Does not know why Ubuntu has a delta with Debian Experimental. Some cve were fixed. http://metadata.ftp-master.debian.org/changelogs/main/w/wpa/wpa_2.6-4_changelog
well, maybe due to grave & serious reported bugs : https://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=wpasupplicant;dist=unstable Source: http://w1.fi/security/2017-1/ ** Information type changed from Public to Public Security -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to wpa in Ubuntu. https://bugs.launchpad.net/bugs/1723909 Title: [security] Many vulnerabilities discovered Status in wpa package in Ubuntu: New Bug description: This is a high vulnerability problem: The attack works against all modern protected Wi-Fi networks All details: https://www.krackattacks.com/ ProblemType: Bug DistroRelease: Ubuntu 17.10 Package: wpasupplicant 2.4-0ubuntu9 ProcVersionSignature: Ubuntu 4.13.0-16.19-generic 4.13.4 Uname: Linux 4.13.0-16-generic x86_64 ApportVersion: 2.20.7-0ubuntu3 Architecture: amd64 CurrentDesktop: GNOME Date: Mon Oct 16 11:54:57 2017 EcryptfsInUse: Yes SourcePackage: wpa UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wpa/+bug/1723909/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp