[Buildroot] [PATCH] package/hostapd: add upstream patch to fix CVE-2021-27803

All of lore.kernel.org
 help / color / mirror / Atom feed

* [Buildroot] [PATCH] package/hostapd: add upstream patch to fix CVE-2021-27803
@ 2021-06-01 18:09 Sam Voss
  2021-06-01 19:43 ` Arnout Vandecappelle
  2021-06-01 20:00 ` Yann E. MORIN
  0 siblings, 2 replies; 6+ messages in thread
From: Sam Voss @ 2021-06-01 18:09 UTC (permalink / raw)
  To: buildroot

Fixes the following:

- CVE-2021-27803: A vulnerability was discovered in how p2p/p2p_pd.c in
wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision
discovery requests. It could result in denial of service or other impact
(potentially execution of arbitrary code), for an attacker within radio
range.

Signed-off-by: Sam Voss <sam.voss@collins.com>
---
 package/hostapd/hostapd.hash | 1 +
 package/hostapd/hostapd.mk   | 6 +++++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/package/hostapd/hostapd.hash b/package/hostapd/hostapd.hash
index e2f76c12d9..9ac5f4b392 100644
--- a/package/hostapd/hostapd.hash
+++ b/package/hostapd/hostapd.hash
@@ -3,4 +3,5 @@ sha256  881d7d6a90b2428479288d64233151448f8990ab4958e0ecaca7eeb3c9db2bd7  hostap
 sha256  2d9a5b9d616f1b4aa4a22b967cee866e2f69b798b0b46803a7928c8559842bd7  0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch
 sha256  49feb35a5276279b465f6836d6fa2c6b34d94dc979e8b840d1918865c04260de  0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch
 sha256  a8212a2d89a5bab2824d22b6047e7740553df163114fcec94832bfa9c5c5d78a  0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch
+sha256  7f40cfec5faf5e927ea9028ab9392cd118685bde7229ad24210caf0a8f6e9611  0001-P2P-Fix-a-corner-case-in-peer-addition-based-on-PD-R.patch
 sha256  9da5dd0776da266b180b915e460ff75c6ff729aca1196ab396529510f24f3761  README
diff --git a/package/hostapd/hostapd.mk b/package/hostapd/hostapd.mk
index 8eff92eb1e..8820254f89 100644
--- a/package/hostapd/hostapd.mk
+++ b/package/hostapd/hostapd.mk
@@ -11,7 +11,8 @@ HOSTAPD_CONFIG = $(HOSTAPD_DIR)/$(HOSTAPD_SUBDIR)/.config
 HOSTAPD_PATCH = \
 	https://w1.fi/security/2020-1/0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch \
 	https://w1.fi/security/2020-1/0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch \
-	https://w1.fi/security/2020-1/0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch
+	https://w1.fi/security/2020-1/0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch \
+	https://w1.fi/security/2021-1/0001-P2P-Fix-a-corner-case-in-peer-addition-based-on-PD-R.patch
 HOSTAPD_DEPENDENCIES = host-pkgconf
 HOSTAPD_CFLAGS = $(TARGET_CFLAGS)
 HOSTAPD_LICENSE = BSD-3-Clause
@@ -26,6 +27,9 @@ HOSTAPD_IGNORE_CVES += CVE-2020-12695
 # 0002-ASN.1-Validate-DigestAlgorithmIdentifier-parameters.patch
 HOSTAPD_IGNORE_CVES += CVE-2021-30004
 
+# 0001-P2P-Fix-a-corner-case-in-peer-addition-based-on-PD-R.patch
+HOSTAPD_IGNORE_CVES += CVE-2021-27803
+
 HOSTAPD_CPE_ID_VENDOR = w1.fi
 HOSTAPD_CONFIG_SET =
 
-- 
2.17.1

^ permalink raw reply related	[flat|nested] 6+ messages in thread

* [Buildroot] [PATCH] package/hostapd: add upstream patch to fix CVE-2021-27803
  2021-06-01 18:09 [Buildroot] [PATCH] package/hostapd: add upstream patch to fix CVE-2021-27803 Sam Voss
@ 2021-06-01 19:43 ` Arnout Vandecappelle
  2021-06-01 20:00 ` Yann E. MORIN
  1 sibling, 0 replies; 6+ messages in thread
From: Arnout Vandecappelle @ 2021-06-01 19:43 UTC (permalink / raw)
  To: buildroot



On 01/06/2021 20:09, Sam Voss via buildroot wrote:
> Fixes the following:
> 
> - CVE-2021-27803: A vulnerability was discovered in how p2p/p2p_pd.c in
> wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision
> discovery requests. It could result in denial of service or other impact
> (potentially execution of arbitrary code), for an attacker within radio
> range.
> 
> Signed-off-by: Sam Voss <sam.voss@collins.com>

 Applied to master, thanks.

