Debian

Available patches from Ubuntu

To see Ubuntu differences wrt. to Debian, write down a grep-dctrl query identifying the packages you're interested in:
grep-dctrl -n -sPackage Sources.Debian
(e.g. -FPackage linux-ntfs or linux-ntfs)

Modified packages are listed below:

Debian ( Changelog | PTS | Bugs ) Ubuntu ( Changelog | txt | LP | Bugs ) | Diff from Ubuntu

Source: wpa

wpa (2:2.9-1ubuntu4) focal; urgency=medium * debian/patches/git_realtek_macrand.patch: - backport an upstream patch to fix issues with some realtek cards when MAC address randomization is enabled (lp: #1867908) -- Sebastien Bacher <seb128@ubuntu.com> Wed, 15 Apr 2020 10:08:07 +0200 wpa (2:2.9-1ubuntu3) focal; urgency=medium * No-change rebuild for libgcc-s1 package name change. -- Matthias Klose <doko@ubuntu.com> Sun, 22 Mar 2020 17:03:22 +0100 wpa (2:2.9-1ubuntu2) eoan; urgency=medium * SECURITY UPDATE: Incorrect indication of disconnection in certain situations - debian/patches/CVE-2019-16275.patch: silently ignore management frame from unexpected source address in src/ap/drv_callbacks.c, src/ap/ieee882_11.c. - CVE-2019-16275 -- Leonidas S. Barbosa <leo.barbosa@canonical.com> Tue, 17 Sep 2019 08:54:07 -0300 wpa (2:2.9-1ubuntu1) eoan; urgency=low * Merge from Debian unstable. Remaining changes: - debian/patches/wpa_service_ignore-on-isolate.patch: add IgnoreOnIsolate=yes so that when switching "runlevels" in oem-config will not kill off wpa and cause wireless to be unavailable on first boot. - debian/patches/session-ticket.patch: disable the TLS Session Ticket extension to fix auth with 802.1x PEAP on some hardware. * Dropped CVE-2019-13377 patches, part of 2.9 release -- Julian Andres Klode <juliank@ubuntu.com> Wed, 21 Aug 2019 14:58:29 +0200

Modifications :
  1. Download patch debian/control

    --- 2:2.9-1/debian/control 2019-08-08 13:59:02.000000000 +0000 +++ 2:2.9-1ubuntu4/debian/control 2019-08-13 23:12:35.000000000 +0000 @@ -1,5 +1,6 @@ Source: wpa -Maintainer: Debian wpasupplicant Maintainers <wpa@packages.debian.org> +Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> +XSBC-Original-Maintainer: Debian wpasupplicant Maintainers <wpa@packages.debian.org> Uploaders: Andrej Shadura <andrewsh@debian.org> Section: net
  2. Download patch debian/patches/git_realtek_macrand.patch

