Changelog
wpa (2.3-1+deb8u5) jessie-security; urgency=high
* Non-maintainer upload by the Security Team.
* Add patches to fix WPA protocol vulnerabilities (CVE-2017-13077,
CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,
CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088):
- hostapd: Avoid key reinstallation in FT handshake
- Prevent reinstallation of an already in-use group key
- Extend protection of GTK/IGTK reinstallation of WNM-Sleep Mode cases
- Fix PTK rekeying to generate a new ANonce
- TDLS: Reject TPK-TK reconfiguration
- WNM: Ignore WNM-Sleep Mode Response if WNM-Sleep Mode has not been used
- WNM: Ignore WNM-Sleep Mode Response without pending request
- FT: Do not allow multiple Reassociation Response frames
- TDLS: Ignore incoming TDLS Setup Response retries
-- Yves-Alexis Perez <email address hidden> Sat, 14 Oct 2017 14:11:26 +0200