← Back to team overview

touch-packages team mailing list archive

[Bug 1475633] [NEW] New upstream version 2.4 / please merge with Debian 8's wpa 2.3

 

Public bug reported:

There are new wpa_supplicant versions 2.2, 2.3 and 2.4 which bring a
horde of improvements to eg WiFi Direct (P2P) and others:
http://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog

The 2.3 is already part of the stable Debian 8.0 release so it would be
useful to sync with at least that for 15.10 (and 16.04 LTS).

--- Debian stable changelog ---
 wpa (2.3-1+deb8u1) jessie-security; urgency=high
 .
   * import "P2P: Validate SSID element length before copying it
     (CVE-2015-1863)" from upstream (Closes: #783148).

 wpa (2.3-1) unstable; urgency=medium
 .
   * New upstream release:
     - fixed by the new upstream version:
       + wpa: arbitrary command execution via action scripts (Closes: #765352).
         wpasupplicant: fixed wpa_cli action script execution to use more
         robust mechanism (CVE-2014-3686).
         hostapd: fixed hostapd_cli action script execution to use more robust
         mechanism (CVE-2014-3686).
       + wpasupplicant: MAC addressing changing broken after updating to 2.2-1
         (Closes: #763775).
       + drop ap_config_c_fix-typo-for-capabilities, applied upstream.
     - backport "Include ieee802_11_common.c in wpa_supplicant build
       unconditionally" from HEAD, to fix a newly introduced FTBS on, at least,
       kfreebsd.
   * bump standards version to 3.9.6, no changes necessary.

wpa (2.2-1) unstable; urgency=medium
 .
   * New upstream release:
     - import suggested changes from Gerald Turner <gturner@xxxxxxxxxx> (see
       #718651 for details).
       + disable ACS for hostapd on kfreebsd-any (FTBS).
     - fixed by the new upstream version:
       + wpa_supplicant: OpenSSL: tls_connection_handshake - Failed to read
       (Closes: #561081).
       + wpasupplicant: new upstream release 2.2 (Closes: #718651).
       + wpasupplicant: -s option not documented in man page (Closes: #608135).
     - refresh patches:
       + drop 13_human_readable_signal.patch, applied upstream.
       + drop hostapd_fix-WDS-VLAN-bridge-handling.patch, applied upstream.
       + drop fix-spelling-s-algorith-algorithm.patch, applied upstream.
     - adapt build configs for hostapd/ wpa_supplicant 2.2:
       + sync with updated upstream defconfigs.
       + keep Hotspot 2.0 support disabled for the time being.
       + hostapd: keep sqlite3 support disabled for the time being.
     - update debian/copyright manually, the wpa v2 branch was relicensed from
       (BSD-3-clause || GPL-2) to BSD-3-clause only (for the most part). This
       doesn't change the licensing state as the BSD-3-clause license is
       compatible with GPL-2.
   * drop pre-wheezy /lib/init/rw/sendsigs.omit.d/ migration support, invert the
     versioned initscripts dependency to a versioned breaks relation.
   * migrate from /var/run/ to /run/.
   * adapt get-orig-source for wpa 2.2.
   * drop version qualifiers for libnl3 build dependencies, as they're
     fullfilled by wheezy.
   * drop version qualifiers for the lsb-base build dependency, as they're
     fullfilled by squeeze.
   * shorten short description for hostapd.
   * sort debian/control entries.
   * make lintian happy (invalid-short-name-in-dep5-copyright bsd) and call it
     BSD-3-clause.
   * enable DEBUG_SYSLOG and set DEBUG_SYSLOG_FACILITY=LOG_DAEMON, as requested
     by Cyril Brulebois <kibi@xxxxxxxxxx> to improve logging options for d-i and
     netcfg (Closes: #761922).
   * fix various typos around "existence", thanks to A. Costa <agcosta@xxxxxxx>,
     (Closes: #683636).
   * ap_config.c: fix typo for "capabilities".
   * remove no longer required lintian override (spelling-error-in-binary for
     the).

** Affects: wpa (Ubuntu)
     Importance: Undecided
         Status: New

** Description changed:

  There are new wpa_supplicant versions 2.2, 2.3 and 2.4 which bring a
  horde of improvements to eg WiFi Direct (P2P) and others:
  http://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog
  
  The 2.3 is already part of the stable Debian 8.0 release so it would be
  useful to sync with at least that for 15.10 (and 16.04 LTS).
  
  --- Debian stable changelog ---
-  wpa (2.3-1+deb8u1) jessie-security; urgency=high
-  .
-    * import "P2P: Validate SSID element length before copying it
-      (CVE-2015-1863)" from upstream (Closes: #783148).
+  wpa (2.3-1+deb8u1) jessie-security; urgency=high
+  .
+    * import "P2P: Validate SSID element length before copying it
+      (CVE-2015-1863)" from upstream (Closes: #783148).
  
- wpa (2.3-1) unstable; urgency=medium
-  .
-    * New upstream release:
-      - fixed by the new upstream version:
-        + wpa: arbitrary command execution via action scripts (Closes: #765352).
-          wpasupplicant: fixed wpa_cli action script execution to use more
-          robust mechanism (CVE-2014-3686).
-          hostapd: fixed hostapd_cli action script execution to use more robust
-          mechanism (CVE-2014-3686).
-        + wpasupplicant: MAC addressing changing broken after updating to 2.2-1
-          (Closes: #763775).
-        + drop ap_config_c_fix-typo-for-capabilities, applied upstream.
-      - backport "Include ieee802_11_common.c in wpa_supplicant build
-        unconditionally" from HEAD, to fix a newly introduced FTBS on, at least,
-        kfreebsd.
-    * bump standards version to 3.9.6, no changes necessary.
+  wpa (2.3-1) unstable; urgency=medium
+  .
+    * New upstream release:
+      - fixed by the new upstream version:
+        + wpa: arbitrary command execution via action scripts (Closes: #765352).
+          wpasupplicant: fixed wpa_cli action script execution to use more
+          robust mechanism (CVE-2014-3686).
+          hostapd: fixed hostapd_cli action script execution to use more robust
+          mechanism (CVE-2014-3686).
+        + wpasupplicant: MAC addressing changing broken after updating to 2.2-1
+          (Closes: #763775).
+        + drop ap_config_c_fix-typo-for-capabilities, applied upstream.
+      - backport "Include ieee802_11_common.c in wpa_supplicant build
+        unconditionally" from HEAD, to fix a newly introduced FTBS on, at least,
+        kfreebsd.
+    * bump standards version to 3.9.6, no changes necessary.
  
