Ubuntu
wpa package

Branches for Utopic

Name Status Last Modified Last Commit
lp://staging/ubuntu/utopic-proposed/wpa 2 Mature 2014-10-10 09:15:39 UTC
15. * SECURITY UPDATE: arbitrary command ...

Author: Marc Deslauriers
Revision Date: 2014-10-10 09:15:39 UTC

* SECURITY UPDATE: arbitrary command execution via unsanitized string
  passed to action scripts by wpa_cli and hostapd_cli
  - debian/patches/CVE-2014-3686.patch: added os_exec() helper to
    src/utils/os.h, src/utils/os_unix.c, src/utils/os_win32.c,
    use instead of system() in wpa_supplicant/wpa_cli.c,
    hostapd/hostapd_cli.c.
  - CVE-2014-3686
lp://staging/ubuntu/utopic-security/wpa 2 Mature 2015-06-15 10:33:55 UTC
17. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2015-06-15 10:33:55 UTC

* SECURITY UPDATE: denial of service via WPS UPnP
  - debian/patches/CVE-2015-4141.patch: check chunk size in
    src/wps/httpread.c.
  - CVE-2015-4141
* SECURITY UPDATE: denial of service via AP mode WMM Action frame
  - debian/patches/CVE-2015-4142.patch: check length in src/ap/wmm.c.
  - CVE-2015-4142
* SECURITY UPDATE: denial of service via EAP-pwd
  - debian/patches/CVE-2015-4143-4146.patch: check lengths in
    src/eap_peer/eap_pwd.c, src/eap_server/eap_server_pwd.c.
  - CVE-2015-4143
  - CVE-2015-4144
  - CVE-2015-4145
  - CVE-2015-4146
lp://staging/ubuntu/utopic-updates/wpa 2 Mature 2015-06-15 10:33:55 UTC
17. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2015-06-15 10:33:55 UTC

* SECURITY UPDATE: denial of service via WPS UPnP
  - debian/patches/CVE-2015-4141.patch: check chunk size in
    src/wps/httpread.c.
  - CVE-2015-4141
* SECURITY UPDATE: denial of service via AP mode WMM Action frame
  - debian/patches/CVE-2015-4142.patch: check length in src/ap/wmm.c.
  - CVE-2015-4142
* SECURITY UPDATE: denial of service via EAP-pwd
  - debian/patches/CVE-2015-4143-4146.patch: check lengths in
    src/eap_peer/eap_pwd.c, src/eap_server/eap_server_pwd.c.
  - CVE-2015-4143
  - CVE-2015-4144
  - CVE-2015-4145
  - CVE-2015-4146
lp://staging/ubuntu/utopic/wpa 1 Development 2014-10-10 09:15:39 UTC
15. * SECURITY UPDATE: arbitrary command ...

Author: Marc Deslauriers
Revision Date: 2014-10-10 09:15:39 UTC

* SECURITY UPDATE: arbitrary command execution via unsanitized string
  passed to action scripts by wpa_cli and hostapd_cli
  - debian/patches/CVE-2014-3686.patch: added os_exec() helper to
    src/utils/os.h, src/utils/os_unix.c, src/utils/os_win32.c,
    use instead of system() in wpa_supplicant/wpa_cli.c,
    hostapd/hostapd_cli.c.
  - CVE-2014-3686
14 of 4 results FirstPreviousNextLast