 Regards,
 Arnout

> ---
>  package/hostapd/hostapd.hash | 1 +
>  package/hostapd/hostapd.mk   | 6 +++++-
>  2 files changed, 6 insertions(+), 1 deletion(-)
> 
> diff --git a/package/hostapd/hostapd.hash b/package/hostapd/hostapd.hash
> index e2f76c12d9..9ac5f4b392 100644
> --- a/package/hostapd/hostapd.hash
> +++ b/package/hostapd/hostapd.hash
> @@ -3,4 +3,5 @@ sha256  881d7d6a90b2428479288d64233151448f8990ab4958e0ecaca7eeb3c9db2bd7  hostap
>  sha256  2d9a5b9d616f1b4aa4a22b967cee866e2f69b798b0b46803a7928c8559842bd7  0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch
>  sha256  49feb35a5276279b465f6836d6fa2c6b34d94dc979e8b840d1918865c04260de  0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch
>  sha256  a8212a2d89a5bab2824d22b6047e7740553df163114fcec94832bfa9c5c5d78a  0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch
> +sha256  7f40cfec5faf5e927ea9028ab9392cd118685bde7229ad24210caf0a8f6e9611  0001-P2P-Fix-a-corner-case-in-peer-addition-based-on-PD-R.patch
>  sha256  9da5dd0776da266b180b915e460ff75c6ff729aca1196ab396529510f24f3761  README
> diff --git a/package/hostapd/hostapd.mk b/package/hostapd/hostapd.mk
> index 8eff92eb1e..8820254f89 100644
> --- a/package/hostapd/hostapd.mk
> +++ b/package/hostapd/hostapd.mk
> @@ -11,7 +11,8 @@ HOSTAPD_CONFIG = $(HOSTAPD_DIR)/$(HOSTAPD_SUBDIR)/.config
>  HOSTAPD_PATCH = \
>  	https://w1.fi/security/2020-1/0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch \
>  	https://w1.fi/security/2020-1/0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch \
> -	https://w1.fi/security/2020-1/0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch
> +	https://w1.fi/security/2020-1/0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch \
> +	https://w1.fi/security/2021-1/0001-P2P-Fix-a-corner-case-in-peer-addition-based-on-PD-R.patch
>  HOSTAPD_DEPENDENCIES = host-pkgconf
>  HOSTAPD_CFLAGS = $(TARGET_CFLAGS)
>  HOSTAPD_LICENSE = BSD-3-Clause
> @@ -26,6 +27,9 @@ HOSTAPD_IGNORE_CVES += CVE-2020-12695
>  # 0002-ASN.1-Validate-DigestAlgorithmIdentifier-parameters.patch
>  HOSTAPD_IGNORE_CVES += CVE-2021-30004
>  
> +# 0001-P2P-Fix-a-corner-case-in-peer-addition-based-on-PD-R.patch
> +HOSTAPD_IGNORE_CVES += CVE-2021-27803
> +
>  HOSTAPD_CPE_ID_VENDOR = w1.fi
>  HOSTAPD_CONFIG_SET =
>  
> 

^ permalink raw reply	[flat|nested] 6+ messages in thread

* [Buildroot] [PATCH] package/hostapd: add upstream patch to fix CVE-2021-27803
  2021-06-01 18:09 [Buildroot] [PATCH] package/hostapd: add upstream patch to fix CVE-2021-27803 Sam Voss
  2021-06-01 19:43 ` Arnout Vandecappelle
@ 2021-06-01 20:00 ` Yann E. MORIN
  2021-06-01 21:06   ` Arnout Vandecappelle
  1 sibling, 1 reply; 6+ messages in thread
From: Yann E. MORIN @ 2021-06-01 20:00 UTC (permalink / raw)
  To: buildroot

Sam, All,

On 2021-06-01 13:09 -0500, Sam Voss via buildroot spake thusly:
> Fixes the following:
> 
> - CVE-2021-27803: A vulnerability was discovered in how p2p/p2p_pd.c in
> wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision
> discovery requests. It could result in denial of service or other impact
> (potentially execution of arbitrary code), for an attacker within radio
> range.

Usually, when there is a patch to hostpad to fix a CVE, we probably need
the same patch against wpa_supplicant, since they both shared the same
source tree...

