1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 3052-1] wpa security update

    From Michael Gilbert@1:229/2 to All on Thu Oct 16 06:10:01 2014
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-3052-1 [email protected] http://www.debian.org/security/ Michael Gilbert October 15, 2014 http://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : wpa
    CVE ID : CVE-2014-3686
    Debian Bug : 765352

    Jouni Malinen discovered an input sanitization issue in the wpa_cli and hostapd_cli tools included in the wpa package. A remote wifi system
    within range could provide a crafted string triggering arbitrary code
    execution running with privileges of the affected wpa_cli or hostapd_cli process.

    For the stable distribution (wheezy), this problem has been fixed in
    version 1.0-3+deb7u1.

    For the testing distribution (jessie), this problem will be fixed soon.

    For the unstable distribution (sid), this problem has been fixed in
    version 2.3-1.

    We recommend that you upgrade your wpa packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1

    iQQcBAEBCgAGBQJUP0NCAAoJELjWss0C1vRzUI0f/0+0H+kYgMDFtpdD9ujvGd4J Su4KrAw3ZfX+4HXaBn0LrF8siOMChdCmsNDGp54B3PnCTNNuC1I13wDu01jgqJGa sQnnie4XeTKF3hRLm1BLIkp5ozwtLKxEZA1KYoaVOEJq/06wO7YGNJG+ObDMFcUG pJbqqtpBaQ/f2NhY3N4RfOgBuVsEPDSw2vYA9aaXJp1gilOJWkenCvrIvmMwWnHu bslSiqlv7TozQY387cPUKCco19mRcskkl87eaL2ptQ4q67p4yB2Rw6NHJp+HnC1T EQhLBVJJiE0PTqYckVVtU0yRuj5yqgRB8Pgq6Qe7/n3LdKhemnMsT3QuTzMJbSUI Dxro/54MM9NzggbqoqaCTZDkv3E6MuFvnkB1r5r/9I57L3f1iSX9sBU23LTRq146 dcvyaQZwB93rPHvM18tMOS+cnx2cylyQdwIxsSzOrfYbqBE6ibJ/VbQTUJAo/yEs 7wHDB5FN3KTfWygPS+MbiO+ZTuBlV7bGQs0lli07guDLkt8PPSjkctF/ycK4CiO1 u3DCDpoeB+7gN6kwHAEq+FlCH64UDac9YsZFXmvh+QBJ3hecy4Sg5vF0KnEzJaLb 6bQmoCnw4hXkBfqdMeVgdDQNmDTRMWM31gD1MKZmyXFQioeUeK7jIi8zWo7Q9LQp bFIoegAgBXtjUNs2+XNyAWVUC61e5iPTzbPS4m9EibKNV2kKmcSDLvgyprz24Wrq 0sVVv2MC0tA6g5eD4Xkcjs4ERrgjcEJHye0p2pUkxOie0ln2olGnUmMIMp3LJ9au zo7LAk1TI4KppJBRj0o34qykXU//M0mG+Y6I2GZMsfamqcCOPq41sXHpm8c/EyUA Uv91COG9z3JfEvw8X6PHxU/ZB/K6mwi/8fldBTBXmCAGaBLyKF2m3IHhv7l9TWpx qs70ldpz82yE9nP4j79su8qglrLF1X6Ef5ClySe7/l4DlkyKy1/LJc//7hG7ml8T ukmiLoNDEDUMBKqOxX6w5fOVtoGDrn7jyZVlEgAhGSb78UckOKnaGgf+hLd/PD98 rCYuw9qoAbUYmja7PG5AKfxz7VfRL3rOvbt4DfBYXd1F6UiJVLLVmLOshBW050qe AYxMCnjRFUYcWrOjX2YjAaEEYHvIA0ZewBWXo17/bKOK0GCAwm9v4xi263qjkC9F 2e3Qg1HaEMxwN4TFpEigpUL429OwLagvR/5nrd/XBl14WSXhbcUw4UENNd2L2bv9 wM2Y4UoB8q8X6T2Vb8CwYNW8t8hRRbB/caV6wQLeh0L1QMMFqf/SCBQ5VFRMXUag GTknMs9oYCT0EXg0ketGSKKMfNzQLinUD1cFl+vbt7yw5aNGY9PqlqBQVMQCmBg=
    =7z9s
    -----END PGP SIGNATURE-----


    --
    To UNSUBSCRIBE, email to [email protected]
    with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)