From df6a33a8d4115fcb7edd048f7dbfea054e9477b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20=C5=A0tetiar?= Date: Mon, 8 Jun 2020 17:35:32 +0200 Subject: hostapd: update to latest Git hostap_2_9-1331-g5a8b366233f5 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bump to latest Git and refresh all patches in order to get fix for "UPnP SUBSCRIBE misbehavior in hostapd WPS AP" (CVE-2020-12695). General security vulnerability in the way the callback URLs in the UPnP SUBSCRIBE command are used were reported (VU#339275, CVE-2020-12695). Some of the described issues may be applicable to the use of UPnP in WPS AP mode functionality for supporting external registrars. Ref: https://w1.fi/security/2020-1/ Signed-off-by: Petr Štetiar --- package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch') diff --git a/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch b/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch index 6d48175163..5f1f8e3d82 100644 --- a/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch +++ b/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch @@ -1,6 +1,6 @@ --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -2407,11 +2407,13 @@ void ibss_mesh_setup_freq(struct wpa_sup +@@ -2411,11 +2411,13 @@ void ibss_mesh_setup_freq(struct wpa_sup for (j = 0; j < wpa_s->last_scan_res_used; j++) { struct wpa_bss *bss = wpa_s->last_scan_res[j]; -- cgit v1.2.3