See for example:

    0c65499c3f package/wpa_supplicant: fix build with CVE-2021-30004 changes
    75496165dc package/hostapd: fix build with CVE-2021-30004 changes
    a8fbe67b9b package/wpa_supplicant: add upstream patch to fix CVE-2021-30004
    d65586f45a package/hostapd: add upstream patch to fix CVE-2021-30004
    2f6a6b8e50 package/wpa_supplicant: ignore CVE-2021-30004 when using openssl
    3d3348fd03 package/hostapd: ignore CVE-2021-30004 when using openssl
    650d907c13 package/wpa_supplicant: fix CVE-2019-16275
    749fbab0bb package/hostapd: fix CVE-2019-16275

Could you look at providing a patch to wpa_supplicant for
CVE-2021-27803, please?

Regards,
Yann E. MORIN.

> Signed-off-by: Sam Voss <sam.voss@collins.com>
> ---
>  package/hostapd/hostapd.hash | 1 +
>  package/hostapd/hostapd.mk   | 6 +++++-
>  2 files changed, 6 insertions(+), 1 deletion(-)
> 
> diff --git a/package/hostapd/hostapd.hash b/package/hostapd/hostapd.hash
> index e2f76c12d9..9ac5f4b392 100644
> --- a/package/hostapd/hostapd.hash
> +++ b/package/hostapd/hostapd.hash
> @@ -3,4 +3,5 @@ sha256  881d7d6a90b2428479288d64233151448f8990ab4958e0ecaca7eeb3c9db2bd7  hostap
>  sha256  2d9a5b9d616f1b4aa4a22b967cee866e2f69b798b0b46803a7928c8559842bd7  0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch
>  sha256  49feb35a5276279b465f6836d6fa2c6b34d94dc979e8b840d1918865c04260de  0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch
>  sha256  a8212a2d89a5bab2824d22b6047e7740553df163114fcec94832bfa9c5c5d78a  0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch
> +sha256  7f40cfec5faf5e927ea9028ab9392cd118685bde7229ad24210caf0a8f6e9611  0001-P2P-Fix-a-corner-case-in-peer-addition-based-on-PD-R.patch
>  sha256  9da5dd0776da266b180b915e460ff75c6ff729aca1196ab396529510f24f3761  README
> diff --git a/package/hostapd/hostapd.mk b/package/hostapd/hostapd.mk
> index 8eff92eb1e..8820254f89 100644
> --- a/package/hostapd/hostapd.mk
> +++ b/package/hostapd/hostapd.mk
> @@ -11,7 +11,8 @@ HOSTAPD_CONFIG = $(HOSTAPD_DIR)/$(HOSTAPD_SUBDIR)/.config
>  HOSTAPD_PATCH = \
>  	https://w1.fi/security/2020-1/0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch \
>  	https://w1.fi/security/2020-1/0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch \
> -	https://w1.fi/security/2020-1/0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch
> +	https://w1.fi/security/2020-1/0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch \
> +	https://w1.fi/security/2021-1/0001-P2P-Fix-a-corner-case-in-peer-addition-based-on-PD-R.patch
>  HOSTAPD_DEPENDENCIES = host-pkgconf
>  HOSTAPD_CFLAGS = $(TARGET_CFLAGS)
>  HOSTAPD_LICENSE = BSD-3-Clause
> @@ -26,6 +27,9 @@ HOSTAPD_IGNORE_CVES += CVE-2020-12695
>  # 0002-ASN.1-Validate-DigestAlgorithmIdentifier-parameters.patch
>  HOSTAPD_IGNORE_CVES += CVE-2021-30004
>  
> +# 0001-P2P-Fix-a-corner-case-in-peer-addition-based-on-PD-R.patch
> +HOSTAPD_IGNORE_CVES += CVE-2021-27803
> +
>  HOSTAPD_CPE_ID_VENDOR = w1.fi
>  HOSTAPD_CONFIG_SET =
>  
> -- 
> 2.17.1
> 
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 561 099 427 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'

^ permalink raw reply	[flat|nested] 6+ messages in thread

* [Buildroot] [PATCH] package/hostapd: add upstream patch to fix CVE-2021-27803
  2021-06-01 20:00 ` Yann E. MORIN
@ 2021-06-01 21:06   ` Arnout Vandecappelle
  2021-06-06  7:09     ` Peter Korsgaard
  0 siblings, 1 reply; 6+ messages in thread
From: Arnout Vandecappelle @ 2021-06-01 21:06 UTC (permalink / raw)
  To: buildroot



