Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 3052-1] wpa security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 3052-1] wpa security update


Chronologisch Thread 
  • From: Michael Gilbert <mgilbert AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 3052-1] wpa security update
  • Date: Thu, 16 Oct 2014 00:02:40 -0400
  • List-archive: <https://service.piratenpartei.de/pipermail/it-securitynotifies>
  • List-id: Sicherheitsankündigungen <it-securitynotifies.lists.piratenpartei.de>
  • Old-return-path: <gilbert AT psidef.org>
  • Priority: urgent
  • Resent-date: Thu, 16 Oct 2014 04:03:05 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <Qhl4r_SbBJB.A.N1B.5N0PUB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3052-1 security AT debian.org
http://www.debian.org/security/ Michael Gilbert
October 15, 2014 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : wpa
CVE ID : CVE-2014-3686
Debian Bug : 765352

Jouni Malinen discovered an input sanitization issue in the wpa_cli and
hostapd_cli tools included in the wpa package. A remote wifi system
within range could provide a crafted string triggering arbitrary code
execution running with privileges of the affected wpa_cli or hostapd_cli
process.

For the stable distribution (wheezy), this problem has been fixed in
version 1.0-3+deb7u1.

For the testing distribution (jessie), this problem will be fixed soon.

For the unstable distribution (sid), this problem has been fixed in
version 2.3-1.

We recommend that you upgrade your wpa packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQQcBAEBCgAGBQJUP0NCAAoJELjWss0C1vRzUI0f/0+0H+kYgMDFtpdD9ujvGd4J
Su4KrAw3ZfX+4HXaBn0LrF8siOMChdCmsNDGp54B3PnCTNNuC1I13wDu01jgqJGa
sQnnie4XeTKF3hRLm1BLIkp5ozwtLKxEZA1KYoaVOEJq/06wO7YGNJG+ObDMFcUG
pJbqqtpBaQ/f2NhY3N4RfOgBuVsEPDSw2vYA9aaXJp1gilOJWkenCvrIvmMwWnHu
bslSiqlv7TozQY387cPUKCco19mRcskkl87eaL2ptQ4q67p4yB2Rw6NHJp+HnC1T
EQhLBVJJiE0PTqYckVVtU0yRuj5yqgRB8Pgq6Qe7/n3LdKhemnMsT3QuTzMJbSUI
Dxro/54MM9NzggbqoqaCTZDkv3E6MuFvnkB1r5r/9I57L3f1iSX9sBU23LTRq146
dcvyaQZwB93rPHvM18tMOS+cnx2cylyQdwIxsSzOrfYbqBE6ibJ/VbQTUJAo/yEs
7wHDB5FN3KTfWygPS+MbiO+ZTuBlV7bGQs0lli07guDLkt8PPSjkctF/ycK4CiO1
u3DCDpoeB+7gN6kwHAEq+FlCH64UDac9YsZFXmvh+QBJ3hecy4Sg5vF0KnEzJaLb
6bQmoCnw4hXkBfqdMeVgdDQNmDTRMWM31gD1MKZmyXFQioeUeK7jIi8zWo7Q9LQp
bFIoegAgBXtjUNs2+XNyAWVUC61e5iPTzbPS4m9EibKNV2kKmcSDLvgyprz24Wrq
0sVVv2MC0tA6g5eD4Xkcjs4ERrgjcEJHye0p2pUkxOie0ln2olGnUmMIMp3LJ9au
zo7LAk1TI4KppJBRj0o34qykXU//M0mG+Y6I2GZMsfamqcCOPq41sXHpm8c/EyUA
Uv91COG9z3JfEvw8X6PHxU/ZB/K6mwi/8fldBTBXmCAGaBLyKF2m3IHhv7l9TWpx
qs70ldpz82yE9nP4j79su8qglrLF1X6Ef5ClySe7/l4DlkyKy1/LJc//7hG7ml8T
ukmiLoNDEDUMBKqOxX6w5fOVtoGDrn7jyZVlEgAhGSb78UckOKnaGgf+hLd/PD98
rCYuw9qoAbUYmja7PG5AKfxz7VfRL3rOvbt4DfBYXd1F6UiJVLLVmLOshBW050qe
AYxMCnjRFUYcWrOjX2YjAaEEYHvIA0ZewBWXo17/bKOK0GCAwm9v4xi263qjkC9F
2e3Qg1HaEMxwN4TFpEigpUL429OwLagvR/5nrd/XBl14WSXhbcUw4UENNd2L2bv9
wM2Y4UoB8q8X6T2Vb8CwYNW8t8hRRbB/caV6wQLeh0L1QMMFqf/SCBQ5VFRMXUag
GTknMs9oYCT0EXg0ketGSKKMfNzQLinUD1cFl+vbt7yw5aNGY9PqlqBQVMQCmBg=
=7z9s
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST AT lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster AT lists.debian.org
Archive: E1XecGu-0002DN-J6 AT alpha.psidef.org">https://lists.debian.org/E1XecGu-0002DN-J6 AT alpha.psidef.org




  • [IT-SecNots] [SECURITY] [DSA 3052-1] wpa security update, Michael Gilbert, 16.10.2014

Archiv bereitgestellt durch MHonArc 2.6.19.

Seitenanfang