Jump to content
Compatible Support Forums
Sign in to follow this  
news

[Tech ARP] The Internet Censorship Bypass Guide

Recommended Posts

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA512

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3233-1 security ( -at -) debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

April 24, 2015 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : wpa

CVE ID : CVE-2015-1863

Debian Bug : 783148

 

The Google security team and the smart hardware research group of

Alibaba security team discovered a flaw in how wpa_supplicant used SSID

information when creating or up[censored] P2P peer entries. A remote

attacker can use this flaw to cause wpa_supplicant to crash, expose

memory contents, and potentially execute arbitrary code.

 

For the stable distribution (wheezy), this problem has been fixed in

version 1.0-3+deb7u2. Note that this issue does not affect the binary

packages distributed in Debian as the CONFIG_P2P is not enabled for

the build.

 

For the upcoming stable distribution (jessie), this problem has been

fixed in version 2.3-1+deb8u1.

 

For the unstable distribution (sid), this problem has been fixed in

version 2.3-2.

 

We recommend that you upgrade your wpa packages.

 

Further information about Debian Security Advisories, how to apply

these updates to your system and frequently asked questions can be

found at: https://www.debian.org/security/

 

 

 

Share this post


Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  

×