[arch-commits] Commit in hostapd/trunk (PKGBUILD)

David Runge dvzrv at archlinux.org
Sun Dec 6 17:26:40 UTC 2020


    Date: Sunday, December 6, 2020 @ 17:26:40
  Author: dvzrv
Revision: 771054

upgpkg: hostapd 2.9-4: Rebuild to fix CVE-2020-12695.

Apply upstream suggested patches to fix CVE-2020-12695.
See https://bugs.archlinux.org/task/68861 for further info.

Modified:
  hostapd/trunk/PKGBUILD

----------+
 PKGBUILD |   26 ++++++++++++++++++++++----
 1 file changed, 22 insertions(+), 4 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2020-12-06 17:02:37 UTC (rev 771053)
+++ PKGBUILD	2020-12-06 17:26:40 UTC (rev 771054)
@@ -3,7 +3,7 @@
 
 pkgname=hostapd
 pkgver=2.9
-pkgrel=3
+pkgrel=4
 pkgdesc="IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator"
 arch=('x86_64')
 url="https://w1.fi/hostapd/"
@@ -11,16 +11,34 @@
 depends=('glibc' 'libnl' 'openssl' 'sqlite')
 backup=("etc/${pkgname}/${pkgname}."{accept,conf,deny,eap_user,radius_clients,vlan,wpa_psk})
 source=("https://w1.fi/releases/$pkgname-$pkgver.tar.gz"{,.asc}
+        "https://w1.fi/security/2020-1/0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch"
+        "https://w1.fi/security/2020-1/0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch"
+        "https://w1.fi/security/2020-1/0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch"
         config
         hostapd.service)
-sha256sums=('881d7d6a90b2428479288d64233151448f8990ab4958e0ecaca7eeb3c9db2bd7'
+sha512sums=('66c729380152db18b64520bda55dfa00af3b0264f97b5de100b81a46e2593571626c4bdcf900f0988ea2131e30bc8788f75d8489dd1f57e37fd56e8098e48a9c'
             'SKIP'
-            '87445203a518864e704b85fa970d90940e9a5d9b401ceb802d11caab6c07a495'
-            '989bc6855f44c0b360e3d4cd4a146c35b7c12f8a0ced627b4b033f58edcade8e')
+            'b76bbca282a74ef16c0303e5dbd2ccd33a62461595964d52c1481b0bfa4f41deacde56830b85409b288803b87ceb6f33cf0ccc69c5b17ec632c2d4784b872f3c'
+            '00cc739e78c42353a555c0de2f29defecff372927040e14407a231d1ead7ff32a37c9fd46bea7cdf1c24e3ac891bc3d483800d44fc6d2c8a12d2ae886523b12c'
+            '69243af20cdcfa837c51917a3723779f4825e11436fb83311355b4ffe8f7a4b7a5747a976f7bf923038c410c9e9055b13b866d9a396913ad08bdec3a70e9f6e0'
+            '6e4da7ab208174ad22700d2ccdfcff39bc6fa65750246905790582aaf414a888ea1577d58f759bb12044190d2a4b144d60d23419e9d16561eaa5403a091504ee'
+            '34e16c5d46383477bcb9e0dba5073b7f01354a6adca8e591050aeff6319255f8939926b70d76d109735496bbaf9ff2d04be9cf6e0d057c4d2f4a4140067957a3')
+b2sums=('07308376dd1576313513fba815b220e4ab2f30ed1a402e24b5c8e62ded79c6d718ff47aad1a2222c9e46ffb7334580b556f19a8aef013eab34a8d61d708d2f01'
+        'SKIP'
+        '2a5e3650e9872aaed73085131f3a6f80a12bf7d353b4df927346a9f2c13e828b9c4196386ded935f0ff960eee380be49325a98541bbc23a99cfe3f00e91581fe'
+        '0c454ca976d2ee538a874f1a4f583434bdf3abe6c5d20517f3350d9852c0f50849ae1ad4611acecf5a754339678e4952b8c9ae1abb783e06cffa615b36464d06'
+        '736e51142cf4402cc8aa6858022fda23ea5f37ba256bc922349365ff4824322db31ea04add04d1b55d0d41f4cb0272de8dcf44ae4671309e808cc4f4a57fe6ac'
+        '67068de741382f1fe812723ea47caa03e7d484ee89eafe115bfb876fe000260aa23ff4215484a44976ac9ddb3fc96b51742e222477a808788f122c3213234d11'
+        'dbb4d1ad4359931bd70d6ad428b509e0c40dab3a55ba7b87cf1c00a458d737c2a4ed6f06dd23286d9e4a38a481e4af9ab4ffa8e6fb27d852aa4eb7d16d046bf8')
 validpgpkeys=('EC4AA0A991A5F2464582D52D2B6EF432EFC895FA') # Jouni Malinen
 
 prepare() {
   cd "$pkgname-$pkgver"
+  for _patch_file in ../*.patch; do
+    echo "Apply patch: ${_patch_file}"
+    patch -Np1 -i "${_patch_file}"
+  done
+
   # fix include locations in main configuration file
   sed -e 's|/etc/hostapd|/etc/hostapd/hostapd|g' \
       -e 's|/var/run|/run|g' \



More information about the arch-commits mailing list