    --- 2:2.9-1/debian/patches/git_realtek_macrand.patch 1970-01-01 00:00:00.000000000 +0000 +++ 2:2.9-1ubuntu4/debian/patches/git_realtek_macrand.patch 2020-04-15 08:08:07.000000000 +0000 @@ -0,0 +1,42 @@ +From 7546c489a95a033c78331915fcdfa0e6fd74d563 Mon Sep 17 00:00:00 2001 +From: Ouden <Ouden.Biz@gmail.com> +Date: Wed, 18 Mar 2020 17:58:37 +0800 +Subject: nl80211: Fix RTM NEW/DELLINK IFLA_IFNAME copy for maximum ifname + length + +If the kernel rtm_newlink or rtm_dellink send the maximum length of +ifname (IFNAMSIZ), the event handlers in +wpa_driver_nl80211_event_rtm_addlink() and +wpa_driver_nl80211_event_rtm_dellink() did not copy the IFLA_IFNAME +value. Because the RTA_PAYLOAD (IFLA_IFNAME) length already includes the +NULL termination, that equals the IFNAMSIZ. + +Fix the condition when IFNAME reach maximum size. + +Signed-off-by: Ouden <Ouden.Biz@gmail.com> +--- + src/drivers/driver_nl80211.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +Index: wpa-2.9/src/drivers/driver_nl80211.c +=================================================================== +--- wpa-2.9.orig/src/drivers/driver_nl80211.c ++++ wpa-2.9/src/drivers/driver_nl80211.c +@@ -1065,7 +1065,7 @@ static void wpa_driver_nl80211_event_rtm + while (RTA_OK(attr, attrlen)) { + switch (attr->rta_type) { + case IFLA_IFNAME: +- if (RTA_PAYLOAD(attr) >= IFNAMSIZ) ++ if (RTA_PAYLOAD(attr) > IFNAMSIZ) + break; + os_memcpy(ifname, RTA_DATA(attr), RTA_PAYLOAD(attr)); + ifname[RTA_PAYLOAD(attr)] = '\0'; +@@ -1240,7 +1240,7 @@ static void wpa_driver_nl80211_event_rtm + while (RTA_OK(attr, attrlen)) { + switch (attr->rta_type) { + case IFLA_IFNAME: +- if (RTA_PAYLOAD(attr) >= IFNAMSIZ) ++ if (RTA_PAYLOAD(attr) > IFNAMSIZ) + break; + os_memcpy(ifname, RTA_DATA(attr), RTA_PAYLOAD(attr)); + ifname[RTA_PAYLOAD(attr)] = '\0';
  3. Download patch debian/patches/series

    --- 2:2.9-1/debian/patches/series 2019-08-08 13:59:02.000000000 +0000 +++ 2:2.9-1ubuntu4/debian/patches/series 2020-04-15 08:08:07.000000000 +0000 @@ -6,3 +6,8 @@ networkd-driver-fallback.patch wpa_supplicant_fix-dependency-odering-when-invoked-with-dbus.patch allow-tlsv1.patch +# Ubuntu patches +session-ticket.patch +wpa_service_ignore-on-isolate.patch +CVE-2019-16275.patch +git_realtek_macrand.patch
  4. Download patch debian/patches/CVE-2019-16275.patch

