wpa_supplicant: * SAE changes - disable use of groups using Brainpool curves - improved protection against side channel attacks [https://w1.fi/security/2019-6/] * EAP-pwd changes - disable use of groups using Brainpool curves - allow the set of groups to be configured (eap_pwd_groups) - improved protection against side channel attacks [https://w1.fi/security/2019-6/] * fixed FT-EAP initial mobility domain association using PMKSA caching (disabled by default for backwards compatibility; can be enabled with ft_eap_pmksa_caching=1) * fixed a regression in OpenSSL 1.1+ engine loading * added validation of RSNE in (Re)Association Response frames * fixed DPP bootstrapping URI parser of channel list * extended EAP-SIM/AKA fast re-authentication to allow use with FILS * extended ca_cert_blob to support PEM format * improved robustness of P2P Action frame scheduling * added support for EAP-SIM/AKA using anonymous at realm identity * fixed Hotspot 2.0 credential selection based on roaming consortium to ignore credentials without a specific EAP method * added experimental support for EAP-TEAP peer (RFC 7170) * added experimental support for EAP-TLS peer with TLS v1.3 * fixed a regression in WMM parameter configuration for a TDLS peer * fixed a regression in operation with drivers that offload 802.1X 4-way handshake * fixed an ECDH operation corner case with OpenSSL
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=39a43a7c4c0256848f5b5934eab38bb73699506b commit 39a43a7c4c0256848f5b5934eab38bb73699506b Author: Conrad Kostecki <conrad@kostecki.com> AuthorDate: 2019-08-15 12:22:29 +0000 Commit: Rick Farina <zerochaos@gentoo.org> CommitDate: 2019-08-16 15:53:34 +0000 net-wireless/wpa_supplicant: bump to version 2.9 Also allowing privsep only without macsec. According to upstream, it's not a valid combination, when you do enable macsec and privsep together. Upstream says: CONFIG_PRIVSEP=y does not have sufficient support for the new driver interface functions used for MACsec, so this combination cannot be used at least for now. Instead of creating a new desktop file, the shipped one is used. Closes: https://bugs.gentoo.org/615872 Closes: https://bugs.gentoo.org/684442 Closes: https://bugs.gentoo.org/692062 Package-Manager: Portage-2.3.71, Repoman-2.3.17 Signed-off-by: Conrad Kostecki <conrad@kostecki.com> Signed-off-by: Rick Farina <zerochaos@gentoo.org> net-wireless/wpa_supplicant/Manifest | 1 + .../wpa_supplicant/wpa_supplicant-2.9.ebuild | 458 +++++++++++++++++++++ 2 files changed, 459 insertions(+)