diff options
| author | Marius Bakke <mbakke@fastmail.com> | 2016-10-05 04:08:46 +0100 |
|---|---|---|
| committer | Leo Famulari <leo@famulari.name> | 2016-10-09 17:37:36 -0400 |
| commit | fc0081213d612dc0b4f5f90d5b775704511a7432 (patch) | |
| tree | 3cce73b98b2d001e878d740f20b3e12951928c75 /gnu/packages/patches/wpa-supplicant-CVE-2015-5310.patch | |
| parent | 6f9d5b2e8c861c3a1243937a26400f8394946346 (diff) | |
| download | guix-fc0081213d612dc0b4f5f90d5b775704511a7432.tar guix-fc0081213d612dc0b4f5f90d5b775704511a7432.tar.gz | |
gnu: wpa-supplicant: Update to 2.6.
* gnu/packages/admin.scm (wpa-supplicant-minimal)[source]: Update to
2.6. Remove 'patches' field.
* gnu/packages/patches/wpa-supplicant-CVE-2015-5310.patch,
gnu/packages/patches/wpa-supplicant-CVE-2015-5314.patch,
gnu/packages/patches/wpa-supplicant-CVE-2015-5315.patch,
gnu/packages/patches/wpa-supplicant-CVE-2015-5316.patch,
gnu/packages/patches/wpa-supplicant-CVE-2016-4476.patch,
gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt1.patch,
gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt2.patch,
gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt3.patch,
gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt4.patch: Delete
files.
* gnu/local.mk (dist_patch_DATA): Remove them.
Signed-off-by: Leo Famulari <leo@famulari.name>
Diffstat (limited to 'gnu/packages/patches/wpa-supplicant-CVE-2015-5310.patch')
| -rw-r--r-- | gnu/packages/patches/wpa-supplicant-CVE-2015-5310.patch | 32 |
1 files changed, 0 insertions, 32 deletions
diff --git a/gnu/packages/patches/wpa-supplicant-CVE-2015-5310.patch b/gnu/packages/patches/wpa-supplicant-CVE-2015-5310.patch deleted file mode 100644 index 00e5b7c771..0000000000 --- a/gnu/packages/patches/wpa-supplicant-CVE-2015-5310.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 6b12d93d2c7428a34bfd4b3813ba339ed57b698a Mon Sep 17 00:00:00 2001 -From: Jouni Malinen <j@w1.fi> -Date: Sun, 25 Oct 2015 15:45:50 +0200 -Subject: [PATCH] WNM: Ignore Key Data in WNM Sleep Mode Response frame if no - PMF in use - -WNM Sleep Mode Response frame is used to update GTK/IGTK only if PMF is -enabled. Verify that PMF is in use before using this field on station -side to avoid accepting unauthenticated key updates. (CVE-2015-5310) - -Signed-off-by: Jouni Malinen <j@w1.fi> ---- - wpa_supplicant/wnm_sta.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/wpa_supplicant/wnm_sta.c b/wpa_supplicant/wnm_sta.c -index 954de67..7d79499 100644 ---- a/wpa_supplicant/wnm_sta.c -+++ b/wpa_supplicant/wnm_sta.c -@@ -187,6 +187,12 @@ static void wnm_sleep_mode_exit_success(struct wpa_supplicant *wpa_s, - end = ptr + key_len_total; - wpa_hexdump_key(MSG_DEBUG, "WNM: Key Data", ptr, key_len_total); - -+ if (key_len_total && !wpa_sm_pmf_enabled(wpa_s->wpa)) { -+ wpa_msg(wpa_s, MSG_INFO, -+ "WNM: Ignore Key Data in WNM-Sleep Mode Response - PMF not enabled"); -+ return; -+ } -+ - while (ptr + 1 < end) { - if (ptr + 2 + ptr[1] > end) { - wpa_printf(MSG_DEBUG, "WNM: Invalid Key Data element " |