On 01/06/2021 22:00, Yann E. MORIN wrote:
> Sam, All,
> 
> On 2021-06-01 13:09 -0500, Sam Voss via buildroot spake thusly:
>> Fixes the following:
>>
>> - CVE-2021-27803: A vulnerability was discovered in how p2p/p2p_pd.c in
>> wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision
>> discovery requests. It could result in denial of service or other impact
>> (potentially execution of arbitrary code), for an attacker within radio
>> range.
> 
> Usually, when there is a patch to hostpad to fix a CVE, we probably need
> the same patch against wpa_supplicant, since they both shared the same
> source tree...
> 
> See for example:
> 
>     0c65499c3f package/wpa_supplicant: fix build with CVE-2021-30004 changes
>     75496165dc package/hostapd: fix build with CVE-2021-30004 changes
>     a8fbe67b9b package/wpa_supplicant: add upstream patch to fix CVE-2021-30004
>     d65586f45a package/hostapd: add upstream patch to fix CVE-2021-30004
>     2f6a6b8e50 package/wpa_supplicant: ignore CVE-2021-30004 when using openssl
>     3d3348fd03 package/hostapd: ignore CVE-2021-30004 when using openssl
>     650d907c13 package/wpa_supplicant: fix CVE-2019-16275
>     749fbab0bb package/hostapd: fix CVE-2019-16275
> 
> Could you look at providing a patch to wpa_supplicant for
> CVE-2021-27803, please?

 Peter already applied it in 9ada4eb2f1c3d67ee49f6f5466738bcd821fc647, at the
time there was no CVE yet. Fabrice later added the exception for CVE-2021-27803
in 1a7cf592a834357c5777e452f0b7ab7652e7d389.

 So Sam, nothing to do :-)

 Regards,
 Arnout

> 
> Regards,
> Yann E. MORIN.
> 
>> Signed-off-by: Sam Voss <sam.voss@collins.com>
>> ---
>>  package/hostapd/hostapd.hash | 1 +
>>  package/hostapd/hostapd.mk   | 6 +++++-
>>  2 files changed, 6 insertions(+), 1 deletion(-)
>>
>> diff --git a/package/hostapd/hostapd.hash b/package/hostapd/hostapd.hash
>> index e2f76c12d9..9ac5f4b392 100644
>> --- a/package/hostapd/hostapd.hash
>> +++ b/package/hostapd/hostapd.hash
>> @@ -3,4 +3,5 @@ sha256  881d7d6a90b2428479288d64233151448f8990ab4958e0ecaca7eeb3c9db2bd7  hostap
>>  sha256  2d9a5b9d616f1b4aa4a22b967cee866e2f69b798b0b46803a7928c8559842bd7  0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch
>>  sha256  49feb35a5276279b465f6836d6fa2c6b34d94dc979e8b840d1918865c04260de  0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch
>>  sha256  a8212a2d89a5bab2824d22b6047e7740553df163114fcec94832bfa9c5c5d78a  0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch
>> +sha256  7f40cfec5faf5e927ea9028ab9392cd118685bde7229ad24210caf0a8f6e9611  0001-P2P-Fix-a-corner-case-in-peer-addition-based-on-PD-R.patch
>>  sha256  9da5dd0776da266b180b915e460ff75c6ff729aca1196ab396529510f24f3761  README
>> diff --git a/package/hostapd/hostapd.mk b/package/hostapd/hostapd.mk
>> index 8eff92eb1e..8820254f89 100644
>> --- a/package/hostapd/hostapd.mk
>> +++ b/package/hostapd/hostapd.mk
>> @@ -11,7 +11,8 @@ HOSTAPD_CONFIG = $(HOSTAPD_DIR)/$(HOSTAPD_SUBDIR)/.config
>>  HOSTAPD_PATCH = \
>>  	https://w1.fi/security/2020-1/0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch \
>>  	https://w1.fi/security/2020-1/0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch \
>> -	https://w1.fi/security/2020-1/0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch
>> +	https://w1.fi/security/2020-1/0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch \
>> +	https://w1.fi/security/2021-1/0001-P2P-Fix-a-corner-case-in-peer-addition-based-on-PD-R.patch
>>  HOSTAPD_DEPENDENCIES = host-pkgconf
>>  HOSTAPD_CFLAGS = $(TARGET_CFLAGS)
>>  HOSTAPD_LICENSE = BSD-3-Clause
>> @@ -26,6 +27,9 @@ HOSTAPD_IGNORE_CVES += CVE-2020-12695
>>  # 0002-ASN.1-Validate-DigestAlgorithmIdentifier-parameters.patch
>>  HOSTAPD_IGNORE_CVES += CVE-2021-30004
>>  
>> +# 0001-P2P-Fix-a-corner-case-in-peer-addition-based-on-PD-R.patch
>> +HOSTAPD_IGNORE_CVES += CVE-2021-27803
>> +
>>  HOSTAPD_CPE_ID_VENDOR = w1.fi
>>  HOSTAPD_CONFIG_SET =
>>  
>> -- 
>> 2.17.1
>>
>> _______________________________________________
>> buildroot mailing list
>> buildroot at busybox.net
>> http://lists.busybox.net/mailman/listinfo/buildroot
> 

