From 72065739ec0c24fdf21bba7d653b1ba05179b8d4 Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Wed, 28 Feb 2024 18:36:48 +0000 Subject: Wed Feb 28 18:36:48 UTC 2024 d/parallel-20240222-noarch-1.txz: Upgraded. kde/krita-5.2.2-x86_64-4.txz: Rebuilt. Recompiled against libunibreak-6.0. l/accountsservice-23.13.9-x86_64-1.txz: Upgraded. Thanks to reddog83. l/libass-0.17.1-x86_64-2.txz: Rebuilt. Recompiled against libunibreak-6.0. l/libunibreak-6.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/orc-0.4.38-x86_64-1.txz: Upgraded. l/python-requests-2.31.0-x86_64-1.txz: Upgraded. l/python-urllib3-2.2.1-x86_64-1.txz: Upgraded. l/qt6-6.6.2_20240210_15b7e743-x86_64-1.txz: Added. n/wpa_supplicant-2.10-x86_64-3.txz: Rebuilt. Patched the implementation of PEAP in wpa_supplicant to prevent an authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks. For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-52160 (* Security fix *) xap/gparted-1.6.0-x86_64-1.txz: Upgraded. --- recompress.sh | 1 + 1 file changed, 1 insertion(+) (limited to 'recompress.sh') diff --git a/recompress.sh b/recompress.sh index 0ad895e7c..a08d988a8 100755 --- a/recompress.sh +++ b/recompress.sh @@ -507,6 +507,7 @@ gzip ./source/n/nc/nc.diff gzip ./source/n/wpa_supplicant/patches/wpa_supplicant-quiet-scan-results-message.patch gzip ./source/n/wpa_supplicant/patches/wpa_supplicant-gui-qt4.patch gzip ./source/n/wpa_supplicant/patches/allow-tlsv1.patch +gzip ./source/n/wpa_supplicant/patches/8e6485a1bcb0baffdea9e55255a81270b768439c.patch gzip ./source/n/wpa_supplicant/doinst.sh gzip ./source/n/php/php-fpm.conf.diff gzip ./source/n/php/doinst.sh -- cgit v1.2.3