Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

hostapd-2.11-1.1 RPM for riscv64

From OpenSuSE Ports Tumbleweed for riscv64

Name: hostapd Distribution: openSUSE Tumbleweed
Version: 2.11 Vendor: openSUSE
Release: 1.1 Build date: Thu Aug 8 09:30:47 2024
Group: Hardware/Wifi Build host: reproducible
Size: 2164168 Source RPM: hostapd-2.11-1.1.src.rpm
Packager: https://bugs.opensuse.org
Url: https://w1.fi/
Summary: Daemon for running a WPA capable Access Point
hostapd is a user space daemon for access point and authentication
servers. It implements IEEE 802.11 access point management, IEEE
802.1X/WPA/WPA2/EAP Authenticators, RADIUS client, EAP server, and
RADIUS authentication server. Currently, hostapd supports HostAP,
madwifi, and prism54 drivers. It also supports wired IEEE 802.1X
authentication via any ethernet driver.

Provides

Requires

License

BSD-3-Clause OR GPL-2.0-only

Changelog

* Thu Aug 08 2024 chris@computersalat.de
  - 2024-07-20 - v2.11
    * Wi-Fi Easy Connect
    - add support for DPP release 3
    - allow Configurator parameters to be provided during config
      exchange
    * HE/IEEE 802.11ax/Wi-Fi 6
    - various fixes
    * EHT/IEEE 802.11be/Wi-Fi 7
    - add preliminary support
    * SAE: add support for fetching the password from a RADIUS server
    * support OpenSSL 3.0 API changes
    * support background radar detection and CAC with some additional
      drivers
    * support RADIUS ACL/PSK check during 4-way handshake (wpa_psk_radius=3)
    * EAP-SIM/AKA: support IMSI privacy
    * improve 4-way handshake operations
    - use Secure=1 in message 3 during PTK rekeying
    * OCV: do not check Frequency Segment 1 Channel Number for 160 MHz cases
      to avoid interoperability issues
    * support new SAE AKM suites with variable length keys
    * support new AKM for 802.1X/EAP with SHA384
    * extend PASN support for secure ranging
    * FT: Use SHA256 to derive PMKID for AKM 00-0F-AC:3 (FT-EAP)
    - this is based on additional details being added in the IEEE 802.11
      standard
    - the new implementation is not backwards compatible
    * improved ACS to cover additional channel types/bandwidths
    * extended Multiple BSSID support
    * fix beacon protection with FT protocol (incorrect BIGTK was provided)
    * support unsynchronized service discovery (USD)
    * add preliminary support for RADIUS/TLS
    * add support for explicit SSID protection in 4-way handshake
      (a mitigation for CVE-2023-52424; disabled by default for now, can be
      enabled with ssid_protection=1)
    * fix SAE H2E rejected groups validation to avoid downgrade attacks
    * use stricter validation for some RADIUS messages
    * a large number of other fixes, cleanup, and extensions
* Fri Mar 11 2022 Clemens Famulla-Conrad <cfamullaconrad@suse.com>
  - Adjust config
    * Enable SAE
    * Enable DPP
    * Enable wired driver
    * Enable Airtime policy support
    * Enable Fast Initial Link Setup (FILS) (IEEE 802.11ai)
* Mon Jan 17 2022 Michael Ströder <michael@stroeder.com>
  - Removed obsolete patches:
    * CVE-2019-16275.patch
    * CVE-2020-12695.patch
    * CVE-2021-30004.patch
  - Update to version 2.10
    * SAE changes
    - improved protection against side channel attacks
      [https://w1.fi/security/2022-1/]
    - added option send SAE Confirm immediately (sae_config_immediate=1)
      after SAE Commit
    - added support for the hash-to-element mechanism (sae_pwe=1 or
      sae_pwe=2)
    - fixed PMKSA caching with OKC
    - added support for SAE-PK
