openSUSE Build Service

buildservice-autocommit accepted request 1202189 from

Clemens Famulla-Conrad (cfconrad) about 2 months ago (revision 150)

baserev update by copy to link target

Clemens Famulla-Conrad (cfconrad) committed about 2 months ago (revision 149)

Improve changelog entry

Clemens Famulla-Conrad (cfconrad) accepted request 1202161 from

Clemens Famulla-Conrad (cfconrad) about 2 months ago (revision 148)

- Revert "Mark authorization completed on driver indication
  during 4-way HS offload" because of connection using WPA2-PSK 
  or WPA-SAE problems with brcmfmac wifi hardware. (bsc#1230797) 
  [+ Revert-Mark-authorization-completed-on-driver-indica.patch]

buildservice-autocommit accepted request 1200682 from

Clemens Famulla-Conrad (cfconrad) 2 months ago (revision 147)

baserev update by copy to link target

Clemens Famulla-Conrad (cfconrad) committed 2 months ago (revision 146)

typo in wpa_supplicant.changes

Clemens Famulla-Conrad (cfconrad) accepted request 1200656 from

Clemens Famulla-Conrad (cfconrad) 2 months ago (revision 145)

- update to v2.11:
  * Wi-Fi Easy Connect
    - add support for DPP release 3
    - allow Configurator parameters to be provided during config exchange
  * HE/IEEE 802.11ax/Wi-Fi 6
    - various fixes
  * EHT/IEEE 802.11be/Wi-Fi 7
    - add preliminary support
  * SAE: add support for fetching the password from a RADIUS server
  * support OpenSSL 3.0 API changes
  * support background radar detection and CAC with some additional
    drivers
  * support RADIUS ACL/PSK check during 4-way handshake (wpa_psk_radius=3)
  * EAP-SIM/AKA: support IMSI privacy
  * improve 4-way handshake operations
    - use Secure=1 in message 3 during PTK rekeying
  * OCV: do not check Frequency Segment 1 Channel Number for 160 MHz cases
    to avoid interoperability issues
  * support new SAE AKM suites with variable length keys
  * support new AKM for 802.1X/EAP with SHA384
  * extend PASN support for secure ranging
  * FT: Use SHA256 to derive PMKID for AKM 00-0F-AC:3 (FT-EAP)
    - this is based on additional details being added in the IEEE 802.11
      standard
    - the new implementation is not backwards compatible
  * improved ACS to cover additional channel types/bandwidths
  * extended Multiple BSSID support
  * fix beacon protection with FT protocol (incorrect BIGTK was provided)
  * support unsynchronized service discovery (USD)
  * add preliminary support for RADIUS/TLS
  * add support for explicit SSID protection in 4-way handshake
    (a mitigation for CVE-2023-52424; disabled by default for now, can be
    enabled with ssid_protection=1)
  * fix SAE H2E rejected groups validation to avoid downgrade attacks
  * use stricter validation for some RADIUS messages
  * a large number of other fixes, cleanup, and extensions
- refresh patches:
    wpa_supplicant-dump-certificate-as-PEM-in-debug-mode.diff
    wpa_supplicant-sigusr1-changes-debuglevel.patch
- drop patches:
    CVE-2023-52160.patche 
    dbus-Fix-property-DebugShowKeys-and-DebugTimestamp.patch

buildservice-autocommit accepted request 1147035 from

Clemens Famulla-Conrad (cfconrad) 9 months ago (revision 144)

baserev update by copy to link target

Clemens Famulla-Conrad (cfconrad) accepted request 1147033 from

Clemens Famulla-Conrad (cfconrad) 9 months ago (revision 143)

- Add CVE-2023-52160.patch - Bypassing WiFi Authentication (bsc#1219975)

buildservice-autocommit accepted request 1087515 from

Clemens Famulla-Conrad (cfconrad) over 1 year ago (revision 142)

baserev update by copy to link target

Clemens Famulla-Conrad (cfconrad) accepted request 1087472 from

Callum Farmer (gmbr3) over 1 year ago (revision 141)

- Change ctrl_interface from /var/run to %_rundir (/run)

buildservice-autocommit accepted request 1001384 from

Clemens Famulla-Conrad (cfconrad) about 2 years ago (revision 140)

baserev update by copy to link target

Clemens Famulla-Conrad (cfconrad) accepted request 1000701 from

Stefan Schubert (schubi2) about 2 years ago (revision 139)

Migration to /usr/etc: Saving user changed configuration files in /etc and restoring them while an RPM update.

buildservice-autocommit accepted request 986870 from

Clemens Famulla-Conrad (cfconrad) over 2 years ago (revision 138)

baserev update by copy to link target

Clemens Famulla-Conrad (cfconrad) accepted request 986868 from

Clemens Famulla-Conrad (cfconrad) over 2 years ago (revision 137)

- Add dbus-Fix-property-DebugShowKeys-and-DebugTimestamp.patch
  (bsc#1201219)

Clemens Famulla-Conrad (cfconrad) committed over 2 years ago (revision 136)

Clemens Famulla-Conrad (cfconrad) accepted request 984114 from

Callum Farmer (gmbr3) over 2 years ago (revision 135)

no %config for /usr (amend last)

Clemens Famulla-Conrad (cfconrad) accepted request 984149 from

Clemens Famulla-Conrad (cfconrad) over 2 years ago (revision 134)

- Remove Revert-DBus-Add-sae-to-interface-key_mgmt-capabilities.patch
  Fixed in NetworkManager (glfo#NetworkManager/NetworkManager#a0988868). 
  Wifi cards, wich do not support PMF/BIP ciphers, should not use 
  SAE as key management. (bsc#1195312)

Clemens Famulla-Conrad (cfconrad) accepted request 984102 from

Stefan Schubert (schubi2) over 2 years ago (revision 133)

- Moved logrotate files from user specif directory /etc/logrotate.d
  to vendor specif directory /usr/etc/logrotate.d.

Clemens Famulla-Conrad (cfconrad) accepted request 981333 from

Callum Farmer (gmbr3) over 2 years ago (revision 132)

- Move the dbus-1 system.d file to /usr (bsc#1200342)

Clemens Famulla-Conrad (cfconrad) accepted request 952644 from

Dirk Mueller (dirkmueller) almost 3 years ago (revision 131)

- Apply Revert-DBus-Add-sae-to-interface-key_mgmt-capabilities.patch
  to fix connect with AVM FB, if WPA3 transition mode is activated,
  e.g. Wifi -> Security: is WPA2 + WPA3, alt. switch to WPA2 (CCMP)
  (bsc#1195312)

- drop restore-old-dbus-interface.patch, wicked has been
  switching to the new dbus interface in version 0.6.66.
- drop wpa_supplicant-getrandom.patch : glibc has been updated
  so the getrandom() wrapper is now there
- config:
  * enable QCA vendor extensions to nl80211
  * enable EAP-EKE
  * Support HT overrides
  * WPA3-Enterprise 
  * TLS v1.1 and TLS v1.2
  * Fast Session Transfer (FST)
  * Automatic Channel Selection
  * Multi Band Operation
  * Fast Initial Link Setup
  * Mesh Networking (IEEE 802.11s)

- config: 
  * Reenable Fast BSS Transition (likely fixing bsc#1195312)
  * Enable OCV, security feature that prevents MITM
    multi-channel attacks
  * Enable OWE for better hotspot support

Places

Revisions of wpa_supplicant

Places