-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : wpa Version : 2.3-1+deb8u7 CVE ID : CVE-2016-10743
It was found that the fallback mechanism for generating a WPS pin in hostapd, an IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator, used a low quality pseudorandom number generator. This was resolved by using only the high quality os_get_random function. For Debian 8 "Jessie", this problem has been fixed in version 2.3-1+deb8u7. We recommend that you upgrade your wpa packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlycyypfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeQfEhAAh4y5Tt2t1RtyQMPs+UxlgJF28lDtpXd1HIVhTyZt5lbroi5U4DH38Y+j J96Uc2V7S3Mw8x35SE4MDWK0gMwxyd8NJos512NupLXjOIcMJh4364/XQn49JCgd e+iNAbWFI/HZS0KbJ3HHxacwOP9PCboj1JH29U3HHCXERKqoMSZ8coGP04yG4CZ7 /JCpjUNq20Jyt1gyViREw25SbcZRkxq9hiA1ml894W8kNpl76m0JW+ud0RktG4jg NzI3s4ROjWaUSQZSaKbdAk1Ux/beETsNuAr9HRbclgixw7ZsW7lnRJF7ZRjJCLkY 3jIAGVenNNd4xlaM74VB/zWo+G++oDtxqiEm64sPoiTYHLwq3cC7QaAbsp+zh4sV uEaxi7pBC0rAI6nhqWmK2FuGS9P+7NinIHT4TpmRWon8YU4VfSnWOb46qh4q/5LP gA75OI4aJ983sYp1KDKomoi8JJwypWzVVXFYuCb1bHX5jUasB54/KLbSs77xlmVf L9WuUIBohXCXmPyUkx4h/1OafYPfIT7Tr2WvcCS3/R85K7MoImFNIMK9poRTNTed UFvpb9bTvmv75eP6NshZbZ0AoE3KfNdeeA1q4iGlqOH+TNkErI+vk1mMbo5iwWYP /PFJ0n/zv2slDigA2W+bUFTxyBJ1xWUCkBm1mbIAHsmb2uSTrIg= =s7zI -----END PGP SIGNATURE-----
