-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 30 Apr 2024 22:45:18 +0000
Source: wpa
Binary: eapoltest eapoltest-dbgsym hostapd hostapd-dbgsym libwpa-client-dev wpagui wpagui-dbgsym wpasupplicant wpasupplicant-dbgsym wpasupplicant-udeb
Architecture: arm64
Version: 2:2.9.0-21+deb11u1
Distribution: bullseye
Urgency: high
Maintainer: arm Build Daemon (arm-ubc-02) <buildd_arm64-arm-ubc-02@buildd.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Description:
 eapoltest  - EAPoL testing utility
 hostapd    - access point and authentication server for Wi-Fi and Ethernet
 libwpa-client-dev - development files for WPA/WPA2 client support (IEEE 802.11i)
 wpagui     - graphical user interface for wpa_supplicant
 wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i)
 wpasupplicant-udeb - client support for WPA and WPA2 (IEEE 802.11i) (udeb)
Closes: 1064061
Changes:
 wpa (2:2.9.0-21+deb11u1) bullseye; urgency=high
 .
   * Non-maintainer upload on behalf of the Security Team.
   * Fix CVE-2023-52160 (Closes: #1064061):
     The implementation of PEAP in wpa_supplicant allows
     authentication bypass. For a successful attack,
     wpa_supplicant must be configured to not verify
     the network's TLS certificate during Phase 1
     authentication, and an eap_peap_decrypt vulnerability
     can then be abused to skip Phase 2 authentication.
     The attack vector is sending an EAP-TLV Success packet
     instead of starting Phase 2. This allows an adversary
     to impersonate Enterprise Wi-Fi networks.
Checksums-Sha1:
 f30a07ba22acae444358778e413de34d46cfe257 3466432 eapoltest-dbgsym_2.9.0-21+deb11u1_arm64.deb
 db8f694fdad324cd95d5c249daecd2925d9a8636 945224 eapoltest_2.9.0-21+deb11u1_arm64.deb
 8e0890da8d7ca6735a2a436821cff42f5efb05e8 2519752 hostapd-dbgsym_2.9.0-21+deb11u1_arm64.deb
 cd4d5d80f050fa92ed3922973b9de601ae05c162 762816 hostapd_2.9.0-21+deb11u1_arm64.deb
 1d2909f084a93ffc8f20ce4135b0ccaf8f1b63f3 72244 libwpa-client-dev_2.9.0-21+deb11u1_arm64.deb
 1b721870f0d3e3cb11a22ad65bcc8debff16eee6 15099 wpa_2.9.0-21+deb11u1_arm64-buildd.buildinfo
 b2e8a8be2dc1e1f781c6986e5e0c362117271cb7 1750948 wpagui-dbgsym_2.9.0-21+deb11u1_arm64.deb
 a68a6ebd0f79897f4cfc60f5f401c610ca843156 338596 wpagui_2.9.0-21+deb11u1_arm64.deb
 2dd6edc4a6af82ef18a0f4641c9c9b14e6c2c02c 3932068 wpasupplicant-dbgsym_2.9.0-21+deb11u1_arm64.deb
 eb0ae602dd4051c89cc509f064231cfcfbe7f21b 303516 wpasupplicant-udeb_2.9.0-21+deb11u1_arm64.udeb
 fcb7123938e726ba5aab887b3aefee5e4ec9e2b9 1189456 wpasupplicant_2.9.0-21+deb11u1_arm64.deb
Checksums-Sha256:
 e9cd9f3ae42b89cd07370d3aced3744bb55b7eed89bc0568db92689fd71d0780 3466432 eapoltest-dbgsym_2.9.0-21+deb11u1_arm64.deb
 5c912388d2a628edf59880efb965999f3acf896c920af1b5be405476151c3394 945224 eapoltest_2.9.0-21+deb11u1_arm64.deb
 8f8c94a1e32db294f2926cb89d9af86bc7e4d6df5b2dac399bc2cbf2e244b235 2519752 hostapd-dbgsym_2.9.0-21+deb11u1_arm64.deb
