[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2138-1] wpa security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : wpa
Version        : 2.3-1+deb8u10
CVE ID         : CVE-2019-10064

Similar to CVE-2016-10743 the host access point daemon, hostapd, in
EAP mode used a low quality pseudorandom number generator that leads to
insufficient entropy. The problem was resolved by using the
os_get_random function which provides cryptographically strong pseudo
random data.

For Debian 8 "Jessie", this problem has been fixed in version
2.3-1+deb8u10.

We recommend that you upgrade your wpa packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl5pEw9fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeT/Fg//XWg+vn2u9NOh+uTzrx5qpedC+/zSEzS6AHpxuqBcJ+viqENbhRcDy+qh
dqcfp+VWt9q3dBBJfkSNcM4cUl6pzuX31GtE3R6yQfHOIe85R7z37MAm1dFngrdp
TDxqRDv2mtUxM04zjsGZo1DbjxLQt8KP3nsW9sbVD5NNOctQEmxp5Z7rQ6ni+kdE
iJPEsy7qRygjMC5X2v/Q/hUiJNnCXrsLYShGk1R6P9ZTImSRcTOBFHSQ8Qav+9OM
Vwqor8+08A5j2Fm3Yo2lFayeCeF2trbUUkF8P84aKZatqM3wrGFgv6hyV+TkAXRF
+H60usw4tAGtw3AYCCFStRvFu63MWguyLkOFfWKdi+uleJbdIDJY7MDvgIPEENa+
LZ+m/cnfwLPU/5JPG6re13B032fDR+yav6vjebxHhiCoapZBiPKq6OO64HP7XnDr
ousRu4SH6TvuRa2sAvjz5II7he+WavSM3h/AusogDWzkO5FGnrnASMZ28yyZ3VJl
j9j2PQE7R7J6t6YIaW6Mycx7eLbBXr/l08oOWZy2Ynd+2e1gDkgSSBDPKiTRWK2s
UBAsRinfgRb2AW09dn1kSLGccyOp4Q3Z/GXs/D5OcXsmdJ4MWG7jx/O9Uzl0gVm/
CvcvN1JxKztU0HrVwXeNmAFy1rQuBTWlrO+jRCekQzYRh2qvGtU=
=X383
-----END PGP SIGNATURE-----


Reply to: