_i386.deb 402dfb19177d95254af910eb5e6b940a 941672 net optional hostapd_2.10-12+deb12u3_i386.deb d52f5c55c37659666482859fbd8f2c50 35980 libdevel optional libwpa-client-dev_2.10-12+deb12u3_i386.deb 42789d898360833adc695fb4ebae7f07 15132 net optional wpa_2.10-12+deb12u3_i386-buildd.buildinfo 396fdb9ac3069e1fd07ef361dd4ebe66 2223500 debug optional wpagui-dbgsym_2.10-12+deb12u3_i386.deb 9162da29aafacfdc98da1e09504c087e 322892 net optional wpagui_2.10-12+deb12u3_i386.deb dd843c7cbbd4302c21583caad9182216 3967720 debug optional wpasupplicant-dbgsym_2.10-12+deb12u3_i386.deb 8b47886c7c62b4f65535c90a94f5636c 408460 debian-installer standard wpasupplicant-udeb_2.10-12+deb12u3_i386.udeb 53ed30344a5ca6a2a8a17464eb386ff1 1533136 net optional wpasupplicant_2.10-12+deb12u3_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEErwLLVsiCiGZggzpHJuP6X4A0XeIFAmhWe/MACgkQJuP6X4A0 XeJjbQ/7BFSdvtI+lms9HCxdjI86VXObHaDsJoCgrPPcX3/utrFo+KBM6zxD+vTO xCHruIwgG9H4TPO0RhWqd0D7r2KOwEdbCV+3OoU63HzGTJ+NzZtV5ppY54nt/upT zw9kBXsMB5ikwhUJaWXxio8GCrw2xTFCigHp8VGi1ZYYHl6z/PKh2+p5UCedohyn dVVafqxs1WKNDmSHhE65T5JZDwPHiz6yFuN7eL2AUmsn564bdEk4XzEQkXaTaMZd IUUEwpRqRol7T+uPGMaGp9mBmD7AHgqbUkIk2KWlH6bBBkHMA5MLJK6KgSOlCnfX 61e1Jh9YoNLZmFczIQxL7SoJ67aCiDEs4+haZoqGrqbFlLFS7lDhL0PpfRkB2VTB pjdRfrP5JVYSYKfkeqrMEULlbopMIso6svjws3tM/sLUcgRUmVfOw9PnWUXQbLoq 2qb8nAicwI2syW4+aldpOl4L+YpgcwYZae+6DUjCyKo+kQL3S/NlIInJAVna+S6o wLWot3C6TQSreFlklm1Ss7VDjLPm1bAcCUbQ8r+wAZeugb4QQyaGJvU8/UweATdn CdSOZZsTVfpga3VGo3lULTHqHCHnnci2/5JBrBXeg5nbp8uOXrg9ad8tieiocdXa RpeZtb7v9rbgxiaVtEmjUZ4uR8rFWlaLUs+L1xkYEb8CKbg0Z5k= =lMIh -----END PGP SIGNATURE-----