diff options
author | Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com> | 2016-12-13 15:49:44 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-12-17 09:56:41 +0000 |
commit | 8751dbde2736a4dbea83f6f581fe90f0c60def76 (patch) | |
tree | 4dbe003be4e7a9625b90909830b409dc1971edd5 /meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-Reject-psk-parameter-set-with-invalid-passphrase-cha.patch | |
parent | 9277fcfa1ceafda1439a8e229e98e741f1301be9 (diff) | |
download | openembedded-core-contrib-8751dbde2736a4dbea83f6f581fe90f0c60def76.tar.gz |
wpa-supplicant: 2.5 -> 2.6
1)Upgrade wpa-supplicant from 2.5 to 2.6.
2)Delete 5 patches below, since they are integrated upstream.
0001-Reject-psk-parameter-set-with-invalid-passphrase-cha.patch
0001-WPS-Reject-a-Credential-with-invalid-passphrase.patch
0002-Reject-SET_CRED-commands-with-newline-characters-in-.patch
0002-Remove-newlines-from-wpa_supplicant-config-network-o.patch
0003-Reject-SET-commands-with-newline-characters-in-the-s.patch
3)License checksum changes are not related to license changes.
(From OE-Core rev: 878d411eb53e96bf78e902cc2345eccda8807bfc)
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-Reject-psk-parameter-set-with-invalid-passphrase-cha.patch')
-rw-r--r-- | meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-Reject-psk-parameter-set-with-invalid-passphrase-cha.patch | 55 |
1 files changed, 0 insertions, 55 deletions
diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-Reject-psk-parameter-set-with-invalid-passphrase-cha.patch b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-Reject-psk-parameter-set-with-invalid-passphrase-cha.patch deleted file mode 100644 index dd7d5f7267..0000000000 --- a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-Reject-psk-parameter-set-with-invalid-passphrase-cha.patch +++ /dev/null @@ -1,55 +0,0 @@ -From 73e4abb24a936014727924d8b0b2965edfc117dd Mon Sep 17 00:00:00 2001 -From: Jouni Malinen <jouni@qca.qualcomm.com> -Date: Fri, 4 Mar 2016 18:46:41 +0200 -Subject: [PATCH 1/3] Reject psk parameter set with invalid passphrase - character - -WPA/WPA2-Personal passphrase is not allowed to include control -characters. Reject a passphrase configuration attempt if that passphrase -includes an invalid passphrase. - -This fixes an issue where wpa_supplicant could have updated the -configuration file psk parameter with arbitrary data from the control -interface or D-Bus interface. While those interfaces are supposed to be -accessible only for trusted users/applications, it may be possible that -an untrusted user has access to a management software component that -does not validate the passphrase value before passing it to -wpa_supplicant. - -This could allow such an untrusted user to inject up to 63 characters of -almost arbitrary data into the configuration file. Such configuration -file could result in wpa_supplicant trying to load a library (e.g., -opensc_engine_path, pkcs11_engine_path, pkcs11_module_path, -load_dynamic_eap) from user controlled location when starting again. -This would allow code from that library to be executed under the -wpa_supplicant process privileges. - -Upstream-Status: Backport - -CVE: CVE-2016-4477 - -Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> -Signed-off-by: Zhixiong Chi <Zhixiong.Chi@windriver.com> ---- - wpa_supplicant/config.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c -index b1c7870..fdd9643 100644 ---- a/wpa_supplicant/config.c -+++ b/wpa_supplicant/config.c -@@ -478,6 +478,12 @@ static int wpa_config_parse_psk(const struct parse_data *data, - } - wpa_hexdump_ascii_key(MSG_MSGDUMP, "PSK (ASCII passphrase)", - (u8 *) value, len); -+ if (has_ctrl_char((u8 *) value, len)) { -+ wpa_printf(MSG_ERROR, -+ "Line %d: Invalid passphrase character", -+ line); -+ return -1; -+ } - if (ssid->passphrase && os_strlen(ssid->passphrase) == len && - os_memcmp(ssid->passphrase, value, len) == 0) { - /* No change to the previously configured value */ --- -1.9.1 |