hostapd-2.10-2.12 RPM for armv7hl

From OpenSuSE Ports Tumbleweed for armv7hl

hostapd is a user space daemon for access point and authentication
servers. It implements IEEE 802.11 access point management, IEEE
802.1X/WPA/WPA2/EAP Authenticators, RADIUS client, EAP server, and
RADIUS authentication server. Currently, hostapd supports HostAP,
madwifi, and prism54 drivers. It also supports wired IEEE 802.1X
authentication via any ethernet driver.

Provides

• hostapd
• config(hostapd)
• hostapd(armv7hl-32)

Requires

• /bin/sh
• /bin/sh
• /bin/sh
• /bin/sh
• config(hostapd) = 2.10-2.12
• ld-linux-armhf.so.3
• ld-linux-armhf.so.3(GLIBC_2.4)
• libc.so.6
• libc.so.6(GLIBC_2.15)
• libc.so.6(GLIBC_2.17)
• libc.so.6(GLIBC_2.25)
• libc.so.6(GLIBC_2.28)
• libc.so.6(GLIBC_2.34)
• libc.so.6(GLIBC_2.38)
• libc.so.6(GLIBC_2.4)
• libcrypto.so.3
• libcrypto.so.3(OPENSSL_3.0.0)
• libgcc_s.so.1
• libgcc_s.so.1(GCC_3.5)
• libm.so.6
• libm.so.6(GLIBC_2.29)
• libnl-3.so.200
• libnl-3.so.200(libnl_3)
• libnl-genl-3.so.200
• libnl-genl-3.so.200(libnl_3)
• libnl-route-3.so.200
• libnl-route-3.so.200(libnl_3)
• libsqlite3.so.0
• libssl.so.3
• libssl.so.3(OPENSSL_3.0.0)
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1
• systemd
• systemd
• systemd
• systemd

