CVE-2021-30004: In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a67f782dde9b277d96bdc762475a4ff551268061 commit a67f782dde9b277d96bdc762475a4ff551268061 Author: Sam James <sam@gentoo.org> AuthorDate: 2021-06-08 05:39:50 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-06-08 05:41:14 +0000 net-wireless/wpa_supplicant: add security patches Patches for: * Upstream advisories 2020-2, 2021-1 * CVE-2021-30004 Bug: https://bugs.gentoo.org/768759 Bug: https://bugs.gentoo.org/780138 Signed-off-by: Sam James <sam@gentoo.org> net-wireless/wpa_supplicant/Manifest | 1 + .../wpa_supplicant/wpa_supplicant-2.9-r3.ebuild | 475 +++++++++++++++++++++ 2 files changed, 476 insertions(+)
Package list is empty or all packages have requested keywords.