Control: tags -1 + pending Hi
On Monday 08 October 2012, Nico Golde wrote: > Package: wpa > Severity: grave > Tags: security patch > > Hi, > the following vulnerability was published for hostapd. > > CVE-2012-4445[0]: > | Timo Warns discovered that the internal authentication server of hostapd, > | a user space IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator, > | is vulnerable to a buffer overflow when processing fragmented EAP-TLS > | messages. As a result, an internal overflow checking routine terminates > | the process. An attacker can abuse this flaw to conduct denial of service > | attacks via crafted EAP-TLS messages prior to any authentication. > > If you fix the vulnerability please also make sure to include the > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > Please also ask for an unblock on -release after fixing this issue so it will > be picked up for wheezy. > > The patch I used for the DSA: > http://people.debian.org/~nion/nmu-diff/hostapd-0.6.10-2_0.6.10-2+squeeze1.patch > > For further information see: > > [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4445 > http://security-tracker.debian.org/tracker/CVE-2012-4445 Thanks a lot, I found that one[1] after receiving the ftp-master accept already, I'll try to contact a potential sponsor for [2] within the next few hours. Regards Stefan Lippers-Hollmann [1] http://anonscm.debian.org/viewvc/pkg-wpa/wpa/trunk/debian/patches/EAP-TLS-server_fix-TLS-Message-length-validation.patch?view=markup [2] http://aptosid.com/slh/wpa/wpa_1.0-3.dsc http://aptosid.com/slh/wpa/wpa_1.0-3.debian.tar.gz http://aptosid.com/slh/wpa/wpa_1.0.orig.tar.gz
signature.asc
Description: This is a digitally signed message part.
