-
wpa (2:2.9-1ubuntu4.4) focal-security; urgency=medium
* SECURITY UPDATE: loading arbitrary shared objects, privilege escalation
- debian/patches/lib_engine_trusted_path.patch: Allow shared objects
to only be loaded from /usr/lib, thanks to mdeslaur
- CVE-2024-5290
-- Sudhakar Verma <email address hidden> Mon, 05 Aug 2024 17:49:49 +0530
-
wpa (2:2.9-1ubuntu4.3) focal-security; urgency=medium
* SECURITY UPDATE: DoS and possible code execution via P2P provision
discovery requests
- debian/patches/CVE-2021-27803.patch: fix a corner case in peer
addition based on PD Request in src/p2p/p2p_pd.c.
- CVE-2021-27803
-- Marc Deslauriers <email address hidden> Mon, 01 Mar 2021 08:44:39 -0500
-
wpa (2:2.9-1ubuntu4.2) focal-security; urgency=medium
* SECURITY UPDATE: P2P discovery heap overflow
- debian/patches/CVE-2021-0326.patch: P2P: Fix copying of secondary
device types for P2P group client
- CVE-2021-0326
* SECURITY UPDATE: UPnP SUBSCRIBE misbehavior in WPS AP
- debian/patches/CVE-2020-12695-1.patch: WPS UPnP: Do not allow
event subscriptions with URLs to other networks
- debian/patches/CVE-2020-12695-2.patch: WPS UPnP: Fix event message
generation using a long URL path
- debian/patches/CVE-2020-12695-3.patch: WPS UPnP: Handle HTTP
initiation failures for events more properly
- CVE-2020-12695
-- Steve Beattie <email address hidden> Tue, 09 Feb 2021 22:29:47 -0800
-
wpa (2:2.9-1ubuntu4.1) focal; urgency=medium
* debian/patches/git_roaming_interface.patch:
- backport upstream fix 'dbus: Move roam metrics to the correct
interface', should reduces the number of events (lp: #1879087)
* debian/NetworkManager/no-mac-addr-change.conf:
- remove configuration options that aren't needed and were copied to
the wrong section, fixes warnings in the log (lp: #1826639)
* debian/patches/Check-for-FT-support-when-selecting-FT-suites.patch:
- Backport upstream fix "Check for FT support when selecting FT suites"
to fix drivers without FT support, thanks Kai-Heng Feng (lp: #1881549)
-- Sebastien Bacher <email address hidden> Wed, 20 May 2020 13:01:53 +0200
-
wpa (2:2.9-1ubuntu4) focal; urgency=medium
* debian/patches/git_realtek_macrand.patch:
- backport an upstream patch to fix issues with some realtek cards
when MAC address randomization is enabled (lp: #1867908)
-- Sebastien Bacher <email address hidden> Wed, 15 Apr 2020 10:08:07 +0200
-
wpa (2:2.9-1ubuntu3) focal; urgency=medium
* No-change rebuild for libgcc-s1 package name change.
-- Matthias Klose <email address hidden> Sun, 22 Mar 2020 17:03:22 +0100
-
wpa (2:2.9-1ubuntu2) eoan; urgency=medium
* SECURITY UPDATE: Incorrect indication of disconnection in certain
situations
- debian/patches/CVE-2019-16275.patch: silently ignore management
frame from unexpected source address in src/ap/drv_callbacks.c,
src/ap/ieee882_11.c.
- CVE-2019-16275
-- <email address hidden> (Leonidas S. Barbosa) Tue, 17 Sep 2019 08:54:07 -0300