ALT-BU-2016-3225-1
Branch sisyphus update bulletin.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2016-9594
curl before version 7.52.1 is vulnerable to an uninitialized random in libcurl's internal function that returns a good 32bit random value. Having a weak or virtually non-existent random value makes the operations that use it vulnerable.
- 95094
- 95094
- 1037528
- 1037528
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9594
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9594
- https://curl.haxx.se/docs/adv_20161223.html
- https://curl.haxx.se/docs/adv_20161223.html
- GLSA-201701-47
- GLSA-201701-47
- https://www.tenable.com/security/tns-2017-04
- https://www.tenable.com/security/tns-2017-04
Closed vulnerabilities
BDU:2021-01305
Уязвимость функции rand() and random() программной сертификации устройств беспроводной сети WPA, связанная с недостатком в энтропии в выборе PIN, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2016-10743
hostapd before 2.6 does not prevent use of the low-quality PRNG that is reached by an os_random() function call.
- http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html
- http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html
- 20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)
- 20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)
- [oss-security] 20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)
- [oss-security] 20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)
- [oss-security] 20200227 Re: Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)
- [oss-security] 20200227 Re: Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)
- [debian-lts-announce] 20190328 [SECURITY] [DLA 1733-1] wpa security update
- [debian-lts-announce] 20190328 [SECURITY] [DLA 1733-1] wpa security update
- USN-3944-1
- USN-3944-1
- https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389
- https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389
Modified: 2024-11-21
CVE-2016-4476
hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service (daemon outage) via a crafted WPS operation.
Modified: 2024-11-21
CVE-2019-10064
hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743.
- http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html
- http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html
- 20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)
- 20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)
- http://www.openwall.com/lists/oss-security/2020/02/27/1
- http://www.openwall.com/lists/oss-security/2020/02/27/1
- [oss-security] 20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)
- [oss-security] 20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)
- [oss-security] 20200227 Re: Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)
- [oss-security] 20200227 Re: Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)
- [debian-lts-announce] 20200311 [SECURITY] [DLA 2138-1] wpa security update
- [debian-lts-announce] 20200311 [SECURITY] [DLA 2138-1] wpa security update
- [debian-lts-announce] 20200808 [SECURITY] [DLA 2318-1] wpa security update
- [debian-lts-announce] 20200808 [SECURITY] [DLA 2318-1] wpa security update
- https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389
- https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389
Package wpa_supplicant updated to version 2.6-alt1 for branch sisyphus in task 175389.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2015-5314
The eap_pwd_process function in eap_server/eap_server_pwd.c in hostapd 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when used with (1) an internal EAP server or (2) a RADIUS server and EAP-pwd is enabled in a runtime configuration, which allows remote attackers to cause a denial of service (process termination) via a large final fragment in an EAP-pwd message.
- http://w1.fi/security/2015-7/eap-pwd-missing-last-fragment-length-validation.txt
- http://w1.fi/security/2015-7/eap-pwd-missing-last-fragment-length-validation.txt
- [oss-security] 20151110 hostapd/wpa_supplicant: EAP-pwd missing last fragment length validation
- [oss-security] 20151110 hostapd/wpa_supplicant: EAP-pwd missing last fragment length validation
- USN-2808-1
- USN-2808-1
- DSA-3397
- DSA-3397
Modified: 2024-11-21
CVE-2015-5315
The eap_pwd_process function in eap_peer/eap_pwd.c in wpa_supplicant 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when EAP-pwd is enabled in a network configuration profile, which allows remote attackers to cause a denial of service (process termination) via a large final fragment in an EAP-pwd message.
- http://w1.fi/security/2015-7/eap-pwd-missing-last-fragment-length-validation.txt
- http://w1.fi/security/2015-7/eap-pwd-missing-last-fragment-length-validation.txt
- [oss-security] 20151110 hostapd/wpa_supplicant: EAP-pwd missing last fragment length validation
- [oss-security] 20151110 hostapd/wpa_supplicant: EAP-pwd missing last fragment length validation
- USN-2808-1
- USN-2808-1
- DSA-3397
- DSA-3397
Modified: 2024-11-21
CVE-2015-5316
The eap_pwd_perform_confirm_exchange function in eap_peer/eap_pwd.c in wpa_supplicant 2.x before 2.6, when EAP-pwd is enabled in a network configuration profile, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an EAP-pwd Confirm message followed by the Identity exchange.
- http://w1.fi/security/2015-8/eap-pwd-unexpected-confirm.txt
- http://w1.fi/security/2015-8/eap-pwd-unexpected-confirm.txt
- [oss-security] 20151110 wpa_supplicant: EAP-pwd peer error path failure on unexpected Confirm message
- [oss-security] 20151110 wpa_supplicant: EAP-pwd peer error path failure on unexpected Confirm message
- 77538
- 77538
- USN-2808-1
- USN-2808-1
- DSA-3397
- DSA-3397
Modified: 2024-11-21
CVE-2016-4476
hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service (daemon outage) via a crafted WPS operation.
Package apt-scripts updated to version 0.1.2-alt2 for branch sisyphus in task 175369.
Closed bugs
Не работает скрипт list-extras.lua