    * EAP-pwd changes
    - improved protection against side channel attacks
      [https://w1.fi/security/2022-1/]
    * fixed WPS UPnP SUBSCRIBE handling of invalid operations
      [https://w1.fi/security/2020-1/]
    * fixed PMF disconnection protection bypass
      [https://w1.fi/security/2019-7/]
    * added support for using OpenSSL 3.0
    * fixed various issues in experimental support for EAP-TEAP server
    * added configuration (max_auth_rounds, max_auth_rounds_short) to
      increase the maximum number of EAP message exchanges (mainly to
      support cases with very large certificates) for the EAP server
    * added support for DPP release 2 (Wi-Fi Device Provisioning Protocol)
    * extended HE (IEEE 802.11ax) support, including 6 GHz support
    * removed obsolete IAPP functionality
    * fixed EAP-FAST server with TLS GCM/CCM ciphers
    * dropped support for libnl 1.1
    * added support for nl80211 control port for EAPOL frame TX/RX
    * fixed OWE key derivation with groups 20 and 21; this breaks backwards
      compatibility for these groups while the default group 19 remains
      backwards compatible; owe_ptk_workaround=1 can be used to enabled a
      a workaround for the group 20/21 backwards compatibility
    * added support for Beacon protection
    * added support for Extended Key ID for pairwise keys
    * removed WEP support from the default build (CONFIG_WEP=y can be used
      to enable it, if really needed)
    * added a build option to remove TKIP support (CONFIG_NO_TKIP=y)
    * added support for Transition Disable mechanism to allow the AP to
      automatically disable transition mode to improve security
    * added support for PASN
    * added EAP-TLS server support for TLS 1.3 (disabled by default for now)
    * a large number of other fixes, cleanup, and extensions
* Fri Nov 26 2021 Clemens Famulla-Conrad <cfamullaconrad@suse.com>
  - Fix AppArmor profile -- allow access to /etc/ssl/openssl.cnf
    (bsc#1192959)
* Fri Oct 15 2021 Johannes Segitz <jsegitz@suse.com>
  - Added hardening to systemd service(s) (bsc#1181400). Modified:
    * hostapd.service
* Wed Jul 14 2021 Michael Ströder <michael@stroeder.com>
  - fixed AppArmor profile
* Tue Apr 06 2021 Clemens Famulla-Conrad <cfamullaconrad@suse.com>
  - Add CVE-2021-30004.patch -- forging attacks may occur because
    AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c
    (bsc#1184348)
* Tue Feb 23 2021 Michael Ströder <michael@stroeder.com>
  - added AppArmor profile (source apparmor-usr.sbin.hostapd)
* Tue Sep 29 2020 Clemens Famulla-Conrad <cfamullaconrad@suse.com>
  - Add CVE-2020-12695.patch -- UPnP SUBSCRIBE misbehavior in hostapd WPS AP
    (bsc#1172700)
* Thu Apr 23 2020 Clemens Famulla-Conrad <cfamullaconrad@suse.com>
  - Add CVE-2019-16275.patch -- AP mode PMF disconnection protection bypass
    (bsc#1150934)

Files

/etc/apparmor.d
/etc/apparmor.d/usr.sbin.hostapd
/etc/hostapd.accept
/etc/hostapd.conf
/etc/hostapd.deny
/etc/hostapd.eap_user
/etc/hostapd.radius_clients
/etc/hostapd.sim_db
/etc/hostapd.vlan
/etc/hostapd.wpa_psk
/usr/lib/systemd/system/hostapd.service
/usr/sbin/hostapd
/usr/sbin/hostapd_cli
/usr/sbin/rchostapd
/usr/share/doc/packages/hostapd
/usr/share/doc/packages/hostapd/ChangeLog
/usr/share/doc/packages/hostapd/README
/usr/share/doc/packages/hostapd/hostapd.conf
/usr/share/doc/packages/hostapd/wired.conf
/usr/share/licenses/hostapd
/usr/share/licenses/hostapd/COPYING
/usr/share/man/man8/hostapd.8.gz


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Nov 19 01:14:14 2024