    --- 2:2.9-1/debian/patches/CVE-2019-16275.patch 1970-01-01 00:00:00.000000000 +0000 +++ 2:2.9-1ubuntu4/debian/patches/CVE-2019-16275.patch 2019-09-17 11:54:07.000000000 +0000 @@ -0,0 +1,73 @@ +From 8c07fa9eda13e835f3f968b2e1c9a8be3a851ff9 Mon Sep 17 00:00:00 2001 +From: Jouni Malinen <j@w1.fi> +Date: Thu, 29 Aug 2019 11:52:04 +0300 +Subject: [PATCH] AP: Silently ignore management frame from unexpected source + address + +Do not process any received Management frames with unexpected/invalid SA +so that we do not add any state for unexpected STA addresses or end up +sending out frames to unexpected destination. This prevents unexpected +sequences where an unprotected frame might end up causing the AP to send +out a response to another device and that other device processing the +unexpected response. + +In particular, this prevents some potential denial of service cases +where the unexpected response frame from the AP might result in a +connected station dropping its association. + +Signed-off-by: Jouni Malinen <j@w1.fi> +--- + src/ap/drv_callbacks.c | 13 +++++++++++++ + src/ap/ieee802_11.c | 12 ++++++++++++ + 2 files changed, 25 insertions(+) + +diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c +index 31587685fe3b..34ca379edc3d 100644 +--- a/src/ap/drv_callbacks.c ++++ b/src/ap/drv_callbacks.c +@@ -131,6 +131,19 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, + "hostapd_notif_assoc: Skip event with no address"); + return -1; + } ++ ++ if (is_multicast_ether_addr(addr) || ++ is_zero_ether_addr(addr) || ++ os_memcmp(addr, hapd->own_addr, ETH_ALEN) == 0) { ++ /* Do not process any frames with unexpected/invalid SA so that ++ * we do not add any state for unexpected STA addresses or end ++ * up sending out frames to unexpected destination. */ ++ wpa_printf(MSG_DEBUG, "%s: Invalid SA=" MACSTR ++ " in received indication - ignore this indication silently", ++ __func__, MAC2STR(addr)); ++ return 0; ++ } ++ + random_add_randomness(addr, ETH_ALEN); + + hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211, +diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c +index c85a28db44b7..e7065372e158 100644 +--- a/src/ap/ieee802_11.c ++++ b/src/ap/ieee802_11.c +@@ -4626,6 +4626,18 @@ int ieee802_11_mgmt(struct hostapd_data *hapd, const u8 *buf, size_t len, + fc = le_to_host16(mgmt->frame_control); + stype = WLAN_FC_GET_STYPE(fc); + ++ if (is_multicast_ether_addr(mgmt->sa) || ++ is_zero_ether_addr(mgmt->sa) || ++ os_memcmp(mgmt->sa, hapd->own_addr, ETH_ALEN) == 0) { ++ /* Do not process any frames with unexpected/invalid SA so that ++ * we do not add any state for unexpected STA addresses or end ++ * up sending out frames to unexpected destination. */ ++ wpa_printf(MSG_DEBUG, "MGMT: Invalid SA=" MACSTR ++ " in received frame - ignore this frame silently", ++ MAC2STR(mgmt->sa)); ++ return 0; ++ } ++ + if (stype == WLAN_FC_STYPE_BEACON) { + handle_beacon(hapd, mgmt, len, fi); + return 1; +-- +2.20.1 +
  5. Download patch debian/patches/wpa_service_ignore-on-isolate.patch

    --- 2:2.9-1/debian/patches/wpa_service_ignore-on-isolate.patch 1970-01-01 00:00:00.000000000 +0000 +++ 2:2.9-1ubuntu4/debian/patches/wpa_service_ignore-on-isolate.patch 2019-05-08 09:51:27.000000000 +0000 @@ -0,0 +1,16 @@ +Updated: 2017-11-10 + +--- + wpa_supplicant/systemd/wpa_supplicant.service.in | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/wpa_supplicant/systemd/wpa_supplicant.service.in ++++ b/wpa_supplicant/systemd/wpa_supplicant.service.in +@@ -3,6 +3,7 @@ Description=WPA supplicant + Before=network.target + After=dbus.service + Wants=network.target ++IgnoreOnIsolate=true + + [Service] + Type=dbus
  6. Download patch debian/patches/session-ticket.patch

    --- 2:2.9-1/debian/patches/session-ticket.patch 1970-01-01 00:00:00.000000000 +0000 +++ 2:2.9-1ubuntu4/debian/patches/session-ticket.patch 2019-08-21 12:55:33.000000000 +0000 @@ -0,0 +1,19 @@ +From: Jeremy Nickurak <jeremy@nickurak.ca> +Subject: Disable the session ticket TLS extension. +Bug-ubuntu: https://bugs.launchpad.net/ubuntu/+source/wpasupplicant/+bug/969343 +Bug: http://w1.fi/bugz/show_bug.cgi?id=447 + +--- + src/crypto/tls_openssl.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/src/crypto/tls_openssl.c ++++ b/src/crypto/tls_openssl.c +@@ -1584,6 +1584,7 @@ struct tls_connection * tls_connection_i + #ifdef SSL_OP_NO_COMPRESSION + options |= SSL_OP_NO_COMPRESSION; + #endif /* SSL_OP_NO_COMPRESSION */ ++ options |= SSL_OP_NO_TICKET; + SSL_set_options(conn->ssl, options); + #ifdef SSL_OP_ENABLE_MIDDLEBOX_COMPAT + /* Hopefully there is no need for middlebox compatibility mechanisms
  1. wpa