mirror of
git://slackware.nl/current.git
synced 2024-12-31 10:28:29 +01:00
970e55afb6
patches/packages/wpa_supplicant-2.10-x86_64-2_slack15.0.txz: Rebuilt.
Patched the implementation of PEAP in wpa_supplicant to prevent an
authentication bypass. For a successful attack, wpa_supplicant must be
configured to not verify the network's TLS certificate during Phase 1
authentication, and an eap_peap_decrypt vulnerability can then be abused
to skip Phase 2 authentication. The attack vector is sending an EAP-TLV
Success packet instead of starting Phase 2. This allows an adversary to
impersonate Enterprise Wi-Fi networks.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-52160
(* Security fix *)
18 lines
1 KiB
Text
18 lines
1 KiB
Text
# HOW TO EDIT THIS FILE:
|
|
# The "handy ruler" below makes it easier to edit a package description. Line
|
|
# up the first '|' above the ':' following the base package name, and the '|'
|
|
# on the right side marks the last column you can put a character in. You must
|
|
# make exactly 11 lines for the formatting to be correct. It's also
|
|
# customary to leave one space after the ':'.
|
|
|-----handy-ruler------------------------------------------------------|
|
|
wpa_supplicant: wpa_supplicant (WPA/WPA2/IEEE 802.1X Supplicant)
|
|
wpa_supplicant:
|
|
wpa_supplicant: wpa_supplicant is a WPA Supplicant for Linux with support for WPA and
|
|
wpa_supplicant: WPA2 (IEEE 802.11i / RSN). Supplicant is the IEEE 802.1X/WPA
|
|
wpa_supplicant: component that is used in the client stations. It implements key
|
|
wpa_supplicant: negotiation with a WPA Authenticator and it controls the roaming and
|
|
wpa_supplicant: IEEE 802.11 authentication/association of the wlan driver.
|
|
wpa_supplicant:
|
|
wpa_supplicant: Homepage: http://hostap.epitest.fi/wpa_supplicant/
|
|
wpa_supplicant:
|
|
wpa_supplicant:
|