CVE-2021-30004: In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c. Patch at URL but seems there's no tag containing it.
Only affects USE=internal-tls which isn't the default. We are waiting for revision/tagged release with https://w1.fi/cgit/hostap/commit/?id=a0541334a6394f8237a4393b7372693cd7e96f15.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=56ce8ace503d45e60b72a79222bb6aada4c76124 commit 56ce8ace503d45e60b72a79222bb6aada4c76124 Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2021-06-02 12:41:04 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2021-06-02 12:59:30 +0000 net-wireless/hostapd: fix CVE-2021-30004 Bug: https://bugs.gentoo.org/780135 Package-Manager: Portage-3.0.19, Repoman-3.0.3 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> ...date-DigestAlgorithmIdentifier-parameters.patch | 115 +++++++++ net-wireless/hostapd/hostapd-2.9-r4.ebuild | 275 +++++++++++++++++++++ net-wireless/hostapd/hostapd-9999.ebuild | 2 + 3 files changed, 392 insertions(+)
amd64 done
x86 done
Unable to check for sanity: > no match for package: net-wireless/hostapd-2.9-r4
ppc stable
Commit did not drop keywords down to ~arch: commit 52123dae78919046f09b506709280128faad0a96 Author: Thomas Deutschmann <whissi@gentoo.org> Date: Fri Jun 18 00:06:19 2021 +0200 net-wireless/hostapd: rev bump for commit 6915847f2 Package-Manager: Portage-3.0.20, Repoman-3.0.3 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> diff --git a/net-wireless/hostapd/hostapd-2.9-r3.ebuild b/net-wireless/hostapd/hostapd-2.9-r5.ebuild similarity index 100% rename from net-wireless/hostapd/hostapd-2.9-r3.ebuild rename to net-wireless/hostapd/hostapd-2.9-r5.ebuild diff --git a/net-wireless/hostapd/hostapd-2.9-r4.ebuild b/net-wireless/hostapd/hostapd-2.9-r6.ebuild similarity index 100% rename from net-wireless/hostapd/hostapd-2.9-r4.ebuild rename to net-wireless/hostapd/hostapd-2.9-r6.ebuild
Oh, I see, I "fixed" the package list incorrectly. Needed to add 2 to the revision.
arm done
arm64 done all arches done
Please cleanup.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f8781a5c3a43ae5282b6fc64793d6150366c6193 commit f8781a5c3a43ae5282b6fc64793d6150366c6193 Author: Jakov Smolic <jakov.smolic@sartura.hr> AuthorDate: 2021-08-16 14:51:22 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-08-16 16:17:35 +0000 net-wireless/hostapd: Remove vulnerable 2.9-r5 Bug: https://bugs.gentoo.org/780135 Signed-off-by: Jakov Smolic <jakov.smolic@sartura.hr> Signed-off-by: Sam James <sam@gentoo.org> net-wireless/hostapd/hostapd-2.9-r5.ebuild | 270 ----------------------------- 1 file changed, 270 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=0195ea9f2ff90e0c5b9aab4eb5154bdb3fdb3ed7 commit 0195ea9f2ff90e0c5b9aab4eb5154bdb3fdb3ed7 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-09-30 08:38:51 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2023-09-30 08:39:50 +0000 [ GLSA 202309-16 ] wpa_supplicant, hostapd: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/768759 Bug: https://bugs.gentoo.org/780135 Bug: https://bugs.gentoo.org/780138 Bug: https://bugs.gentoo.org/831332 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202309-16.xml | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+)
