Your message dated Sat, 14 Nov 2015 21:38:57 +0000
with message-id <e1zxixb-0006qe...@franck.debian.org>
and subject line Bug#804710: fixed in wpa 2.3-2.3
has caused the Debian Bug report #804710,
regarding wpa: CVE-2015-5316: EAP-pwd peer error path failure on unexpected 
Confirm message
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
804710: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804710
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: wpa
Version: 2.3-1
Severity: important
Tags: security upstream patch fixed-upstream

Hi,

the following vulnerability was published for wpa.

CVE-2015-5316[0]:
EAP-pwd peer error path failure on unexpected Confirm message

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2015-5316

Regards,
Salvatore

--- End Message ---
--- Begin Message ---
Source: wpa
Source-Version: 2.3-2.3

We believe that the bug you reported is fixed in the latest version of
wpa, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 804...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso <car...@debian.org> (supplier of updated wpa package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 12 Nov 2015 20:54:12 +0100
Source: wpa
Binary: hostapd wpagui wpasupplicant wpasupplicant-udeb
Architecture: source
Version: 2.3-2.3
Distribution: unstable
Urgency: high
Maintainer: Debian wpasupplicant Maintainers 
<pkg-wpa-de...@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <car...@debian.org>
Closes: 804707 804708 804710
Description: 
 hostapd    - IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator
 wpagui     - graphical user interface for wpa_supplicant
 wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i)
 wpasupplicant-udeb - Client support for WPA and WPA2 (IEEE 802.11i) (udeb)
Changes:
 wpa (2.3-2.3) unstable; urgency=high
 .
   * Non-maintainer upload.
   * Add patch to address CVE-2015-5310.
     CVE-2015-5310: wpa_supplicant unauthorized WNM Sleep Mode GTK control.
     (Closes: #804707)
   * Add patches to address CVE-2015-5314 and CVE-2015-5315.
     CVE-2015-5314: hostapd: EAP-pwd missing last fragment length validation.
     CVE-2015-5315: wpa_supplicant: EAP-pwd missing last fragment length
     validation. (Closes: #804708)
   * Add patch to address CVE-2015-5316.
     CVE-2015-5316: EAP-pwd peer error path failure on unexpected Confirm
     message. (Closes: #804710)
Checksums-Sha1: 
 e8e7578c849176b1dac79e90d7bea58bf96175be 2444 wpa_2.3-2.3.dsc
 cf0c60abfffd5c3ed98de1f326d9196a0e20e457 86156 wpa_2.3-2.3.debian.tar.xz
Checksums-Sha256: 
 1bcd69263a5c1c576fd5307170e1b3056824092645ff5d78cee479be0265a8f7 2444 
wpa_2.3-2.3.dsc
 aebdeda11461e93d7f37df5f45643a3fc3c203853c884d983ed4f558604f0b2f 86156 
wpa_2.3-2.3.debian.tar.xz
Files: 
 1092a250835965dadc10ae9d531539ef 2444 net optional wpa_2.3-2.3.dsc
 38dedea3056ee103fb70c544ae1b99b8 86156 net optional wpa_2.3-2.3.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJWRPDDAAoJEAVMuPMTQ89EV+0QAIvyTLKMXBaOHtCFJKiPbwlN
7GumHIv4h6y6xg8LmaCLpoTk8eoTizn6oLByUizrYA8Lwr1PK1yvKX2kPevH+BbR
a4H1CxkMa80j8GHhrA088lLVJwxDHYoC1qnmr9TU4/KVeZeyVLtOTM00DDTS1/H5
p3AoEsw/znGCsTKYwGvqn1aA//1fdhNXMv4B9Id2pfqvkMpiJr5uKXNHfRTJjlOw
rLu7ZNd27M4YyNIfveudEZ5ZB7EeUC4uEhSoefWMmWqwBT6mv9JFD/6WO7Ni2EhR
HuCatvy/5cxx10hzEP5XSTo4veRAb2ufQZY5wRT99aAV1+rR/HEXcno64eGiN0q9
oF56G0OBdL6wOZ/m9tuDahgZJKQOIedE7GKJ/pEUKzx4av0TozMw07+1bWT3hAqC
ZzJ8Gdu+6Z8q9BgrSZP1Ogp0Kuq5f9Uj60It4RrBzAeHc1rEPVEnhLBtGV8GiWB6
0Jh/9Vj2NpatZXfP5R7/yXHFF6g/TpXRXA2XNmF2oisumhnXfeM8oLcnnftGjO5U
TJBJN+3jBPpH/Hinkl14I1Yv5HwMphAGC8EypVRx+ng+zQfAP/g6j7vcLwFyGw5o
0xpYzZoOo0d9Mg/8fPq1gIjr5Pi/1oeth4WeuPk93U7TcH78666rOQGTCPk6Sd0+
UAhIp40iVIYOBj+nGLjj
=+P4D
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to