diff options
author | Felix Fietkau <nbd@openwrt.org> | 2016-01-10 17:03:37 +0000 |
---|---|---|
committer | Felix Fietkau <nbd@openwrt.org> | 2016-01-10 17:03:37 +0000 |
commit | 6c40914c0c637ee27ab513e734ef63e5a532cdb1 (patch) | |
tree | 6f122326eb20bcf29a07fb4b613cd007a724f20b /target/linux/ar71xx | |
parent | a960fcef292c805b1d7a8fe8a9f6995ca7f4931b (diff) | |
download | upstream-6c40914c0c637ee27ab513e734ef63e5a532cdb1.tar.gz upstream-6c40914c0c637ee27ab513e734ef63e5a532cdb1.tar.bz2 upstream-6c40914c0c637ee27ab513e734ef63e5a532cdb1.zip |
hostapd: fix post v2.4 security issues
- WPS: Fix HTTP chunked transfer encoding parser (CVE-2015-4141)
- EAP-pwd peer: Fix payload length validation for Commit and Confirm
(CVE-2015-4143)
- EAP-pwd server: Fix payload length validation for Commit and Confirm
(CVE-2015-4143)
- EAP-pwd peer: Fix Total-Length parsing for fragment reassembly
(CVE-2015-4144, CVE-2015-4145)
- EAP-pwd server: Fix Total-Length parsing for fragment reassembly
(CVE-2015-4144, CVE-2015-4145)
- EAP-pwd peer: Fix asymmetric fragmentation behavior (CVE-2015-4146)
- NFC: Fix payload length validation in NDEF record parser (CVE-2015-8041)
- WNM: Ignore Key Data in WNM Sleep Mode Response frame if no PMF in use
(CVE-2015-5310)
- EAP-pwd peer: Fix last fragment length validation (CVE-2015-5315)
- EAP-pwd server: Fix last fragment length validation (CVE-2015-5314)
- EAP-pwd peer: Fix error path for unexpected Confirm message (CVE-2015-5316)
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
SVN-Revision: 48185
Diffstat (limited to 'target/linux/ar71xx')
0 files changed, 0 insertions, 0 deletions