692060 – net-wireless/hostapd-2.9 version bump

Bug 692060 - net-wireless/hostapd-2.9 version bump

Summary: net-wireless/hostapd-2.9 version bump

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Andriy Utkin (RETIRED)

URL:	http://lists.infradead.org/pipermail/...
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2019-08-13 10:36 UTC by Lars Wendler (Polynomial-C) (RETIRED)
Modified:	2019-08-19 18:21 UTC (History)
CC List:	1 user (show)

See Also:	692062
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev

2019-08-13 10:36:54 UTC

hostapd:
* SAE changes
  - disable use of groups using Brainpool curves
  - improved protection against side channel attacks
  [https://w1.fi/security/2019-6/]
* EAP-pwd changes
  - disable use of groups using Brainpool curves
  - improved protection against side channel attacks
  [https://w1.fi/security/2019-6/]
* fixed FT-EAP initial mobility domain association using PMKSA caching
* added configuration of airtime policy
* fixed FILS to and RSNE into (Re)Association Response frames
* fixed DPP bootstrapping URI parser of channel list
* added support for regulatory WMM limitation (for ETSI)
* added support for MACsec Key Agreement using IEEE 802.1X/PSK
* added experimental support for EAP-TEAP server (RFC 7170)
* added experimental support for EAP-TLS server with TLS v1.3
* added support for two server certificates/keys (RSA/ECC)
* added AKMSuiteSelector into "STA <addr>" control interface data to
  determine with AKM was used for an association
* added eap_sim_id parameter to allow EAP-SIM/AKA server pseudonym and
  fast reauthentication use to be disabled
* fixed an ECDH operation corner case with OpenSSL

Comment 1 Andriy Utkin (RETIRED) gentoo-dev

2019-08-13 11:07:46 UTC

Thanks for update. Will do ASAP.

Comment 2 Larry the Git Cow gentoo-dev

2019-08-13 13:08:48 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6ff6b0539ddd74b3f7c10a7c226d85754572a9fb

commit 6ff6b0539ddd74b3f7c10a7c226d85754572a9fb
Author:     Andrey Utkin <andrey_utkin@gentoo.org>
AuthorDate: 2019-08-13 12:46:59 +0000
Commit:     Andrey Utkin <andrey_utkin@gentoo.org>
CommitDate: 2019-08-13 13:08:12 +0000

    net-wireless/hostapd: add new version 2.9
    
    Bug: https://bugs.gentoo.org/692060
    Package-Manager: Portage-2.3.66, Repoman-2.3.16
    Signed-off-by: Andrey Utkin <andrey_utkin@gentoo.org>

 net-wireless/hostapd/Manifest           |   1 +
 net-wireless/hostapd/hostapd-2.9.ebuild | 262 ++++++++++++++++++++++++++++++++
 2 files changed, 263 insertions(+)

Comment 3 Andriy Utkin (RETIRED) gentoo-dev

2019-08-13 13:12:08 UTC

So there are security aspects, and stabilization should be rushed.

I guess 1 week of being in testing status would be good, after that I will call for stabilization.

Comment 4 Andriy Utkin (RETIRED) gentoo-dev

2019-08-19 17:37:31 UTC

Created rush stablereq ticket https://bugs.gentoo.org/692540