From df6a33a8d4115fcb7edd048f7dbfea054e9477b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20=C5=A0tetiar?= Date: Mon, 8 Jun 2020 17:35:32 +0200 Subject: hostapd: update to latest Git hostap_2_9-1331-g5a8b366233f5 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bump to latest Git and refresh all patches in order to get fix for "UPnP SUBSCRIBE misbehavior in hostapd WPS AP" (CVE-2020-12695). General security vulnerability in the way the callback URLs in the UPnP SUBSCRIBE command are used were reported (VU#339275, CVE-2020-12695). Some of the described issues may be applicable to the use of UPnP in WPS AP mode functionality for supporting external registrars. Ref: https://w1.fi/security/2020-1/ Signed-off-by: Petr Štetiar --- .../461-driver_nl80211-use-new-parameters-during-ibss-join.patch | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'package/network/services/hostapd/patches/461-driver_nl80211-use-new-parameters-during-ibss-join.patch') diff --git a/package/network/services/hostapd/patches/461-driver_nl80211-use-new-parameters-during-ibss-join.patch b/package/network/services/hostapd/patches/461-driver_nl80211-use-new-parameters-during-ibss-join.patch index 955e15e307..61d2089bc8 100644 --- a/package/network/services/hostapd/patches/461-driver_nl80211-use-new-parameters-during-ibss-join.patch +++ b/package/network/services/hostapd/patches/461-driver_nl80211-use-new-parameters-during-ibss-join.patch @@ -10,7 +10,7 @@ Signed-hostap: Antonio Quartulli --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -5583,7 +5583,7 @@ static int wpa_driver_nl80211_ibss(struc +@@ -5584,7 +5584,7 @@ static int wpa_driver_nl80211_ibss(struc struct wpa_driver_associate_params *params) { struct nl_msg *msg; @@ -19,7 +19,7 @@ Signed-hostap: Antonio Quartulli int count = 0; wpa_printf(MSG_DEBUG, "nl80211: Join IBSS (ifindex=%d)", drv->ifindex); -@@ -5610,6 +5610,37 @@ retry: +@@ -5611,6 +5611,37 @@ retry: nl80211_put_beacon_int(msg, params->beacon_int)) goto fail; -- cgit v1.2.3