<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/meta-openembedded.git/meta-oe/recipes-connectivity/hostapd/hostapd_2.6.bb, branch master</title>
<subtitle>Mirror of git.openembedded.org/meta-openembedded</subtitle>
<id>https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=master</id>
<link rel='self' href='https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=master'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/'/>
<updated>2019-04-29T17:13:56+00:00</updated>
<entry>
<title>hostapd: Upgrade to 2.8</title>
<updated>2019-04-29T17:13:56+00:00</updated>
<author>
<name>Mingli Yu</name>
<email>mingli.yu@windriver.com</email>
</author>
<published>2019-04-23T04:33:18+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=f0a1045515860d9c681ab07f68e1c6d2bec79296'/>
<id>urn:sha1:f0a1045515860d9c681ab07f68e1c6d2bec79296</id>
<content type='text'>
License-Update: Copyright year updated to 2019.

Remove 8 backported patches.

Signed-off-by: Mingli Yu &lt;mingli.yu@windriver.com&gt;
Acked-by: Philip Balister &lt;philip@balister.org&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
</content>
</entry>
<entry>
<title>hostapd: fix CVE-2018-14526</title>
<updated>2018-09-05T15:04:22+00:00</updated>
<author>
<name>Andrej Valek</name>
<email>andrej.valek@siemens.com</email>
</author>
<published>2018-09-04T15:58:54+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=ba82e1b5ec9a885ef3e554af917b8db5982e59d3'/>
<id>urn:sha1:ba82e1b5ec9a885ef3e554af917b8db5982e59d3</id>
<content type='text'>
Ignore unauthenticated encrypted EAPOL-Key data in supplicant
processing. When using WPA2, these are frames that have the Encrypted
flag set, but not the MIC flag.

Signed-off-by: Andrej Valek &lt;andrej.valek@siemens.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
</content>
</entry>
<entry>
<title>hostapd: fix the bug for PATCHTOOL = "patch"</title>
<updated>2018-05-29T19:57:23+00:00</updated>
<author>
<name>Zheng Ruoqin</name>
<email>zhengrq.fnst@cn.fujitsu.com</email>
</author>
<published>2018-05-27T10:42:20+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=543bb9c05a7d579ff8acbd46ee7c4502fa86a93f'/>
<id>urn:sha1:543bb9c05a7d579ff8acbd46ee7c4502fa86a93f</id>
<content type='text'>
When switch PATCHTOOL to patch, the key-replay-cve-multiple.patch can't
be apply with "--dry-run" as follows:

checking file src/ap/ieee802_11.c
checking file src/ap/wpa_auth.c
checking file src/ap/wpa_auth.h
checking file src/ap/wpa_auth_ft.c
checking file src/ap/wpa_auth_i.h
checking file src/common/wpa_common.h
checking file src/rsn_supp/wpa.c
checking file src/rsn_supp/wpa_i.h
checking file src/rsn_supp/wpa.c
Hunk #1 FAILED at 709.
Hunk #2 FAILED at 757.
Hunk #3 succeeded at 840 (offset -12 lines).
Hunk #4 FAILED at 868.
Hunk #5 FAILED at 900.
Hunk #6 FAILED at 924.
Hunk #7 succeeded at 1536 (offset -38 lines).
Hunk #8 FAILED at 2386.
Hunk #9 FAILED at 2920.
Hunk #10 succeeded at 2940 (offset -46 lines).
Hunk #11 FAILED at 2998.
8 out of 11 hunks FAILED
checking file src/rsn_supp/wpa_i.h
Hunk #1 FAILED at 32.
1 out of 1 hunk FAILED
checking file src/common/wpa_common.h
Hunk #1 succeeded at 215 with fuzz 1.
checking file src/rsn_supp/wpa.c
checking file src/rsn_supp/wpa_i.h
checking file src/ap/wpa_auth.c
Hunk #1 succeeded at 1898 (offset -3 lines).
Hunk #2 succeeded at 2470 (offset -3 lines).
checking file src/rsn_supp/tdls.c
checking file src/rsn_supp/wpa.c
Hunk #1 succeeded at 2378 (offset -62 lines).
checking file src/rsn_supp/wpa_ft.c
checking file src/rsn_supp/wpa_i.h
Hunk #1 succeeded at 123 (offset -5 lines).

So split the key-replay-cve-multiple.patch to 7 patches.

