wpa 2:2.9.0-17ubuntu1 source package in Ubuntu

Changelog

wpa (2:2.9.0-17ubuntu1) hirsute; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/patches/wpa_service_ignore-on-isolate.patch: add
      IgnoreOnIsolate=yes so that when switching "runlevels" in oem-config
      will not kill off wpa and cause wireless to be unavailable on first
      boot.
    - debian/patches/session-ticket.patch: disable the TLS Session Ticket
      extension to fix auth with 802.1x PEAP on some hardware.
    - debian/patches/git_roaming_interface.patch: backport upstream fix
      'dbus: Move roam metrics to the correct interface', should reduces
      the number of events
    - debian/patches/nl80211-Unbreak-mode-processing-due-to-presence-of-S.patch:
      backport upstream fix (commit 52a1b28345123c374fd0127cbce623c41a760730)
      for S1G band (LP #1912609)
    - debian/patches/git_dbus_bridge.patch: Allow changing an interface
      bridge via D-Bus (LP #1893563)

wpa (2:2.9.0-17) unstable; urgency=medium

  [ Salvatore Bonaccorso ]
  * P2P: Fix copying of secondary device types for P2P group client
    (CVE-2021-0326) (Closes: #981971).

wpa (2:2.9.0-16) unstable; urgency=high

  * Restrict eapoltest to linux-any kfreebsd-any.
  * Add an upstream patch to fix a crash with a long P2P interface name
    (Closes: #976091).
  * Security fix: CVE-2020-12695.
    A vulnerability in the UPnP SUBSCRIBE command can trigger the AP to
    initiate a HTTP (TCP/IP) connection to an arbitrary URL or to trigger
    misbehavior in hostapd and cause the process to either get terminated
    or to start using more CPU resources.
    The issue can also be mitigated by building hostapd without UPnP support
    (CONFIG_WPS_UPNP=n) or disabling it at runtime by removing the upnp_iface
    parameter.
    (Closes: #976106)
  * Refresh patches.

wpa (2:2.9.0-15) unstable; urgency=medium

  * Don’t fail the build on -Warray-bounds.

wpa (2:2.9.0-14) unstable; urgency=medium

  [ Paul Menzel ]
  * Fix unknown key warnings NetworkManager configuration drop-in.
  * Update NetworkManager configuration drop-in.
  * Remove defaults from NetworkManager configuration drop-in.
    Closes: #951268, #966811.

  [ Andrej Shadura ]
  * Add fixes proposed upstream:
    - Fix error message for radius_accept_attr config option
    - Update WPS credentials on SIGHUP

wpa (2:2.9.0-13) unstable; urgency=medium

  * Apply upstream patches:
    - Avoid sending invalid mgmt frames at startup
    - Increase introspection buffer size for D-Bus

wpa (2:2.9.0-12) unstable; urgency=medium

  * Add an upstream patch to fix the MAC randomisation issue with some cards
    (LP: #1867908).

wpa (2:2.9.0-11) unstable; urgency=medium

  * Actually add autopkgtest for libwpa-client-dev and libwpa_test.c.

wpa (2:2.9.0-10) unstable; urgency=medium

  * Rename the package with the client library to libwpa-client-dev.

wpa (2:2.9.0-9) unstable; urgency=medium

  [ Terry Burton ]
  * Build and install eapol_test in eapoltest package (Closes: #700870)

  [ Didier Raboud ]
  * Backport upstream patch to fix build with Debian's VERSION_STR.

  [ Andrew Lee (李健秋) ]
  * Build libwpa-dev binary package which contains a static
    libwpa_client library and the wpa_ctrl header with an example program.

  [ Andrej Shadura ]
  * Add a patch to provide the BIT() macro locally in wpa_ctrl.h.
  * Patch the example to use stddef.h and wpa_ctrl.h from the global location.
  * Add an autopkgtest for libwpa-dev and libwpa_test.c.

wpa (2:2.9.0-8) unstable; urgency=medium

  * Reupload as 2.9.0 to undo an accidental experimental upload to unstable.

wpa (2:2.9-7) unstable; urgency=medium

  * Apply upstream patches:
    - trace: handle binutils bfd.h breakage
    - Check for FT support when selecting FT suites (Closes: #942164)

wpa (2:2.9-6) unstable; urgency=medium

  [ Debian Janitor ]
  * Use secure URI in Homepage field.
  * Move source package lintian overrides to debian/source.
  * Use canonical URL in Vcs-Browser.
  * Rely on pre-initialized dpkg-architecture variables.
  * Update standards version to 4.4.1, no changes needed.

  [ Andrej Shadura ]
  * Disable CONFIG_DRIVER_MACSEC_QCA on kfreebsd.

wpa (2:2.9-5) unstable; urgency=medium

  * Fix erroneously inverted logic in postinst.

wpa (2:2.9-4) unstable; urgency=medium

  [ Helmut Grohne ]
  * Fix FTCBFS: Don’t export CC=cc (Closes: #921998).

  [ Andrej Shadura ]
  * Don’t act in hostapd.postinst if we’re running in a chrootless root.
  * Apply an upstream patch:
    - wpa_supplicant: Do not try to detect PSK mismatch during PTK rekeying.

wpa (2:2.9-3) unstable; urgency=medium

  * Add pkg.wpa.nogui and noudeb build profiles.

wpa (2:2.9-2) unstable; urgency=medium

  * SECURITY UPDATE:
    - AP mode PMF disconnection protection bypass.
      More details:
       + https://w1.fi/security/2019-7/
      Closes: #940080 (CVE-2019-16275)

 -- Julian Andres Klode <email address hidden>  Fri, 12 Feb 2021 11:25:17 +0100