Source: wpa
X-Debbugs-CC: team@security.debian.org
Severity: grave
Tags: security

Hi,

The following vulnerability was published for wpa.

CVE-2023-52160[0]:
https://www.top10vpn.com/research/wifi-vulnerabilities/ https://w1.fi/cgit/hostap/commit/?id=8e6485a1bcb0baff


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-52160
https://www.cve.org/CVERecord?id=CVE-2023-52160

Please adjust the affected versions in the BTS as needed.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Processing control commands:

tags -1 + patch

Bug #1064061 [src:wpa] wpa: CVE-2023-52160
Added tag(s) patch.

--
1064061: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064061
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

To: andrewsh@debian.org

control: tags -1 + patch

Hi,

You will find a merge request for fixing CVE-2023-52160

https://salsa.debian.org/debian/wpa/-/merge_requests/15

I can do a NMU if neeeded

Bastien

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmYZqBoACgkQADoaLapB CF+M6hAAl2xOKIktL5HggmibzZ4t3BUVh+JVfFNlBKTr7H+EY7fyvVRTmA5U3F7I 0Ic1JLP84zYeuK69HIRttWQTN4WJD/Vtc2ou0n2/1n3vzzmx/MeuO7ADSpKa8uGO hm3I6FSuA1118Ak4pnPAfiEUUQb37PiDZALQ/k9MlaWfA739tahLJ9e8QkpT4d22 As6zBkP8s+y/NuFRpL+8IDVGRtzxixDRSG3K8Zmsqu+4Puu/IHjSBJTCVQGkSnwh /4wPWjv8uLHV4wU3er71rhEJ73boThjvG3+DiLwdi072YA1e/LwBAFnj104wcsfD 6pvcKXJ/J66oSUQsY8TXJ5hmNB7EwvDbaXsTsaVkb9GRAcD/McrAzioWLWOfONVY EcnH1o6xBve1Mh0V8TqZKZORmziEiOY3j/7pbE+Q6y4sFPS+Irl5Y2IY7dJVFT// wP27esc0AElXw5NTQ1ZADmedDpRvxdzU++wobT7Tw/iawswK724+Dk+t5dGYaZde ZZgQ+Pfra4Lk1xIgQcZwzd0oZfoU40qWX/cosk393kJA9slUu2qpphpL7R87mbNy NI+pAJZGORsoBfb/Voi920DJiQKu8P5wgTtbh8jaj+7rucIjNr8fhhTJg9ix6wA8 dI8Ox2aMRCMkqRAlEsA/jHJCc221jJ5Fu1n9JSgSk/ncedKiRrI=
=Sybf
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

This is a multi-part message in MIME format...

Your message dated Sun, 28 Apr 2024 21:50:25 +0000
with message-id <E1s1CPh-001GG1-Kz@fasolo.debian.org>
and subject line Bug#1064061: fixed in wpa 2:2.10-21.1
has caused the Debian Bug report #1064061,
regarding wpa: CVE-2023-52160
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


--
1064061: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064061
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

Received: (at submit) by bugs.debian.org; 16 Feb 2024 15:13:24 +0000 X-Spam-Checker-Version: SpamAssassin 3.4.6-bugs.debian.org_2005_01_02
(2021-04-09) on buxtehude.debian.org
X-Spam-Level:
X-Spam-Status: No, score=-3.9 required=4.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham
autolearn_force=no version=3.4.6-bugs.debian.org_2005_01_02 X-Spam-Bayes: score:0.0000 Tokens: new, 25; hammy, 111; neutral, 26; spammy,
0. spammytokens: hammytokens:0.000-+--H*RU:inutil.org,
0.000-+--H*r:jmm, 0.000-+--UD:security-tracker.debian.org,
0.000-+--securitytrackerdebianorg, 0.000-+--security-tracker.debian.org Return-path: <jmm@inutil.org>
Received: from inutil.org ([109.69.64.57]:40916 helo=viruvalge.hosting.plutex.de)
by buxtehude.debian.org with esmtps (TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_256_GCM:256)