Hello community, here is the log from the commit of package hostapd for openSUSE:Factory checked in at 2015-05-15 09:03:44 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/hostapd (Old) and /work/SRC/openSUSE:Factory/.hostapd.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "hostapd" Changes: -------- --- /work/SRC/openSUSE:Factory/hostapd/hostapd.changes 2015-01-08 23:02:40.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.hostapd.new/hostapd.changes 2015-05-15 09:03:45.000000000 +0200 @@ -1,0 +2,56 @@ +Thu Apr 23 19:45:41 UTC 2015 - [email protected] + +- update version 2.4 +- added 0001-P2P-Validate-SSID-element-length-before-copying-it-C.patch + for CVE-2015-1863 +- updated URLs +- require pkg-config and libnl3-devel during build +- replaced hostapd-2.3-defconfig.patch by hostapd-2.4-defconfig.patch + +ChangeLog for hostapd since 2.3: + +2015-03-15 - v2.4 + * allow OpenSSL cipher configuration to be set for internal EAP server + (openssl_ciphers parameter) + * fixed number of small issues based on hwsim test case failures and + static analyzer reports + * fixed Accounting-Request to not include duplicated Acct-Session-Id + * add support for Acct-Multi-Session-Id in RADIUS Accounting messages + * add support for PMKSA caching with SAE + * add support for generating BSS Load element (bss_load_update_period) + * fixed channel switch from VHT to HT + * add INTERFACE-ENABLED and INTERFACE-DISABLED ctrl_iface events + * add support for learning STA IPv4/IPv6 addresses and configuring + ProxyARP support + * dropped support for the madwifi driver interface + * add support for Suite B (128-bit and 192-bit level) key management and + cipher suites + * fixed a regression with driver=wired + * extend EAPOL-Key msg 1/4 retry workaround for changing SNonce + * add BSS_TM_REQ ctrl_iface command to send BSS Transition Management + Request frames and BSS-TM-RESP event to indicate response to such + frame + * add support for EAP Re-Authentication Protocol (ERP) + * fixed AP IE in EAPOL-Key 3/4 when both WPA and FT was enabled + * fixed a regression in HT 20/40 coex Action frame parsing + * set stdout to be line-buffered + * add support for vendor specific VHT extension to enable 256 QAM rates + (VHT-MCS 8 and 9) on 2.4 GHz band + * RADIUS DAS: + - extend Disconnect-Request processing to allow matching of multiple + sessions + - support Acct-Multi-Session-Id as an identifier + - allow PMKSA cache entry to be removed without association + * expire hostapd STA entry if kernel does not have a matching entry + * allow chanlist to be used to specify a subset of channels for ACS + * improve ACS behavior on 2.4 GHz band and allow channel bias to be + configured with acs_chan_bias parameter + * do not reply to a Probe Request frame that includes DSS Parameter Set + element in which the channel does not match the current operating + channel + * add UPDATE_BEACON ctrl_iface command; this can be used to force Beacon + frame contents to be updated and to start beaconing on an interface + that used start_disabled=1 + * fixed some RADIUS server failover cases + +------------------------------------------------------------------- Old: ---- hostapd-2.3-defconfig.patch hostapd-2.3.tar.gz New: ---- 0001-P2P-Validate-SSID-element-length-before-copying-it-C.patch hostapd-2.4-defconfig.patch hostapd-2.4.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ hostapd.spec ++++++ --- /var/tmp/diff_new_pack.wqMzUK/_old 2015-05-15 09:03:46.000000000 +0200 +++ /var/tmp/diff_new_pack.wqMzUK/_new 2015-05-15 09:03:46.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package hostapd # -# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,20 +17,24 @@ Name: hostapd +BuildRequires: libnl3-devel BuildRequires: openssl-devel +BuildRequires: pkg-config BuildRequires: sqlite3-devel BuildRequires: pkgconfig(libnl-3.0) >= 3.0 BuildRequires: pkgconfig(systemd) Summary: Turns Your WLAN Card into a WPA capable Access Point License: GPL-2.0 or BSD-3-Clause Group: Hardware/Wifi -Version: 2.3 +Version: 2.4 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build -Url: http://hostap.epitest.fi/ -Source: http://hostap.epitest.fi/releases/hostapd-%{version}.tar.gz +Url: http://w1.fi/ +Source: http://w1.fi/releases/hostapd-%{version}.tar.gz Source1: hostapd.service -Patch0: hostapd-2.3-defconfig.patch +Patch0: hostapd-2.4-defconfig.patch +# CVE-2015-1863 +Patch1: 0001-P2P-Validate-SSID-element-length-before-copying-it-C.patch %{?systemd_requires} %description @@ -45,6 +49,7 @@ %prep %setup -q -n hostapd-%{version} %patch0 -p0 +%patch1 -p1 cd hostapd cp defconfig .config ++++++ 0001-P2P-Validate-SSID-element-length-before-copying-it-C.patch ++++++ >From 9ed4eee345f85e3025c33c6e20aa25696e341ccd Mon Sep 17 00:00:00 2001 From: Jouni Malinen <[email protected]> Date: Tue, 7 Apr 2015 11:32:11 +0300 Subject: [PATCH] P2P: Validate SSID element length before copying it (CVE-2015-1863) This fixes a possible memcpy overflow for P2P dev->oper_ssid in p2p_add_device(). The length provided by the peer device (0..255 bytes) was used without proper bounds checking and that could have resulted in arbitrary data of up to 223 bytes being written beyond the end of the dev->oper_ssid[] array (of which about 150 bytes would be beyond the heap allocation) when processing a corrupted management frame for P2P peer discovery purposes. This could result in corrupted state in heap, unexpected program behavior due to corrupted P2P peer device information, denial of service due to process crash, exposure of memory contents during GO Negotiation, and potentially arbitrary code execution. Thanks to Google security team for reporting this issue and smart hardware research group of Alibaba security team for discovering it. Signed-off-by: Jouni Malinen <[email protected]> --- src/p2p/p2p.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/p2p/p2p.c b/src/p2p/p2p.c index f584fae..a45fe73 100644 --- a/src/p2p/p2p.c +++ b/src/p2p/p2p.c @@ -778,6 +778,7 @@ int p2p_add_device(struct p2p_data *p2p, const u8 *addr, int freq, if (os_memcmp(addr, p2p_dev_addr, ETH_ALEN) != 0) os_memcpy(dev->interface_addr, addr, ETH_ALEN); if (msg.ssid && + msg.ssid[1] <= sizeof(dev->oper_ssid) && (msg.ssid[1] != P2P_WILDCARD_SSID_LEN || os_memcmp(msg.ssid + 2, P2P_WILDCARD_SSID, P2P_WILDCARD_SSID_LEN) != 0)) { -- 1.9.1 ++++++ hostapd-2.3-defconfig.patch -> hostapd-2.4-defconfig.patch ++++++ --- /work/SRC/openSUSE:Factory/hostapd/hostapd-2.3-defconfig.patch 2015-01-08 23:02:39.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.hostapd.new/hostapd-2.4-defconfig.patch 2015-05-15 09:03:45.000000000 +0200 @@ -1,6 +1,6 @@ ---- hostapd/defconfig.orig 2015-01-05 20:43:43.726052529 +0100 -+++ hostapd/defconfig 2015-01-05 20:48:46.758264105 +0100 -@@ -32,7 +32,7 @@ +--- hostapd/defconfig.orig 2015-04-23 22:09:41.502518110 +0200 ++++ hostapd/defconfig 2015-04-23 22:15:09.225421010 +0200 +@@ -28,7 +28,7 @@ #CONFIG_LIBNL20=y # Use libnl 3.2 libraries (if this is selected, CONFIG_LIBNL20 is ignored) @@ -9,7 +9,7 @@ # Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) -@@ -43,7 +43,7 @@ +@@ -39,7 +39,7 @@ #LIBS_c += -L/usr/local/lib # Driver interface for no driver (e.g., RADIUS server only) @@ -18,7 +18,7 @@ # IEEE 802.11F/IAPP CONFIG_IAPP=y -@@ -79,50 +79,50 @@ +@@ -78,50 +78,50 @@ CONFIG_EAP_TTLS=y # EAP-SIM for the integrated EAP server @@ -84,7 +84,7 @@ # EAP-EKE for the integrated EAP server #CONFIG_EAP_EKE=y -@@ -133,27 +133,27 @@ +@@ -132,27 +132,27 @@ # RADIUS authentication server. This provides access to the integrated EAP # server from external hosts using RADIUS. @@ -99,7 +99,7 @@ +CONFIG_IEEE80211R=y # Use the hostapd's IEEE 802.11 authentication (ACL), but without - # the IEEE 802.11 Management capability (e.g., madwifi or FreeBSD/net80211) + # the IEEE 802.11 Management capability (e.g., FreeBSD/net80211) -#CONFIG_DRIVER_RADIUS_ACL=y +CONFIG_DRIVER_RADIUS_ACL=y @@ -118,7 +118,7 @@ # Remove debugging code that is printing out debug messages to stdout. # This can be used to reduce the size of the hostapd considerably if debugging -@@ -181,7 +181,7 @@ +@@ -180,7 +180,7 @@ # Enable support for fully dynamic VLANs. This enables hostapd to # automatically create bridge and VLAN interfaces if necessary. @@ -127,7 +127,7 @@ # Use netlink-based kernel API for VLAN operations instead of ioctl() # Note: This requires libnl 3.1 or newer. -@@ -251,11 +251,11 @@ +@@ -250,11 +250,11 @@ # TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.1) # can be enabled to get a stronger construction of messages when block ciphers # are used. @@ -141,7 +141,7 @@ # If CONFIG_TLS=internal is used, additional library and include paths are # needed for LibTomMath. Alternatively, an integrated, minimal version of -@@ -276,13 +276,13 @@ +@@ -275,13 +275,13 @@ # Interworking (IEEE 802.11u) # This can be used to enable functionality to improve interworking with # external networks. ++++++ hostapd-2.3.tar.gz -> hostapd-2.4.tar.gz ++++++ ++++ 58579 lines of diff (skipped)
