diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2021-12-29 02:42:32 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2021-12-29 08:59:55 +0100 |
| commit | 58eb3d5294fad71e08ea24b683dea0905c86c827 (patch) | |
| tree | d00c7a42e4cbf0cdbaee9ea00edc5855a4174e0c /source/n/wpa_supplicant/wpa_supplicant.SlackBuild | |
| parent | ac00706594d04f1b74af59b2437af2165087610b (diff) | |
| download | current-58eb3d5294fad71e08ea24b683dea0905c86c827.tar.gz current-58eb3d5294fad71e08ea24b683dea0905c86c827.tar.xz | |
Wed Dec 29 02:42:32 UTC 202120211229024232
l/libgsf-1.14.48-x86_64-1.txz: Upgraded.
l/netpbm-10.97.00-x86_64-1.txz: Upgraded.
n/wpa_supplicant-2.9-x86_64-8.txz: Rebuilt.
This update fixes the following security issues:
AP mode PMF disconnection protection bypass.
UPnP SUBSCRIBE misbehavior in hostapd WPS AP.
P2P group information processing vulnerability.
P2P provision discovery processing vulnerability.
ASN.1: Validate DigestAlgorithmIdentifier parameters.
Flush pending control interface message for an interface to be removed.
These issues could result in a denial-of-service, privilege escalation,
arbitrary code execution, or other unexpected behavior.
Thanks to nobodino for pointing out the patches.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0326
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0535
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12695
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16275
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27803
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30004
(* Security fix *)
xap/seamonkey-2.53.10.2-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.10.2
(* Security fix *)
Diffstat (limited to '')
| -rwxr-xr-x | source/n/wpa_supplicant/wpa_supplicant.SlackBuild | 46 |
1 files changed, 28 insertions, 18 deletions
diff --git a/source/n/wpa_supplicant/wpa_supplicant.SlackBuild b/source/n/wpa_supplicant/wpa_supplicant.SlackBuild index eee5ff45e..8539c099b 100755 --- a/source/n/wpa_supplicant/wpa_supplicant.SlackBuild +++ b/source/n/wpa_supplicant/wpa_supplicant.SlackBuild @@ -1,31 +1,31 @@ #!/bin/bash # Copyright 2004-2008 Eric Hameleers, Eindhoven, NL -# Copyright 2008-2020 Patrick J. Volkerding, Sebeka, MN, USA -# Permission to use, copy, modify, and distribute this software for -# any purpose with or without fee is hereby granted, provided that -# the above copyright notice and this permission notice appear in all -# copies. +# Copyright 2008-2021 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. # -# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED # WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -# IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR -# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF -# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT -# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# ----------------------------------------------------------------------------- +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. cd $(dirname $0) ; CWD=$(pwd) PKGNAM=wpa_supplicant VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-7} +BUILD=${BUILD:-8} SRCVERSION=$(printf $VERSION | tr _ -) @@ -89,6 +89,16 @@ zcat $CWD/patches/wpa_supplicant-flush-debug-output.patch.gz | patch -p1 --verbo zcat $CWD/patches/wpa_supplicant-gui-qt4.patch.gz | patch -p1 --verbose || exit 1 zcat $CWD/patches/wpa_supplicant-quiet-scan-results-message.patch.gz | patch -p1 --verbose || exit 1 +# Security fixes for CVE-2021-0326 CVE-2021-0535 CVE-2020-12695 CVE-2019-16275 CVE-2021-27803 CVE-2021-30004: +zcat $CWD/patches/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/0001-P2P-Fix-copying-of-secondary-device-types-for-P2P-gr.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/0001-P2P-Fix-a-corner-case-in-peer-addition-based-on-PD-R.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/a0541334a6394f8237a4393b7372693cd7e96f15.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/8ca330bd709bf7c000dfda5b1edbc0cbeabb8b55.patch.gz | patch -p1 --verbose || exit 1 + # Allow legacy tls to avoid breaking WPA2-Enterprise: zcat $CWD/patches/allow-tlsv1.patch.gz | patch -p1 --verbose || exit 1 |