Debian Bug report logs -
#787372
wpa: CVE-2015-4141: WPS UPnP vulnerability with HTTP chunked transfer encoding
Reported by: Salvatore Bonaccorso <carnil@debian.org>
Date: Sun, 31 May 2015 20:42:02 UTC
Severity: important
Tags: fixed-upstream, patch, security, upstream
Found in version wpa/2.3-1
Fixed in versions wpa/2.3-2.2, wpa/2.3-1+deb8u2
Done: Salvatore Bonaccorso <carnil@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian wpasupplicant Maintainers <pkg-wpa-devel@lists.alioth.debian.org>:
Bug#787372; Package src:wpa.
(Sun, 31 May 2015 20:42:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian wpasupplicant Maintainers <pkg-wpa-devel@lists.alioth.debian.org>.
(Sun, 31 May 2015 20:42:06 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: wpa
Version: 2.3-1
Severity: important
Tags: security upstream fixed-upstream
Hi,
the following vulnerability was published for wpa.
CVE-2015-4141[0]:
WPS UPnP vulnerability with HTTP chunked transfer encoding
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2015-4141
[1] http://w1.fi/security/2015-2/wps-upnp-http-chunked-transfer-encoding.txt
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
Added tag(s) patch.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to 787371-submit@bugs.debian.org.
(Sat, 31 Oct 2015 13:33:17 GMT) (full text, mbox, link).
Added tag(s) pending.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to 787371-submit@bugs.debian.org.
(Sat, 31 Oct 2015 13:33:18 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian wpasupplicant Maintainers <pkg-wpa-devel@lists.alioth.debian.org>:
Bug#787372; Package src:wpa.
(Sat, 31 Oct 2015 13:33:24 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian wpasupplicant Maintainers <pkg-wpa-devel@lists.alioth.debian.org>.
(Sat, 31 Oct 2015 13:33:24 GMT) (full text, mbox, link).
Message #14 received at 787372@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Control: tags 787371 + patch
Control: tags 787371 + pending
Control: tags 787372 + patch
Control: tags 787372 + pending
Control: tags 787373 + patch
Control: tags 787373 + pending
Control: tags 795740 + pending
Dear maintainer,
I've prepared an NMU for wpa (versioned as 2.3-2.2) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.
Regards,
Salvatore
[wpa-2.3-2.2-nmu.diff (text/x-diff, attachment)]
Reply sent
to Salvatore Bonaccorso <carnil@debian.org>:
You have taken responsibility.
(Mon, 02 Nov 2015 13:51:16 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Mon, 02 Nov 2015 13:51:16 GMT) (full text, mbox, link).
Message #19 received at 787372-close@bugs.debian.org (full text, mbox, reply):
Source: wpa
Source-Version: 2.3-2.2
We believe that the bug you reported is fixed in the latest version of
wpa, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 787372@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated wpa package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 31 Oct 2015 14:13:50 +0100
Source: wpa
Binary: hostapd wpagui wpasupplicant wpasupplicant-udeb
Architecture: source
Version: 2.3-2.2
Distribution: unstable
Urgency: high
Maintainer: Debian wpasupplicant Maintainers <pkg-wpa-devel@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 787371 787372 787373 795740
Description:
hostapd - IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator
wpagui - graphical user interface for wpa_supplicant
wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i)
wpasupplicant-udeb - Client support for WPA and WPA2 (IEEE 802.11i) (udeb)
Changes:
wpa (2.3-2.2) unstable; urgency=high
.
* Non-maintainer upload.
* Add patch to address CVE-2015-4141.
CVE-2015-4141: WPS UPnP vulnerability with HTTP chunked transfer
encoding. (Closes: #787372)
* Add patch to address CVE-2015-4142.
CVE-2015-4142: Integer underflow in AP mode WMM Action frame processing.
(Closes: #787373)
* Add patches to address CVE-2015-414{3,4,5,6}
CVE-2015-4143 CVE-2015-4144 CVE-2015-4145 CVE-2015-4146: EAP-pwd missing
payload length validation. (Closes: #787371)
* Add patch to address 2015-5 vulnerability.
NFC: Fix payload length validation in NDEF record parser (Closes: #795740)
* Thanks to Julian Wollrath <jwollrath@web.de> for the initial debdiff
provided in #787371.
Checksums-Sha1:
75150beb3fb26d4109b539b4ce888463998878d6 2444 wpa_2.3-2.2.dsc
328926f300bcae025a18b0009dc873ffbcbb5c12 84500 wpa_2.3-2.2.debian.tar.xz
Checksums-Sha256:
53a491d3de23b568ccbb368bfc417d20aff2d2c92d74ddd3c0569e187ae3611d 2444 wpa_2.3-2.2.dsc
89a6cd317af34695d7aa4ff8d1e3b8c80de03d86b338935d8605cdb89a3b8789 84500 wpa_2.3-2.2.debian.tar.xz
Files:
4a754d8ca6b01384f4dcc853d250c943 2444 net optional wpa_2.3-2.2.dsc
db6f18f88aace7294e99d65d53440140 84500 net optional wpa_2.3-2.2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJWNMGdAAoJEAVMuPMTQ89EkzYP/2gtvy7H22t6nEas+tUyxTpm
nhb2VQ2tnh473DBA5fypjJhBku+F8/vlEyhVC8zsbYfH+4NdS7lgJjrl/IW1tjct
9ZBlcGFKLbtMliQzTID4/Q2oKNodgyBFsWhno8ZgOw6pa9W/bUf5KNtbADHq9fv6
lxXOxgrUnICtKwU8rGU0h0gpnEjl+OLGC1P7r+jnIpXvfjdG7x5X3Nadnlfw9tHo
kXErE2npfXfZzUv3Y2/0KnWV/IRdmD/+8IdwvCGSM4TTZdOpXViZEh6K7ioWX8nJ
kRS83YjPnQNaj0WB+d+4gzneCoqh49q6oLqhTp4hJ46vCSMP64tbsolvYbYBpa5y
zeUQeYXlOnN2HH8zFqzp4dN8CD6rfT2Cv9Co12YMizglLt+Y5qatNiQi5EXUr3be
cUA/e22gzVj21dqP2OwI9zuOFOR75Q2dSB/eZ9fexri89xFKj8D7fI6XrrMz9Jx4
ABaRiWk5k6vAgrcjPrzBFgH+HmkL7QBlfYjLwCdfa1Pz02tk33qH67I0Fz7mTOfe
+dAiXW/D+outNErQDIrhWVYkOqKTAnmktNUej6+fUs9mmzKq6ZFSbSXIAIWzlENa
flxIxSGjFYL7e2qRn1Eti4ffZOcdYgOf9yCINgYG+uCR/QtFtb5IY9suW1j/pL/h
eB4GpTyvWzWeJZ87ooIg
=SIcU
-----END PGP SIGNATURE-----
Reply sent
to Salvatore Bonaccorso <carnil@debian.org>:
You have taken responsibility.
