Add WPS patch for CVE-2016-4476

This commit is contained in:
John W. Linville 2016-06-06 15:00:44 -04:00
parent 37862248c1
commit 91b438a2fc

View File

@ -2,7 +2,7 @@
Name: hostapd
Version: 2.5
Release: 3%{?dist}
Release: 4%{?dist}
Summary: IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
License: BSD
URL: http://w1.fi/hostapd
@ -13,6 +13,9 @@ Source2: %{name}.conf
Source3: %{name}.sysconfig
Source4: %{name}.init
# CVE-2016-4476 (not actually necessary, since WPS not enabled)
Patch0: WPS-Reject-a-Credential-with-invalid-passphrase.patch
BuildRequires: libnl3-devel
BuildRequires: openssl-devel
@ -50,6 +53,9 @@ Logwatch scripts for hostapd.
%prep
%setup -q
# CVE-2016-4476
%patch0 -p1
%build
cd hostapd
cat defconfig | sed \
@ -168,6 +174,9 @@ fi
%{_sysconfdir}/logwatch/scripts/services/%{name}
%changelog
* Mon Jun 06 2016 John W. Linville <linville@redhat.com> - 2.5-4
- Add WPS patch for CVE-2016-4476
* Tue Apr 19 2016 Sascha Spreitzer <sspreitz@redhat.com> - 2.5-3
- Enable ACS feature (automatic channel switching)