Your message dated Tue, 09 Oct 2012 09:18:00 +0000
with message-id <[email protected]>
and subject line Bug#689990: fixed in wpa 1.0-3
has caused the Debian Bug report #689990,
regarding hostapd: CVE-2012-4445 denial of service
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
689990: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689990
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: wpa
Severity: grave
Tags: security patch
Hi,
the following vulnerability was published for hostapd.
CVE-2012-4445[0]:
| Timo Warns discovered that the internal authentication server of hostapd,
| a user space IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator,
| is vulnerable to a buffer overflow when processing fragmented EAP-TLS
| messages. As a result, an internal overflow checking routine terminates
| the process. An attacker can abuse this flaw to conduct denial of service
| attacks via crafted EAP-TLS messages prior to any authentication.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
Please also ask for an unblock on -release after fixing this issue so it will
be picked up for wheezy.
The patch I used for the DSA:
http://people.debian.org/~nion/nmu-diff/hostapd-0.6.10-2_0.6.10-2+squeeze1.patch
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4445
http://security-tracker.debian.org/tracker/CVE-2012-4445
--
Nico Golde - http://www.ngolde.de - [email protected] - GPG: 0xA0A0AAAA
pgpKKGpgpmBzP.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: wpa
Source-Version: 1.0-3
We believe that the bug you reported is fixed in the latest version of
wpa, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Stefan Lippers-Hollmann <[email protected]> (supplier of updated wpa package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 08 Oct 2012 17:48:04 +0200
Source: wpa
Binary: hostapd wpagui wpasupplicant wpasupplicant-udeb
Architecture: source amd64
Version: 1.0-3
Distribution: unstable
Urgency: high
Maintainer: Debian/Ubuntu wpasupplicant Maintainers
<[email protected]>
Changed-By: Stefan Lippers-Hollmann <[email protected]>
Description:
hostapd - user space IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authentica
wpagui - graphical user interface for wpa_supplicant
wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i)
wpasupplicant-udeb - Client support for WPA and WPA2 (IEEE 802.11i) (udeb)
Closes: 677993 678077 689990
Changes:
wpa (1.0-3) unstable; urgency=high
.
* ship forgotten README-P2P.
* revert to GNU readline for wpa_cli, instead of using the internal readline
implementation added in wpa 1~. Prefer libreadline-gplv2-dev, because libnl
is GPL-2 (only) - switching back to the internal readline implementation is
targeted for wheezy+1 (Closes: #677993, #678077).
* Fix DoS via specially crafted EAP-TLS messages with longer message
length than TLS data length (CVE-2012-4445, DSA 2557-1, Closes: #689990).
Checksums-Sha1:
e0b9213bda2949d474a71d5517d6919673d387cb 1812 wpa_1.0-3.dsc
8ef8e1e7551b7dc86ec63a411612bdf8e651f35d 87141 wpa_1.0-3.debian.tar.gz
ac9f02ccf2e80877213463c36fbba0c00100c4e1 475512 hostapd_1.0-3_amd64.deb
3d67610f5135b5571473b7a24e11618be6d66b53 368026 wpagui_1.0-3_amd64.deb
32e85a3ead2fe0fe81f111a5864abc2b4ae32c28 607880 wpasupplicant_1.0-3_amd64.deb
19703d61971dcfcae4bb4489fadf4c6de70d771a 154708
wpasupplicant-udeb_1.0-3_amd64.udeb
Checksums-Sha256:
5d583c42ff996800e1586b0a0973281dfb855ce533b6c6e4c5a9f07559507757 1812
wpa_1.0-3.dsc
76cbf66e1f04f139aae97f83c70d83b98506d7f2f34e2961d52b0da34c1fb17d 87141
wpa_1.0-3.debian.tar.gz
8154160b1540f20312734b7ad8137a60a6af87fc907015ad7f4affd6d25a6b13 475512
hostapd_1.0-3_amd64.deb
e53dbed405d4676e8c1d16ae4380a5e92b5f65aad81bb4bfb4da466e8dbfa8ed 368026
wpagui_1.0-3_amd64.deb
9a3dbb0c94bfca141ac420648e3f18419c767583e63623fc92ad4a1ae62ceb98 607880
wpasupplicant_1.0-3_amd64.deb
a6a0f2ea6ebd11f257ba9afaf3ad4565262398260d3518e8823cad8b3fec74b4 154708
wpasupplicant-udeb_1.0-3_amd64.udeb
Files:
2a7148611043ecb71d30e39f5a316c8b 1812 net optional wpa_1.0-3.dsc
155ee0ae7f71fa53e7b2557d6ba0119f 87141 net optional wpa_1.0-3.debian.tar.gz
1b928b7780d4911fe595a1c69d2d053d 475512 net optional hostapd_1.0-3_amd64.deb
42d30c45babcbcc33fc718b9247e3837 368026 net optional wpagui_1.0-3_amd64.deb
77cf4e4fe44363bb9731e52d72adc6ea 607880 net optional
wpasupplicant_1.0-3_amd64.deb
8a8e659b2cbbbfba0be3dfdd7d1c5e91 154708 debian-installer standard
wpasupplicant-udeb_1.0-3_amd64.udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAlBz6fcACgkQHYflSXNkfP900gCfWnv28NMfdD9IeEWHhn1LZST6
lBoAnjV9bPKvMmzTUAmkDRvGX9ABDe5m
=u2pX
-----END PGP SIGNATURE-----
--- End Message ---