Signed-off-by: Zheng Ruoqin &lt;zhengrq.fnst@cn.fujitsu.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
</content>
</entry>
<entry>
<title>hostapd: fix LICENSE + misc recipe updates</title>
<updated>2018-04-09T00:00:06+00:00</updated>
<author>
<name>Andre McCurdy</name>
<email>armccurdy@gmail.com</email>
</author>
<published>2018-03-16T03:07:30+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=8a54026a23c81b8818a5aef9e7cdcbef5b1fd157'/>
<id>urn:sha1:8a54026a23c81b8818a5aef9e7cdcbef5b1fd157</id>
<content type='text'>
According to the COPYING file in the top level of the hostapd source
tree, hostapd was re-licensed from dual BSD/GPLv2 to BSD only in
February 2012. This change has apparently gone unnoticed for the
past 6 years, but fix it now.

Also use pkg-config to find libnl headers (instead of hardcoding),
append to base do_configure (instead of over-riding), respect OE's
default CFLAGS (instead of ignoring) and make some minor formatting
tweaks to bring the recipe more in line with the OE Styleguide.

Signed-off-by: Andre McCurdy &lt;armccurdy@gmail.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>hostapd: not compatible with openssl-no-weak-ciphers</title>
<updated>2018-03-22T01:34:24+00:00</updated>
<author>
<name>Slater, Joseph</name>
<email>joe.slater@windriver.com</email>
</author>
<published>2018-03-14T02:15:10+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=0be593bd12d5c51dfa9358e51a0c1668acb449c1'/>
<id>urn:sha1:0be593bd12d5c51dfa9358e51a0c1668acb449c1</id>
<content type='text'>
Use CONFLICT_DISTRO_FEATURES to not build if des is not supported.

Signed-off-by: Joe Slater &lt;joe.slater@windriver.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>hostapd: fix WPA2 key replay security bug</title>
<updated>2017-10-16T20:42:22+00:00</updated>
<author>
<name>Mark Hatle</name>
<email>mark.hatle@windriver.com</email>
</author>
<published>2017-10-16T16:43:36+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=ed6b5da8740034faf599010c12e3dc77e5490cd4'/>
<id>urn:sha1:ed6b5da8740034faf599010c12e3dc77e5490cd4</id>
<content type='text'>
Note, hostapd and wpa_supplicant use the same sources.  This commit is based
on Ross Burton's change to OpenEmbedded-core.  Below is Ross's commit message
from OpenEmbedded-Core.

    WPA2 is vulnerable to replay attacks which result in unauthenticated users
    having access to the network.

    * CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake

    * CVE-2017-13078: reinstallation of the group key in the Four-way handshake

    * CVE-2017-13079: reinstallation of the integrity group key in the Four-way
    handshake

    * CVE-2017-13080: reinstallation of the group key in the Group Key handshake

    * CVE-2017-13081: reinstallation of the integrity group key in the Group Key
    handshake

    * CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation
    Request and reinstalling the pairwise key while processing it

    * CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)
    PeerKey (TPK) key in the TDLS handshake

    * CVE-2017-13087: reinstallation of the group key (GTK) when processing a
    Wireless Network Management (WNM) Sleep Mode Response frame

    * CVE-2017-13088: reinstallation of the integrity group key (IGTK) when
    processing a Wireless Network Management (WNM) Sleep Mode Response frame

    Backport patches from upstream to resolve these CVEs.

    Signed-off-by: Ross Burton &lt;ross.burton@intel.com&gt;

The hunk:

[PATCH 7/8] WNM: Ignore WNM-Sleep Mode Response without pending request

does not apply to hostapd and was removed from the patch.

Signed-off-by: Mark Hatle &lt;mark.hatle@windriver.com&gt;
Signed-off-by: Martin Jansa &lt;Martin.Jansa@gmail.com&gt;
</content>
</entry>
<entry>
<title>hostapd: 2.5 -&gt; 2.6</title>
<updated>2017-04-26T18:14:16+00:00</updated>
<author>
<name>Huang Qiyu</name>
<email>huangqy.fnst@cn.fujitsu.com</email>
</author>
<published>2017-04-26T02:22:03+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=ba89d451fba299f00f3dff902cc6456106525fc9'/>
<id>urn:sha1:ba89d451fba299f00f3dff902cc6456106525fc9</id>
<content type='text'>
1) Upgrade hostapd from 2.5 to 2.6.
2) License checksum changed,since the copyright years were updated.
2) Delete patch "0001-WPS-Reject-a-Credential-with-invalid-passphrase.patch", since it is integrated upstream.

Signed-off-by: Huang Qiyu &lt;huangqy.fnst@cn.fujitsu.com&gt;
Signed-off-by: Martin Jansa &lt;Martin.Jansa@gmail.com&gt;
</content>
</entry>
</feed>