 6552855c98364d23c26ff018768c9a897c26c2a4865754845c1339fbc3226e32 762816 hostapd_2.9.0-21+deb11u1_arm64.deb
 9335505770e485febf0eee17de2dd27cd34b512fce3b1288e71e98ce03815365 72244 libwpa-client-dev_2.9.0-21+deb11u1_arm64.deb
 a72d6dd9ddef8a67cf07c0061bb618e0b72086dea1af543b69ab6f6f37743bb9 15099 wpa_2.9.0-21+deb11u1_arm64-buildd.buildinfo
 04cedc98b650408d80dec26fdc4f77cfcf123b224212a5979398aae3f0d934cc 1750948 wpagui-dbgsym_2.9.0-21+deb11u1_arm64.deb
 8545d8fd534d873b313ba1aa5adeecd8b2fd80641f9998a42b947be29bc2b893 338596 wpagui_2.9.0-21+deb11u1_arm64.deb
 dc6941bc9cdf76bbc9f4589d12ec690ad77519f92ec5e8145b4eb3c41b7ea04c 3932068 wpasupplicant-dbgsym_2.9.0-21+deb11u1_arm64.deb
 8ee29148c36f1e51f217a5cc4bbd5c2d78d190ee8a015f2b075c941c7a227ba7 303516 wpasupplicant-udeb_2.9.0-21+deb11u1_arm64.udeb
 974caa194abd16b45b076c007e6ec1db2f5b276953b914a9d19ba33428cd5d8e 1189456 wpasupplicant_2.9.0-21+deb11u1_arm64.deb
Files:
 cda1f991b3074d2bd0d569cc5751932b 3466432 debug optional eapoltest-dbgsym_2.9.0-21+deb11u1_arm64.deb
 fc9e9fc7afda81d721a1ec9eb3b90d4f 945224 net optional eapoltest_2.9.0-21+deb11u1_arm64.deb
 7f4cac93b27a34ffee7e2033930ed026 2519752 debug optional hostapd-dbgsym_2.9.0-21+deb11u1_arm64.deb
 a0779d23257cd881056ac45ecf4acd11 762816 net optional hostapd_2.9.0-21+deb11u1_arm64.deb
 33739c0da9404df6229e8ccffa178abb 72244 libdevel optional libwpa-client-dev_2.9.0-21+deb11u1_arm64.deb
 d63402996f01c659faf9a5ddef6ec552 15099 net optional wpa_2.9.0-21+deb11u1_arm64-buildd.buildinfo
 5ab271f24695180185e3a36d71689d57 1750948 debug optional wpagui-dbgsym_2.9.0-21+deb11u1_arm64.deb
 5dafc771f4858fbbabe72c88a05dbb06 338596 net optional wpagui_2.9.0-21+deb11u1_arm64.deb
 fb66596a0836ee23f230a27a9070d304 3932068 debug optional wpasupplicant-dbgsym_2.9.0-21+deb11u1_arm64.deb
 8f5f236d7351392a15acad601fa4395f 303516 debian-installer standard wpasupplicant-udeb_2.9.0-21+deb11u1_arm64.udeb
 7ce80629f1d744bffa3c3852d867dd43 1189456 net optional wpasupplicant_2.9.0-21+deb11u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE9C4sZYDxwNo9XoUDaRWK3AIe28EFAmZ0gxgACgkQaRWK3AIe
28Grgg//SImeS7t8eP8zYothF68193zMA/an+PczbV9EBZyALRNrNKQY4Kk+RvJH
B5eKuHe319MaAqT4zUa/kA17RY4xuNDdmHXFJ+g+VE5BKqx7ixF3DBSfGnGEJH9j
ta1H4iEJlVTzH3Rk3iTameVBMY2zwqac8cz2gvrwNQlg3f1/qLxqc2cnQwyURFVk
/iMnh24x3ztiO8wIZo7cXCQc9X9iJmOwNeyjavAbaCFqk/9mE6xKPsrFBOGm203D
PIXE0ZWh4JYg+xA4Q9qIIwr7EZlYR4IML2ms9vk75H6hvnCLnPDGC1uTj438JOY8
FcCq6VKFwFcSwGEgG+6/eJ+NWECR1P0bIHX3hruvDykswNT8svG5XOosKnUyGsd/
7/6M0Z5UAIzSiz0kodOUQPuUKb9ot5d2xUZEq1K+xFq3meBkAubt2EkfwToW0LNI
9x8qhJ6qv/Eu6O62676JNafS3+ZwgT6QUKJ60UHMh+j3563VHAALGX6Xlxa4LRtI
LXrvhEWt0iHQBr1nuxv0jRQnTa8LHvaAq9uGW4yqyoKNFd6kb91cb1YDD6svNPJ2
DXSqWgWNOpG3JHdFqjdbHnEiL7L8N3a1AJiZrJN4PKZtsS5YxeAc8ikI2AvDcxrl
UWPvrj5t4RU839jVhlsqLHRQ63EmaSpGkC/Ii/9fVoCVLlfjc3s=
=hUPT
-----END PGP SIGNATURE-----