  wpa (2.2-1) unstable; urgency=medium
-  .
-    * New upstream release:
-      - import suggested changes from Gerald Turner <gturner@xxxxxxxxxx> (see
-        #718651 for details).
-        + disable ACS for hostapd on kfreebsd-any (FTBS).
-      - fixed by the new upstream version:
-        + wpa_supplicant: OpenSSL: tls_connection_handshake - Failed to read
-        (Closes: #561081).
-        + wpasupplicant: new upstream release 2.2 (Closes: #718651).
-        + wpasupplicant: -s option not documented in man page (Closes: #608135).
-      - refresh patches:
-        + drop 13_human_readable_signal.patch, applied upstream.
-        + drop hostapd_fix-WDS-VLAN-bridge-handling.patch, applied upstream.
-        + drop fix-spelling-s-algorith-algorithm.patch, applied upstream.
-      - adapt build configs for hostapd/ wpa_supplicant 2.2:
-        + sync with updated upstream defconfigs.
-        + keep Hotspot 2.0 support disabled for the time being.
-        + hostapd: keep sqlite3 support disabled for the time being.
-      - update debian/copyright manually, the wpa v2 branch was relicensed from
-        (BSD-3-clause || GPL-2) to BSD-3-clause only (for the most part). This
-        doesn't change the licensing state as the BSD-3-clause license is
-        compatible with GPL-2.
-    * drop pre-wheezy /lib/init/rw/sendsigs.omit.d/ migration support, invert the
-      versioned initscripts dependency to a versioned breaks relation.
-    * migrate from /var/run/ to /run/.
-    * adapt get-orig-source for wpa 2.2.
-    * drop version qualifiers for libnl3 build dependencies, as they're
-      fullfilled by wheezy.
-    * drop version qualifiers for the lsb-base build dependency, as they're
-      fullfilled by squeeze.
-    * shorten short description for hostapd.
-    * sort debian/control entries.
-    * make lintian happy (invalid-short-name-in-dep5-copyright bsd) and call it
-      BSD-3-clause.
-    * enable DEBUG_SYSLOG and set DEBUG_SYSLOG_FACILITY=LOG_DAEMON, as requested
-      by Cyril Brulebois <kibi@xxxxxxxxxx> to improve logging options for d-i and
-      netcfg (Closes: #761922).
-    * fix various typos around "existence", thanks to A. Costa <agcosta@xxxxxxx>,
-      (Closes: #683636).
-    * ap_config.c: fix typo for "capabilities".
-    * remove no longer required lintian override (spelling-error-in-binary for
-      the).
+  .
+    * New upstream release:
+      - import suggested changes from Gerald Turner <gturner@xxxxxxxxxx> (see
+        #718651 for details).
+        + disable ACS for hostapd on kfreebsd-any (FTBS).
+      - fixed by the new upstream version:
+        + wpa_supplicant: OpenSSL: tls_connection_handshake - Failed to read
+        (Closes: #561081).
+        + wpasupplicant: new upstream release 2.2 (Closes: #718651).
+        + wpasupplicant: -s option not documented in man page (Closes: #608135).
+      - refresh patches:
+        + drop 13_human_readable_signal.patch, applied upstream.
+        + drop hostapd_fix-WDS-VLAN-bridge-handling.patch, applied upstream.
+        + drop fix-spelling-s-algorith-algorithm.patch, applied upstream.
+      - adapt build configs for hostapd/ wpa_supplicant 2.2:
+        + sync with updated upstream defconfigs.
+        + keep Hotspot 2.0 support disabled for the time being.
+        + hostapd: keep sqlite3 support disabled for the time being.
+      - update debian/copyright manually, the wpa v2 branch was relicensed from
+        (BSD-3-clause || GPL-2) to BSD-3-clause only (for the most part). This
+        doesn't change the licensing state as the BSD-3-clause license is
+        compatible with GPL-2.
+    * drop pre-wheezy /lib/init/rw/sendsigs.omit.d/ migration support, invert the
+      versioned initscripts dependency to a versioned breaks relation.
+    * migrate from /var/run/ to /run/.
+    * adapt get-orig-source for wpa 2.2.
+    * drop version qualifiers for libnl3 build dependencies, as they're
+      fullfilled by wheezy.
+    * drop version qualifiers for the lsb-base build dependency, as they're
+      fullfilled by squeeze.
+    * shorten short description for hostapd.
+    * sort debian/control entries.
+    * make lintian happy (invalid-short-name-in-dep5-copyright bsd) and call it
+      BSD-3-clause.
+    * enable DEBUG_SYSLOG and set DEBUG_SYSLOG_FACILITY=LOG_DAEMON, as requested
+      by Cyril Brulebois <kibi@xxxxxxxxxx> to improve logging options for d-i and
+      netcfg (Closes: #761922).
+    * fix various typos around "existence", thanks to A. Costa <agcosta@xxxxxxx>,
+      (Closes: #683636).
+    * ap_config.c: fix typo for "capabilities".
+    * remove no longer required lintian override (spelling-error-in-binary for
+      the).