(Sun, 15 Nov 2015 22:51:21 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Sun, 15 Nov 2015 22:51:21 GMT) (full text, mbox, link).
Message #24 received at 787372-close@bugs.debian.org (full text, mbox, reply):
Source: wpa
Source-Version: 2.3-1+deb8u2
We believe that the bug you reported is fixed in the latest version of
wpa, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 787372@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated wpa package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 31 Oct 2015 10:07:44 +0100
Source: wpa
Binary: hostapd wpagui wpasupplicant wpasupplicant-udeb
Architecture: source
Version: 2.3-1+deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Debian wpasupplicant Maintainers <pkg-wpa-devel@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 787371 787372 787373 795740
Description:
hostapd - IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator
wpagui - graphical user interface for wpa_supplicant
wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i)
wpasupplicant-udeb - Client support for WPA and WPA2 (IEEE 802.11i) (udeb)
Changes:
wpa (2.3-1+deb8u2) jessie-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Add patch to address CVE-2015-4141.
CVE-2015-4141: WPS UPnP vulnerability with HTTP chunked transfer
encoding. (Closes: #787372)
* Add patch to address CVE-2015-4142.
CVE-2015-4142: Integer underflow in AP mode WMM Action frame processing.
(Closes: #787373)
* Add patches to address CVE-2015-414{3,4,5,6}
CVE-2015-4143 CVE-2015-4144 CVE-2015-4145 CVE-2015-4146: EAP-pwd missing
payload length validation. (Closes: #787371)
* Add patch to address 2015-5 vulnerability.
NFC: Fix payload length validation in NDEF record parser (Closes: #795740)
* Add patch to address CVE-2015-5310.
CVE-2015-5310: wpa_supplicant unauthorized WNM Sleep Mode GTK control.
Checksums-Sha1:
2bd8c477e68b3e50fe985ef04c86d1edf199a885 2496 wpa_2.3-1+deb8u2.dsc
ce5177ea6587fe13dfb6626b5c54a99d86d990d5 79656 wpa_2.3-1+deb8u2.debian.tar.xz
Checksums-Sha256:
81ece78630a18b622e00c98bd8080be0dbe624a9a717850d61d156a8d4923763 2496 wpa_2.3-1+deb8u2.dsc
214421d0ff41ebe0ad8f0564ecbbfde7aaf8fb92a49d69d2ba6eb38611dbaf5f 79656 wpa_2.3-1+deb8u2.debian.tar.xz
Files:
8f7361599ef95fdea887d17766903b76 2496 net optional wpa_2.3-1+deb8u2.dsc
e5b886814e66c4b2ab08005385dd8ee4 79656 net optional wpa_2.3-1+deb8u2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJWNIoDAAoJEAVMuPMTQ89ER4kP/iVsz/89JxxQfJvuTJijQclo
3m1T6+ZkG1QopVYZJTruAsHo6l5gvYccVgqTmXKO6n7ZgFlw/DA14qZK/tOFLJdi
D4EZNIG3e42aNMkB6Z0NtgfixkIiemh6gzCEvix/WOAbiUUkhgTOyZaCRGXIiJ+1
pbsztfP8CnNYwd2nuaCgWMZAijAGVs++NrSpXoJ0qB7HZ9VsbDJpW1DFNNrxqq9c
0nk+tcCJRw6VebdW6Li7jY1I1fuI0rjvCUQnexUg/UVyR/TxW0iI74zQwHeS+w8t
QurvTIJSM6dZs2Yg/jq8kCh7NPVvluO8rSP7cV4oseObBObhnBPBwANdi3xNehx+
zU2d3H+Yuj2SGcaZl6I9y/LdqduqNSdDa8pHpui7ABltMxLqQqloCs2bZ8XUQZVQ
59ydcVqPAgweWD13NcRpMraMre8RRIyDYniiE4SNr6meZ/SB6PWCtPffE6zAMBnU
sPYN3CNxlZ923X9dfFn5yz7VqAG6RhMaNHdcSz3MKwabEfREfSb5XGTlB3ARn0ga
gJGRNzqvgdCfvojKueb5ZCf/IklaJeaoQa7i/DTYegcBtTa1GvbMqwxRIQKApn8H
cw1cp97rs/C/0ufghv7+oJkMCqzH/1k7619T5YrBPP+26DrhDx1eABC/TuHAJKm6
lHKO7uSj3QmCAcGqZkge
=HCUC
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Tue, 15 Dec 2015 07:35:12 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 16:37:05 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon