Hello community, here is the log from the commit of package hostapd for openSUSE:Factory checked in at 2016-10-10 16:20:43 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/hostapd (Old) and /work/SRC/openSUSE:Factory/.hostapd.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "hostapd" Changes: -------- --- /work/SRC/openSUSE:Factory/hostapd/hostapd.changes 2015-11-22 11:03:02.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.hostapd.new/hostapd.changes 2016-10-10 16:20:48.000000000 +0200 @@ -1,0 +2,77 @@ +Mon Oct 02 14:39:02 GMT 2016 - [email protected] + +- update to upstream release 2.6 + * fixed EAP-pwd last fragment validation + [http://w1.fi/security/2015-7/] (CVE-2015-5314) + * fixed WPS configuration update vulnerability with malformed passphrase + [http://w1.fi/security/2016-1/] (CVE-2016-4476) + * extended channel switch support for VHT bandwidth changes + * added support for configuring new ANQP-elements with + anqp_elem=<InfoID>:<hexdump of payload> + * fixed Suite B 192-bit AKM to use proper PMK length + (note: this makes old releases incompatible with the fixed behavior) + * added no_probe_resp_if_max_sta=1 parameter to disable Probe Response + frame sending for not-associated STAs if max_num_sta limit has been + reached + * added option (-S as command line argument) to request all interfaces + to be started at the same time + * modified rts_threshold and fragm_threshold configuration parameters + to allow -1 to be used to disable RTS/fragmentation + * EAP-pwd: added support for Brainpool Elliptic Curves + (with OpenSSL 1.0.2 and newer) + * fixed EAPOL reauthentication after FT protocol run + * fixed FTIE generation for 4-way handshake after FT protocol run + * fixed and improved various FST operations + * TLS server + - support SHA384 and SHA512 hashes + - support TLS v1.2 signature algorithm with SHA384 and SHA512 + - support PKCS #5 v2.0 PBES2 + - support PKCS #5 with PKCS #12 style key decryption + - minimal support for PKCS #12 + - support OCSP stapling (including ocsp_multi) + * added support for OpenSSL 1.1 API changes + - drop support for OpenSSL 0.9.8 + - drop support for OpenSSL 1.0.0 + * EAP-PEAP: support fast-connect crypto binding + * RADIUS + - fix Called-Station-Id to not escape SSID + - add Event-Timestamp to all Accounting-Request packets + - add Acct-Session-Id to Accounting-On/Off + - add Acct-Multi-Session-Id ton Access-Request packets + - add Service-Type (= Frames) + - allow server to provide PSK instead of passphrase for WPA-PSK + Tunnel_password case + - update full message for interim accounting updates + - add Acct-Delay-Time into Accounting messages + - add require_message_authenticator configuration option to require + CoA/Disconnect-Request packets to be authenticated + * started to postpone WNM-Notification frame sending by 100 ms so that + the STA has some more time to configure the key before this frame is + received after the 4-way handshake + * VHT: added interoperability workaround for 80+80 and 160 MHz channels + * extended VLAN support (per-STA vif, etc.) + * fixed PMKID derivation with SAE + * nl80211 + - added support for full station state operations + - fix IEEE 802.1X/WEP EAP reauthentication and rekeying to use + unencrypted EAPOL frames + * added initial MBO support; number of extensions to WNM BSS Transition + Management + * added initial functionality for location related operations + * added assocresp_elements parameter to allow vendor specific elements + to be added into (Re)Association Response frames + * improved Public Action frame addressing + - use Address 3 = wildcard BSSID in GAS response if a query from an + unassociated STA used that address + - fix TX status processing for Address 3 = wildcard BSSID + - add gas_address3 configuration parameter to control Address 3 + behavior + * added command line parameter -i to override interface parameter in + hostapd.conf + * added command completion support to hostapd_cli + * added passive client taxonomy determination (CONFIG_TAXONOMY=y + compile option and "SIGNATURE <addr>" control interface command) + * number of small fixes +- renamed hostapd-2.5-defconfig.patch to hostapd-2.6-defconfig.patch + +------------------------------------------------------------------- Old: ---- hostapd-2.5-defconfig.patch hostapd-2.5.tar.gz New: ---- hostapd-2.6-defconfig.patch hostapd-2.6.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ hostapd.spec ++++++ --- /var/tmp/diff_new_pack.3IwyAW/_old 2016-10-10 16:20:49.000000000 +0200 +++ /var/tmp/diff_new_pack.3IwyAW/_new 2016-10-10 16:20:50.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package hostapd # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -26,13 +26,13 @@ Summary: Turns Your WLAN Card into a WPA capable Access Point License: GPL-2.0 or BSD-3-Clause Group: Hardware/Wifi -Version: 2.5 +Version: 2.6 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build Url: http://w1.fi/ Source: http://w1.fi/releases/hostapd-%{version}.tar.gz Source1: hostapd.service -Patch0: hostapd-2.5-defconfig.patch +Patch0: hostapd-2.6-defconfig.patch %{?systemd_requires} %description ++++++ hostapd-2.5-defconfig.patch -> hostapd-2.6-defconfig.patch ++++++ --- /work/SRC/openSUSE:Factory/hostapd/hostapd-2.5-defconfig.patch 2015-11-22 11:03:02.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.hostapd.new/hostapd-2.6-defconfig.patch 2016-10-10 16:20:48.000000000 +0200 @@ -1,6 +1,6 @@ ---- ./hostapd/defconfig.orig 2015-10-18 15:11:32.152380752 +0200 -+++ ./hostapd/defconfig 2015-10-18 15:18:07.240441471 +0200 -@@ -28,7 +28,7 @@ +--- hostapd/defconfig.orig 2016-10-02 19:51:11.000000000 +0100 ++++ hostapd/defconfig 2016-10-04 11:15:48.548609106 +0100 +@@ -31,7 +31,7 @@ #CONFIG_LIBNL20=y # Use libnl 3.2 libraries (if this is selected, CONFIG_LIBNL20 is ignored) @@ -9,7 +9,7 @@ # Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) -@@ -39,7 +39,7 @@ +@@ -42,7 +42,7 @@ #LIBS_c += -L/usr/local/lib # Driver interface for no driver (e.g., RADIUS server only) @@ -18,7 +18,7 @@ # IEEE 802.11F/IAPP CONFIG_IAPP=y -@@ -78,53 +78,53 @@ +@@ -81,53 +81,53 @@ CONFIG_EAP_TTLS=y # EAP-SIM for the integrated EAP server @@ -88,7 +88,7 @@ # PKCS#12 (PFX) support (used to read private key and certificate file from # a file that usually has extension .p12 or .pfx) -@@ -132,27 +132,27 @@ +@@ -135,27 +135,27 @@ # RADIUS authentication server. This provides access to the integrated EAP # server from external hosts using RADIUS. @@ -122,7 +122,7 @@ # Remove debugging code that is printing out debug messages to stdout. # This can be used to reduce the size of the hostapd considerably if debugging -@@ -180,7 +180,7 @@ +@@ -183,7 +183,7 @@ # Enable support for fully dynamic VLANs. This enables hostapd to # automatically create bridge and VLAN interfaces if necessary. @@ -131,7 +131,7 @@ # Use netlink-based kernel API for VLAN operations instead of ioctl() # Note: This requires libnl 3.1 or newer. -@@ -251,16 +251,16 @@ +@@ -257,16 +257,16 @@ # gnutls = GnuTLS # internal = Internal TLSv1 implementation (experimental) # none = Empty template @@ -151,7 +151,7 @@ # If CONFIG_TLS=internal is used, additional library and include paths are # needed for LibTomMath. Alternatively, an integrated, minimal version of -@@ -281,13 +281,13 @@ +@@ -287,19 +287,19 @@ # Interworking (IEEE 802.11u) # This can be used to enable functionality to improve interworking with # external networks. @@ -167,4 +167,27 @@ +CONFIG_SQLITE=y # Enable Fast Session Transfer (FST) - #CONFIG_FST=y +-#CONFIG_FST=y ++CONFIG_FST=y + + # Enable CLI commands for FST testing +-#CONFIG_FST_TEST=y ++CONFIG_FST_TEST=y + + # Testing options + # This can be used to enable some testing options (see also the example +@@ -331,12 +331,12 @@ + # For more details refer to: + # http://wireless.kernel.org/en/users/Documentation/acs + # +-#CONFIG_ACS=y ++CONFIG_ACS=y + + # Multiband Operation support + # These extentions facilitate efficient use of multiple frequency bands + # available to the AP and the devices that may associate with it. +-#CONFIG_MBO=y ++CONFIG_MBO=y + + # Client Taxonomy + # Has the AP retain the Probe Request and (Re)Association Request frames from ++++++ hostapd-2.5.tar.gz -> hostapd-2.6.tar.gz ++++++ ++++ 48271 lines of diff (skipped)