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to wpa in Ubuntu.
https://bugs.launchpad.net/bugs/1475633

Title:
  New upstream version 2.4 / please merge with Debian 8's wpa 2.3

Status in wpa package in Ubuntu:
  New

Bug description:
  There are new wpa_supplicant versions 2.2, 2.3 and 2.4 which bring a
  horde of improvements to eg WiFi Direct (P2P) and others:
  http://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog

  The 2.3 is already part of the stable Debian 8.0 release so it would
  be useful to sync with at least that for 15.10 (and 16.04 LTS).

  --- Debian stable changelog ---
   wpa (2.3-1+deb8u1) jessie-security; urgency=high
   .
     * import "P2P: Validate SSID element length before copying it
       (CVE-2015-1863)" from upstream (Closes: #783148).

   wpa (2.3-1) unstable; urgency=medium
   .
     * New upstream release:
       - fixed by the new upstream version:
         + wpa: arbitrary command execution via action scripts (Closes: #765352).
           wpasupplicant: fixed wpa_cli action script execution to use more
           robust mechanism (CVE-2014-3686).
           hostapd: fixed hostapd_cli action script execution to use more robust
           mechanism (CVE-2014-3686).
         + wpasupplicant: MAC addressing changing broken after updating to 2.2-1
           (Closes: #763775).
         + drop ap_config_c_fix-typo-for-capabilities, applied upstream.
       - backport "Include ieee802_11_common.c in wpa_supplicant build
         unconditionally" from HEAD, to fix a newly introduced FTBS on, at least,
         kfreebsd.
     * bump standards version to 3.9.6, no changes necessary.

  wpa (2.2-1) unstable; urgency=medium
   .
     * New upstream release:
       - import suggested changes from Gerald Turner <gturner@xxxxxxxxxx> (see
         #718651 for details).
         + disable ACS for hostapd on kfreebsd-any (FTBS).
       - fixed by the new upstream version:
         + wpa_supplicant: OpenSSL: tls_connection_handshake - Failed to read
         (Closes: #561081).
         + wpasupplicant: new upstream release 2.2 (Closes: #718651).
         + wpasupplicant: -s option not documented in man page (Closes: #608135).
       - refresh patches:
         + drop 13_human_readable_signal.patch, applied upstream.
         + drop hostapd_fix-WDS-VLAN-bridge-handling.patch, applied upstream.
         + drop fix-spelling-s-algorith-algorithm.patch, applied upstream.
       - adapt build configs for hostapd/ wpa_supplicant 2.2:
         + sync with updated upstream defconfigs.
         + keep Hotspot 2.0 support disabled for the time being.
         + hostapd: keep sqlite3 support disabled for the time being.
       - update debian/copyright manually, the wpa v2 branch was relicensed from
         (BSD-3-clause || GPL-2) to BSD-3-clause only (for the most part). This
         doesn't change the licensing state as the BSD-3-clause license is
         compatible with GPL-2.
     * drop pre-wheezy /lib/init/rw/sendsigs.omit.d/ migration support, invert the
       versioned initscripts dependency to a versioned breaks relation.
     * migrate from /var/run/ to /run/.
     * adapt get-orig-source for wpa 2.2.
     * drop version qualifiers for libnl3 build dependencies, as they're
       fullfilled by wheezy.
     * drop version qualifiers for the lsb-base build dependency, as they're
       fullfilled by squeeze.
     * shorten short description for hostapd.
     * sort debian/control entries.
     * make lintian happy (invalid-short-name-in-dep5-copyright bsd) and call it
       BSD-3-clause.
     * enable DEBUG_SYSLOG and set DEBUG_SYSLOG_FACILITY=LOG_DAEMON, as requested
       by Cyril Brulebois <kibi@xxxxxxxxxx> to improve logging options for d-i and
       netcfg (Closes: #761922).
     * fix various typos around "existence", thanks to A. Costa <agcosta@xxxxxxx>,
       (Closes: #683636).
     * ap_config.c: fix typo for "capabilities".
     * remove no longer required lintian override (spelling-error-in-binary for
       the).

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/wpa/+bug/1475633/+subscriptions


Follow ups