Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package hostapd for openSUSE:Factory checked in at 2022-01-19 00:35:28 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/hostapd (Old) and /work/SRC/openSUSE:Factory/.hostapd.new.1892 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "hostapd" Wed Jan 19 00:35:28 2022 rev:46 rq:947268 version:2.10 Changes: -------- --- /work/SRC/openSUSE:Factory/hostapd/hostapd.changes 2021-12-02 02:14:23.506820505 +0100 +++ /work/SRC/openSUSE:Factory/.hostapd.new.1892/hostapd.changes 2022-01-19 00:36:01.318325890 +0100 @@ -1,0 +2,50 @@ +Mon Jan 17 08:33:09 UTC 2022 - Michael Str??der <[email protected]> + +- Removed obsolete patches: + * CVE-2019-16275.patch + * CVE-2020-12695.patch + * CVE-2021-30004.patch +- Update to version 2.10 + * SAE changes + - improved protection against side channel attacks + [https://w1.fi/security/2022-1/] + - added option send SAE Confirm immediately (sae_config_immediate=1) + after SAE Commit + - added support for the hash-to-element mechanism (sae_pwe=1 or + sae_pwe=2) + - fixed PMKSA caching with OKC + - added support for SAE-PK + * EAP-pwd changes + - improved protection against side channel attacks + [https://w1.fi/security/2022-1/] + * fixed WPS UPnP SUBSCRIBE handling of invalid operations + [https://w1.fi/security/2020-1/] + * fixed PMF disconnection protection bypass + [https://w1.fi/security/2019-7/] + * added support for using OpenSSL 3.0 + * fixed various issues in experimental support for EAP-TEAP server + * added configuration (max_auth_rounds, max_auth_rounds_short) to + increase the maximum number of EAP message exchanges (mainly to + support cases with very large certificates) for the EAP server + * added support for DPP release 2 (Wi-Fi Device Provisioning Protocol) + * extended HE (IEEE 802.11ax) support, including 6 GHz support + * removed obsolete IAPP functionality + * fixed EAP-FAST server with TLS GCM/CCM ciphers + * dropped support for libnl 1.1 + * added support for nl80211 control port for EAPOL frame TX/RX + * fixed OWE key derivation with groups 20 and 21; this breaks backwards + compatibility for these groups while the default group 19 remains + backwards compatible; owe_ptk_workaround=1 can be used to enabled a + a workaround for the group 20/21 backwards compatibility + * added support for Beacon protection + * added support for Extended Key ID for pairwise keys + * removed WEP support from the default build (CONFIG_WEP=y can be used + to enable it, if really needed) + * added a build option to remove TKIP support (CONFIG_NO_TKIP=y) + * added support for Transition Disable mechanism to allow the AP to + automatically disable transition mode to improve security + * added support for PASN + * added EAP-TLS server support for TLS 1.3 (disabled by default for now) + * a large number of other fixes, cleanup, and extensions + +------------------------------------------------------------------- Old: ---- CVE-2019-16275.patch CVE-2020-12695.patch CVE-2021-30004.patch hostapd-2.9.tar.gz hostapd-2.9.tar.gz.asc New: ---- hostapd-2.10.tar.gz hostapd-2.10.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ hostapd.spec ++++++ --- /var/tmp/diff_new_pack.YtvWbt/_old 2022-01-19 00:36:01.878326290 +0100 +++ /var/tmp/diff_new_pack.YtvWbt/_new 2022-01-19 00:36:01.882326293 +0100 @@ -1,7 +1,7 @@ # # spec file for package hostapd # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ %bcond_without apparmor Name: hostapd -Version: 2.9 +Version: 2.10 Release: 0 Summary: Daemon for running a WPA capable Access Point License: BSD-3-Clause OR GPL-2.0-only @@ -31,9 +31,6 @@ Source3: config Source4: hostapd.service Source5: apparmor-usr.sbin.hostapd -Patch1: CVE-2019-16275.patch -Patch2: CVE-2020-12695.patch -Patch3: CVE-2021-30004.patch BuildRequires: libnl3-devel BuildRequires: openssl-devel BuildRequires: pkgconfig ++++++ hostapd-2.9.tar.gz -> hostapd-2.10.tar.gz ++++++ ++++ 103280 lines of diff (skipped)
