Overview

File _patchinfo of Package patchinfo.453

<patchinfo incident="453">
  <packager>oertel</packager>
  <issue tracker="bnc" id="915323">VUL-0: CVE-2015-0210: wpa_supplicant: broken certificate subject check</issue>
  <issue tracker="bnc" id="900611">VUL-0: CVE-2014-3686 wpa_supplicant and hostapd: wpa_cli and hostapd_cli remote command execution issue</issue>
  <issue tracker="cve" id="CVE-2014-3686"></issue>
  <issue tracker="cve" id="CVE-2015-0210"></issue>
  <issue tracker="bnc" id="927558">VUL-0: CVE-2015-1863: wpa_supplicant: P2P vulnerability</issue>
  <issue tracker="cve" id="CVE-2015-1863"></issue>
  <category>security</category>
  <rating>moderate</rating>
  <summary>Security update for wpa_supplicant</summary>
  <description>wpa_supplicant was updated to fix three security issues:

- CVE-2015-0210: wpa_supplicant: broken certificate subject check
  this adds the "domain_match" config option from upstream
  (additional to the already existing domain_suffix_match)
- CVE-2014-3686: hostapd command execution
- CVE-2015-1863: P2P SSID processing vulnerability
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places