License

BSD-3-Clause OR GPL-2.0-only

Changelog

* Fri Mar 11 2022 Clemens Famulla-Conrad <cfamullaconrad@suse.com>
  - Adjust config
    * Enable SAE
    * Enable DPP
    * Enable wired driver
    * Enable Airtime policy support
    * Enable Fast Initial Link Setup (FILS) (IEEE 802.11ai)
* Mon Jan 17 2022 Michael Ströder <michael@stroeder.com>
  - Removed obsolete patches:
    * CVE-2019-16275.patch
    * CVE-2020-12695.patch
    * CVE-2021-30004.patch
  - Update to version 2.10
    * SAE changes
    - improved protection against side channel attacks
      [https://w1.fi/security/2022-1/]
    - added option send SAE Confirm immediately (sae_config_immediate=1)
      after SAE Commit
    - added support for the hash-to-element mechanism (sae_pwe=1 or
      sae_pwe=2)
    - fixed PMKSA caching with OKC
    - added support for SAE-PK
    * EAP-pwd changes
    - improved protection against side channel attacks
      [https://w1.fi/security/2022-1/]
    * fixed WPS UPnP SUBSCRIBE handling of invalid operations
      [https://w1.fi/security/2020-1/]
    * fixed PMF disconnection protection bypass
      [https://w1.fi/security/2019-7/]
    * added support for using OpenSSL 3.0
    * fixed various issues in experimental support for EAP-TEAP server
    * added configuration (max_auth_rounds, max_auth_rounds_short) to
      increase the maximum number of EAP message exchanges (mainly to
      support cases with very large certificates) for the EAP server
    * added support for DPP release 2 (Wi-Fi Device Provisioning Protocol)
    * extended HE (IEEE 802.11ax) support, including 6 GHz support
    * removed obsolete IAPP functionality
    * fixed EAP-FAST server with TLS GCM/CCM ciphers
    * dropped support for libnl 1.1
    * added support for nl80211 control port for EAPOL frame TX/RX
    * fixed OWE key derivation with groups 20 and 21; this breaks backwards
      compatibility for these groups while the default group 19 remains
      backwards compatible; owe_ptk_workaround=1 can be used to enabled a
      a workaround for the group 20/21 backwards compatibility
    * added support for Beacon protection
    * added support for Extended Key ID for pairwise keys
    * removed WEP support from the default build (CONFIG_WEP=y can be used
      to enable it, if really needed)
    * added a build option to remove TKIP support (CONFIG_NO_TKIP=y)
    * added support for Transition Disable mechanism to allow the AP to
      automatically disable transition mode to improve security
    * added support for PASN
    * added EAP-TLS server support for TLS 1.3 (disabled by default for now)
    * a large number of other fixes, cleanup, and extensions
* Fri Nov 26 2021 Clemens Famulla-Conrad <cfamullaconrad@suse.com>
  - Fix AppArmor profile -- allow access to /etc/ssl/openssl.cnf
    (bsc#1192959)
* Fri Oct 15 2021 Johannes Segitz <jsegitz@suse.com>
  - Added hardening to systemd service(s) (bsc#1181400). Modified:
    * hostapd.service
* Wed Jul 14 2021 Michael Ströder <michael@stroeder.com>
  - fixed AppArmor profile
* Tue Apr 06 2021 Clemens Famulla-Conrad <cfamullaconrad@suse.com>
  - Add CVE-2021-30004.patch -- forging attacks may occur because
    AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c
    (bsc#1184348)
* Tue Feb 23 2021 Michael Ströder <michael@stroeder.com>
  - added AppArmor profile (source apparmor-usr.sbin.hostapd)
* Tue Sep 29 2020 Clemens Famulla-Conrad <cfamullaconrad@suse.com>
  - Add CVE-2020-12695.patch -- UPnP SUBSCRIBE misbehavior in hostapd WPS AP
    (bsc#1172700)
* Thu Apr 23 2020 Clemens Famulla-Conrad <cfamullaconrad@suse.com>
  - Add CVE-2019-16275.patch -- AP mode PMF disconnection protection bypass
    (bsc#1150934)
* Thu Sep 05 2019 Michael Ströder <michael@stroeder.com>
  - Update to version 2.9
    * SAE changes
    - disable use of groups using Brainpool curves
    - improved protection against side channel attacks
      [https://w1.fi/security/2019-6/]
    * EAP-pwd changes
    - disable use of groups using Brainpool curves
    - improved protection against side channel attacks
      [https://w1.fi/security/2019-6/]
    * fixed FT-EAP initial mobility domain association using PMKSA caching
    * added configuration of airtime policy
    * fixed FILS to and RSNE into (Re)Association Response frames
    * fixed DPP bootstrapping URI parser of channel list
    * added support for regulatory WMM limitation (for ETSI)
    * added support for MACsec Key Agreement using IEEE 802.1X/PSK
    * added experimental support for EAP-TEAP server (RFC 7170)
    * added experimental support for EAP-TLS server with TLS v1.3
    * added support for two server certificates/keys (RSA/ECC)
    * added AKMSuiteSelector into "STA <addr>" control interface data to
      determine with AKM was used for an association
    * added eap_sim_id parameter to allow EAP-SIM/AKA server pseudonym and
      fast reauthentication use to be disabled
    * fixed an ECDH operation corner case with OpenSSL

Files

/etc/apparmor.d
/etc/apparmor.d/usr.sbin.hostapd
/etc/hostapd.accept
/etc/hostapd.conf
/etc/hostapd.deny
/etc/hostapd.eap_user
/etc/hostapd.radius_clients
/etc/hostapd.sim_db
/etc/hostapd.vlan
/etc/hostapd.wpa_psk
/usr/lib/systemd/system/hostapd.service
/usr/sbin/hostapd
/usr/sbin/hostapd_cli
/usr/sbin/rchostapd
/usr/share/doc/packages/hostapd
/usr/share/doc/packages/hostapd/ChangeLog
/usr/share/doc/packages/hostapd/README
/usr/share/doc/packages/hostapd/hostapd.conf
/usr/share/doc/packages/hostapd/wired.conf
/usr/share/licenses/hostapd
/usr/share/licenses/hostapd/COPYING
/usr/share/man/man8/hostapd.8.gz

Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Apr 27 00:22:44 2024