aboutsummaryrefslogtreecommitdiffstats
path: root/package/system
diff options
context:
space:
mode:
authorFelix Fietkau <nbd@openwrt.org>2016-01-10 17:04:09 +0000
committerFelix Fietkau <nbd@openwrt.org>2016-01-10 17:04:09 +0000
commitf044e32391825ab2be7ed85e88fad3b4c73d34d8 (patch)
treef7adbacc449f2336543b140931ad319d6782f075 /package/system
parent1f13935e70421827c2f1f4d44b8848397e769729 (diff)
downloadupstream-f044e32391825ab2be7ed85e88fad3b4c73d34d8.tar.gz
upstream-f044e32391825ab2be7ed85e88fad3b4c73d34d8.tar.bz2
upstream-f044e32391825ab2be7ed85e88fad3b4c73d34d8.zip
hostapd: fix post v2.4 security issues
- WPS: Fix HTTP chunked transfer encoding parser (CVE-2015-4141) - EAP-pwd peer: Fix payload length validation for Commit and Confirm (CVE-2015-4143) - EAP-pwd server: Fix payload length validation for Commit and Confirm (CVE-2015-4143) - EAP-pwd peer: Fix Total-Length parsing for fragment reassembly (CVE-2015-4144, CVE-2015-4145) - EAP-pwd server: Fix Total-Length parsing for fragment reassembly (CVE-2015-4144, CVE-2015-4145) - EAP-pwd peer: Fix asymmetric fragmentation behavior (CVE-2015-4146) - NFC: Fix payload length validation in NDEF record parser (CVE-2015-8041) - WNM: Ignore Key Data in WNM Sleep Mode Response frame if no PMF in use (CVE-2015-5310) - EAP-pwd peer: Fix last fragment length validation (CVE-2015-5315) - EAP-pwd server: Fix last fragment length validation (CVE-2015-5314) - EAP-pwd peer: Fix error path for unexpected Confirm message (CVE-2015-5316) Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de> Backport of r48185 git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@48186 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'package/system')
0 files changed, 0 insertions, 0 deletions