summaryrefslogtreecommitdiffstats
path: root/source/n/wpa_supplicant/patches/0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch (follow)
Commit message (Expand)AuthorAgeFilesLines
* Wed Jan 19 18:18:02 UTC 2022...ap/inxi-3.3.12_1-noarch-1.txz: Upgraded. ap/man-db-2.9.4-x86_64-3.txz: Rebuilt. Don't use --no-purge in the daily cron job to update the databases. l/gst-plugins-bad-free-1.18.5-x86_64-4.txz: Rebuilt. Link against neon-0.32.2. Thanks to marav. n/bind-9.16.25-x86_64-1.txz: Upgraded. n/ethtool-5.16-x86_64-1.txz: Upgraded. n/samba-4.15.4-x86_64-1.txz: Upgraded. n/wpa_supplicant-2.10-x86_64-1.txz: Upgraded. The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23303 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23304 (* Security fix *) x/xterm-370-x86_64-6.txz: Rebuilt. XTerm-console: improve the font settings. Thanks to GazL. 20220119181802 Patrick J Volkerding2022-01-201-59/+0
* Wed Dec 29 02:42:32 UTC 2021...l/libgsf-1.14.48-x86_64-1.txz: Upgraded. l/netpbm-10.97.00-x86_64-1.txz: Upgraded. n/wpa_supplicant-2.9-x86_64-8.txz: Rebuilt. This update fixes the following security issues: AP mode PMF disconnection protection bypass. UPnP SUBSCRIBE misbehavior in hostapd WPS AP. P2P group information processing vulnerability. P2P provision discovery processing vulnerability. ASN.1: Validate DigestAlgorithmIdentifier parameters. Flush pending control interface message for an interface to be removed. These issues could result in a denial-of-service, privilege escalation, arbitrary code execution, or other unexpected behavior. Thanks to nobodino for pointing out the patches. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0535 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12695 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16275 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27803 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30004 (* Security fix *) xap/seamonkey-2.53.10.2-x86_64-1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.seamonkey-project.org/releases/seamonkey2.53.10.2 (* Security fix *) 20211229024232 Patrick J Volkerding2021-12-291-0/+59