lp:~snappy-hwe-team/snappy-hwe-snaps/+git/wpa-supplicant

Author: System Enablement CI Bot
Author Date: 2019-07-08 15:57:10 UTC

Open development for 2.4.5-dev

Author: System Enablement CI Bot
Author Date: 2019-07-08 15:40:41 UTC

Merge branch 'master' into stable

Author: System Enablement CI Bot
Author Date: 2019-06-24 07:04:27 UTC

Merge remote tracking branch 2.4-cve-updates

Merge-Proposal: https://code.launchpad.net/~awe/snappy-hwe-snaps/+git/wpa-supplicant/+merge/369190

Author: Tony Espy <(unknown e-mail)>

This merge proposal brings the wpa-supplicant snap up-to-date with respect to CVEs as compared to the latest Debian package in xenial-updates and xenial-security (2.4-0ubuntu6.5).

Note I skipped the patches from /2017-1/, as these were the Krack attack patches and they'd been merged directly from upstream instead of being pulled from 2.4-0ubuntu6.2. I did not verify that the krack fixes that
landed in this tree *exactly* matched the patches from 2.4-0ubuntu6.2 though. I tried to apply the first patch in the directory /debian/patches/2017-1/ and it failed to apply, so I assumed all of those patches had been applied.

Finally there are two commits in this merge proposal which apply on to EAP server, however as later patches included changes to the client and the server, it was just easier to leave these server-only patches in the sequence.