From df6a33a8d4115fcb7edd048f7dbfea054e9477b4 Mon Sep 17 00:00:00 2001 From: Petr Štetiar Date: Mon, 8 Jun 2020 17:35:32 +0200 Subject: hostapd: update to latest Git hostap_2_9-1331-g5a8b366233f5 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bump to latest Git and refresh all patches in order to get fix for "UPnP SUBSCRIBE misbehavior in hostapd WPS AP" (CVE-2020-12695). General security vulnerability in the way the callback URLs in the UPnP SUBSCRIBE command are used were reported (VU#339275, CVE-2020-12695). Some of the described issues may be applicable to the use of UPnP in WPS AP mode functionality for supporting external registrars. Ref: https://w1.fi/security/2020-1/ Signed-off-by: Petr Štetiar --- .../006-mesh-inform-kernel-driver-DFS-handler-in-userspace.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'package/network/services/hostapd/patches/006-mesh-inform-kernel-driver-DFS-handler-in-userspace.patch') diff --git a/package/network/services/hostapd/patches/006-mesh-inform-kernel-driver-DFS-handler-in-userspace.patch b/package/network/services/hostapd/patches/006-mesh-inform-kernel-driver-DFS-handler-in-userspace.patch index 8b1ce88864..2ca15e5d1e 100644 --- a/package/network/services/hostapd/patches/006-mesh-inform-kernel-driver-DFS-handler-in-userspace.patch +++ b/package/network/services/hostapd/patches/006-mesh-inform-kernel-driver-DFS-handler-in-userspace.patch @@ -26,7 +26,7 @@ Signed-off-by: Peter Oh struct wpa_driver_set_key_params { --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -10038,6 +10038,9 @@ static int nl80211_join_mesh(struct i802 +@@ -10051,6 +10051,9 @@ static int nl80211_join_mesh(struct i802 wpa_printf(MSG_DEBUG, " * flags=%08X", params->flags); -- cgit v1.2.3