^ permalink raw reply	[flat|nested] 6+ messages in thread

* [Buildroot] [PATCH] package/hostapd: add upstream patch to fix CVE-2021-27803
  2021-06-01 21:06   ` Arnout Vandecappelle
@ 2021-06-06  7:09     ` Peter Korsgaard
  2021-06-10 20:14       ` [Buildroot] [External] " Voss, Samuel M Collins
  0 siblings, 1 reply; 6+ messages in thread
From: Peter Korsgaard @ 2021-06-06  7:09 UTC (permalink / raw)
  To: buildroot

>>>>> "Arnout" == Arnout Vandecappelle <arnout@mind.be> writes:

Hi,

 >> Could you look at providing a patch to wpa_supplicant for
 >> CVE-2021-27803, please?

 >  Peter already applied it in 9ada4eb2f1c3d67ee49f6f5466738bcd821fc647, at the
 > time there was no CVE yet. Fabrice later added the exception for CVE-2021-27803
 > in 1a7cf592a834357c5777e452f0b7ab7652e7d389.

Indeed. I did not add it to hostapd at the time, as the issue (to my
reading at least) is specific to wpa_supplicant.

Why are we adding it to hostapd here? Just for consistency?

-- 
Bye, Peter Korsgaard

^ permalink raw reply	[flat|nested] 6+ messages in thread

* [Buildroot] [External] Re: [PATCH] package/hostapd: add upstream patch to fix CVE-2021-27803
  2021-06-06  7:09     ` Peter Korsgaard
@ 2021-06-10 20:14       ` Voss, Samuel M Collins
  0 siblings, 0 replies; 6+ messages in thread
From: Voss, Samuel M Collins @ 2021-06-10 20:14 UTC (permalink / raw)
  To: buildroot

Hi Peter,

>-----Original Message-----
>From: Peter Korsgaard <jacmet@gmail.com> On Behalf Of Peter Korsgaard
>Sent: Sunday, June 06, 2021 2:10 AM
>To: Arnout Vandecappelle <arnout@mind.be>
>Cc: Yann E. MORIN <yann.morin.1998@free.fr>; Voss, Samuel M Collins <sam.voss@collins.com>; Weber, Matthew L Collins <Matthew.Weber@collins.com>; Sergey Matyukevich <geomatsi@gmail.com>; buildroot at buildroot.org
>Subject: [External] Re: [PATCH] package/hostapd: add upstream patch to fix CVE-2021-27803
>
>>>>>> "Arnout" == Arnout Vandecappelle <arnout@mind.be> writes:
>
>Hi,
>
> >> Could you look at providing a patch to wpa_supplicant for  >> CVE-2021-27803, please?
>
> >  Peter already applied it in 9ada4eb2f1c3d67ee49f6f5466738bcd821fc647, at the  > time there was no CVE yet. Fabrice later added the exception for CVE-2021-27803  > in 1a7cf592a834357c5777e452f0b7ab7652e7d389.
>
>Indeed. I did not add it to hostapd at the time, as the issue (to my reading at least) is specific to wpa_supplicant.
>
>Why are we adding it to hostapd here? Just for consistency?

Ultimately it was added because it was identified as a CVE against this version of the package, and a patch was available for it. It came up during CVE discovery on one of our products so I sent the patch accordingly.

I didn't personally take the onus to establish whether it was exploitable, just that it was reported as vulnerable.

Sam

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2021-06-10 20:14 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-06-01 18:09 [Buildroot] [PATCH] package/hostapd: add upstream patch to fix CVE-2021-27803 Sam Voss
2021-06-01 19:43 ` Arnout Vandecappelle
2021-06-01 20:00 ` Yann E. MORIN
2021-06-01 21:06   ` Arnout Vandecappelle
2021-06-06  7:09     ` Peter Korsgaard
2021-06-10 20:14       ` [Buildroot] [External] " Voss, Samuel M Collins

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.